Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-27408 (GCVE-0-2024-27408)
Vulnerability from cvelistv5
Published
2024-05-17 11:50
Modified
2025-05-04 09:04
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
The Linked list element and pointer are not stored in the same memory as
the eDMA controller register. If the doorbell register is toggled before
the full write of the linked list a race condition error will occur.
In remote setup we can only use a readl to the memory to assure the full
write has occurred.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-27408",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-21T16:00:32.783313Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:46:41.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T00:34:52.272Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a"
},
{
"tags": [
"x_transferred"
],
"url": "https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/dma/dw-edma/dw-edma-v0-core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3",
"status": "affected",
"version": "7e4b8a4fbe2cecab0959e862604803d063f50029",
"versionType": "git"
},
{
"lessThan": "f396b4df27cfe01a99f4b41f584c49e56477be3a",
"status": "affected",
"version": "7e4b8a4fbe2cecab0959e862604803d063f50029",
"versionType": "git"
},
{
"lessThan": "bbcc1c83f343e580c3aa1f2a8593343bf7b55bba",
"status": "affected",
"version": "7e4b8a4fbe2cecab0959e862604803d063f50029",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/dma/dw-edma/dw-edma-v0-core.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "5.3"
},
{
"lessThan": "5.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.21",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.7.*",
"status": "unaffected",
"version": "6.7.9",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.8",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.21",
"versionStartIncluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.7.9",
"versionStartIncluding": "5.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.8",
"versionStartIncluding": "5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup\n\nThe Linked list element and pointer are not stored in the same memory as\nthe eDMA controller register. If the doorbell register is toggled before\nthe full write of the linked list a race condition error will occur.\nIn remote setup we can only use a readl to the memory to assure the full\nwrite has occurred."
}
],
"providerMetadata": {
"dateUpdated": "2025-05-04T09:04:29.366Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3"
},
{
"url": "https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a"
},
{
"url": "https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba"
}
],
"title": "dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2024-27408",
"datePublished": "2024-05-17T11:50:36.208Z",
"dateReserved": "2024-02-25T13:47:42.682Z",
"dateUpdated": "2025-05-04T09:04:29.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-27408\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-17T12:15:11.223\",\"lastModified\":\"2024-11-21T09:04:33.527\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup\\n\\nThe Linked list element and pointer are not stored in the same memory as\\nthe eDMA controller register. If the doorbell register is toggled before\\nthe full write of the linked list a race condition error will occur.\\nIn remote setup we can only use a readl to the memory to assure the full\\nwrite has occurred.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: dmaengine: dw-edma: eDMA: A\u00f1adida lectura sincronizada antes de iniciar la transferencia DMA en la configuraci\u00f3n remota. El elemento de la lista vinculada y el puntero no se almacenan en la misma memoria que el registro del controlador eDMA. Si el registro del timbre se activa antes de la escritura completa de la lista vinculada, se producir\u00e1 un error de condici\u00f3n de ejecuci\u00f3n. En la configuraci\u00f3n remota, solo podemos usar una lectura en la memoria para asegurarnos de que se haya producido la escritura completa.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:34:52.272Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-27408\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-21T16:00:32.783313Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:25.225Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"7e4b8a4fbe2cecab0959e862604803d063f50029\", \"lessThan\": \"d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"7e4b8a4fbe2cecab0959e862604803d063f50029\", \"lessThan\": \"f396b4df27cfe01a99f4b41f584c49e56477be3a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"7e4b8a4fbe2cecab0959e862604803d063f50029\", \"lessThan\": \"bbcc1c83f343e580c3aa1f2a8593343bf7b55bba\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/dma/dw-edma/dw-edma-v0-core.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.3\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.3\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"6.6.21\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7.9\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/dma/dw-edma/dw-edma-v0-core.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3\"}, {\"url\": \"https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a\"}, {\"url\": \"https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\ndmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup\\n\\nThe Linked list element and pointer are not stored in the same memory as\\nthe eDMA controller register. If the doorbell register is toggled before\\nthe full write of the linked list a race condition error will occur.\\nIn remote setup we can only use a readl to the memory to assure the full\\nwrite has occurred.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.21\", \"versionStartIncluding\": \"5.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.7.9\", \"versionStartIncluding\": \"5.3\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.8\", \"versionStartIncluding\": \"5.3\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T09:04:29.366Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-27408\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T09:04:29.366Z\", \"dateReserved\": \"2024-02-25T13:47:42.682Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-17T11:50:36.208Z\", \"assignerShortName\": \"Linux\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
fkie_cve-2024-27408
Vulnerability from fkie_nvd
Published
2024-05-17 12:15
Modified
2024-11-21 09:04
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
The Linked list element and pointer are not stored in the same memory as
the eDMA controller register. If the doorbell register is toggled before
the full write of the linked list a race condition error will occur.
In remote setup we can only use a readl to the memory to assure the full
write has occurred.
References
| ▶ | URL | Tags | |
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3 | ||
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a |
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup\n\nThe Linked list element and pointer are not stored in the same memory as\nthe eDMA controller register. If the doorbell register is toggled before\nthe full write of the linked list a race condition error will occur.\nIn remote setup we can only use a readl to the memory to assure the full\nwrite has occurred."
},
{
"lang": "es",
"value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: dmaengine: dw-edma: eDMA: A\u00f1adida lectura sincronizada antes de iniciar la transferencia DMA en la configuraci\u00f3n remota. El elemento de la lista vinculada y el puntero no se almacenan en la misma memoria que el registro del controlador eDMA. Si el registro del timbre se activa antes de la escritura completa de la lista vinculada, se producir\u00e1 un error de condici\u00f3n de ejecuci\u00f3n. En la configuraci\u00f3n remota, solo podemos usar una lectura en la memoria para asegurarnos de que se haya producido la escritura completa."
}
],
"id": "CVE-2024-27408",
"lastModified": "2024-11-21T09:04:33.527",
"metrics": {},
"published": "2024-05-17T12:15:11.223",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
ghsa-p7vx-23x6-fwwc
Vulnerability from github
Published
2024-05-17 12:31
Modified
2024-05-17 12:31
VLAI Severity ?
Details
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup
The Linked list element and pointer are not stored in the same memory as the eDMA controller register. If the doorbell register is toggled before the full write of the linked list a race condition error will occur. In remote setup we can only use a readl to the memory to assure the full write has occurred.
{
"affected": [],
"aliases": [
"CVE-2024-27408"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-05-17T12:15:11Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup\n\nThe Linked list element and pointer are not stored in the same memory as\nthe eDMA controller register. If the doorbell register is toggled before\nthe full write of the linked list a race condition error will occur.\nIn remote setup we can only use a readl to the memory to assure the full\nwrite has occurred.",
"id": "GHSA-p7vx-23x6-fwwc",
"modified": "2024-05-17T12:31:00Z",
"published": "2024-05-17T12:31:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27408"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/bbcc1c83f343e580c3aa1f2a8593343bf7b55bba"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/d24fe6d5a1cfdddb7a9ef56736ec501c4d0a5fd3"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/f396b4df27cfe01a99f4b41f584c49e56477be3a"
}
],
"schema_version": "1.4.0",
"severity": []
}
suse-su-2025:20008-1
Vulnerability from csaf_suse
Published
2025-02-03 08:47
Modified
2025-02-03 08:47
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).
- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).
- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).
- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).
- CVE-2024-39276: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).
- CVE-2024-40925: block: fix request.queuelist usage in flush (bsc#1227789).
- CVE-2024-40998: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() (bsc#1227866).
- CVE-2024-39494: ima: Fix use-after-free on a dentry's dname.name (bsc#1227716).
- CVE-2024-39496: btrfs: zoned: fix use-after-free due to race with dev replace (bsc#1227719).
- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).
- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).
- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).
- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).
- CVE-2024-40975: platform/x86: x86-android-tablets: Unregister devices in reverse order (bsc#1227926).
- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).
- CVE-2024-40947: ima: Avoid blocking in RCU read-side critical section (bsc#1227803).
- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).
- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).
- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).
- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).
- CVE-2024-39504: netfilter: nft_inner: validate mandatory meta and payload (bsc#1227757).
- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).
- CVE-2024-40937: gve: Clear napi->skb before dev_kfree_skb_any() (bsc#1227836).
- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).
- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).
- CVE-2024-40928: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (bsc#1227788).
- CVE-2024-26944: btrfs: zoned: fix lock ordering in btrfs_zone_activate() (bsc#1223731).
- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).
- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).
- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).
- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)
- CVE-2024-35908: tls: get psock ref after taking rxlock to avoid leak (bsc#1224490)
- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)
- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)
- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)
- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).
- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).
- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).
- CVE-2024-27404: mptcp: fix data races on remote_id (bsc#1224422)
- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)
- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)
- CVE-2024-40948: mm/page_table_check: fix crash on ZONE_DEVICE (bsc#1227801).
- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).
- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).
- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).
- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).
- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.
- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).
- CVE-2024-27012: netfilter: nf_tables: restore set elements when delete set fails (bsc#1223804).
- CVE-2024-39498: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 (bsc#1227723)
- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).
- CVE-2024-27016: netfilter: flowtable: validate pppoe header (bsc#1223807).
- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)
- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)
- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)
- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).
- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).
- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).
- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).
- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).
- CVE-2024-27064: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain (bsc#1223740).
- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).
- CVE-2023-47210: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225601, bsc#1225600).
- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).
- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).
- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).
- CVE-2024-26826: mptcp: fix data re-injection from stale subflow (bsc#1223010).
- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).
- CVE-2024-35942: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain (bsc#1224589).
- CVE-2024-26691: KVM: arm64: Fix circular locking dependency (bsc#1222463).
- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744).
- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).
- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).
- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).
- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).
- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).
- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).
- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).
- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).
- CVE-2024-39474: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL (bsc#1227434).
- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).
- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).
- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).
- CVE-2024-36003: ice: fix LAG and VF lock dependency in ice_reset_vf() (bsc#1224544).
- CVE-2024-38604: block: refine the EOF check in blkdev_iomap_begin (bsc#1226866).
- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).
- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).
- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).
- CVE-2024-26623: pds_core: Prevent race issues involving the adminq (bsc#1221057).
- CVE-2024-26785: iommufd: Fix protection fault in iommufd_test_syz_conv_iova (bsc#1222779).
- CVE-2024-26734: devlink: fix possible use-after-free and memory leaks in devlink_init() (bsc#1222438).
- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).
- CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).
- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).
- CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).
- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).
- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).
- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).
- CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).
- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).
- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).
- CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).
- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).
- CVE-2024-35843: iommu/vt-d: Use device rbtree in iopf reporting path (bsc#1224751).
- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).
- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).
- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).
- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).
- CVE-2024-36281: net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules (bsc#1226799).
- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).
- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' (bsc#1226841).
- CVE-2024-38636: f2fs: multidev: fix to recognize valid zero block address (bsc#1226879).
- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).
- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).
- CVE-2024-38566: bpf: Fix verifier assumptions about socket->sk (bsc#1226790).
- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).
- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).
- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).
- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).
- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).
- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).
- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).
- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).
- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).
- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).
- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).
- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).
- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).
- CVE-2024-38569: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group (bsc#1226772).
- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).
- CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810).
- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).
- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).
- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).
- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).
- CVE-2024-27414: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (bsc#1224439).
- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).
- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).
- CVE-2024-36024: drm/amd/display: Disable idle reallow as part of command/gpint execution (bsc#1225702).
- CVE-2024-36903: ipv6: Fix potential uninit-value access in __ip6_make_skb() (bsc#1225741).
- CVE-2024-36914: drm/amd/display: Skip on writeback when it's not applicable (bsc#1225757).
- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).
- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).
- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).
- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).
- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).
- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).
- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).
- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).
- CVE-2024-36882: mm: use memalloc_nofs_save() in page_cache_ra_order() (bsc#1225723).
- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).
- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).
- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).
- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).
- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).
- CVE-2023-52786: ext4: fix racy may inline data check in dio write (bsc#1224939).
- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).
- CVE-2024-36935: ice: ensure the copied buf is NUL terminated (bsc#1225763).
- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).
- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).
- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).
- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).
- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).
- CVE-2024-35892: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() (bsc#1224515).
- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).
- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).
- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).
- CVE-2023-52735: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself (bsc#1225475).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35926: crypto: iaa - Fix async_disable descriptor leak (bsc#1224655).
- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).
- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).
- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).
- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).
- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).
- CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)
- CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)
- CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621)
- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
- CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).
- CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).
- CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224989).
- CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).
- CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).
- CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2024-35895: Fixed lock inversion deadlock in map delete elem (bsc#1224511).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
- CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).
- CVE-2024-27036: Fixed writeback data corruption (bsc#1223810).
- CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).
- CVE-2024-35931: Fixed PCI error slot reset during RAS recovery (bsc#1224652).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35880: io_uring/kbuf: hold io_buffer_list reference over mmap (bsc#1224523).
- CVE-2024-35831: io_uring: Fix release of pinned pages when __io_uaddr_map fails (bsc#1224698).
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
- CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race (bsc#1225007).
- CVE-2024-35827: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (bsc#1224606).
- CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).
- CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).
- CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).
- CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
- CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).
- CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)
- CVE-2024-27417: Fixed potential "struct net" leak in inet6_rtm_getaddr() (bsc#1224721)
- CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).
- CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).
- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type (bsc#1224442).
- CVE-2023-52699: sysv: don't call sb_bread() with pointers_lock held (bsc#1224659).
- CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).
- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
- CVE-2023-52483: mctp: perform route lookups under a RCU read-side lock (bsc#1220738).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-26632: Fixed iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).
- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
- CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).
- CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address (bsc#1223669).
- CVE-2024-26945: Fixed nr_cpus < nr_iaa case (bsc#1223732).
- CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)
- CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679).
- CVE-2024-26865: rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (bsc#1223062).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write error (bsc#1222532)
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-26991: Fixed overflow lpage_info when checking attributes (bsc#1223695).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2024-27022: Fixed linking file vma until vma is fully initialized (bsc#1223774).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition scan (bsc#1223045).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649 CVE-2024-26638).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).
- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).
- CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).
- CVE-2024-26832: Fixed missing folio cleanup in writeback race path (bsc#1223007).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2024-26844: Fixed WARNING in _copy_from_iter (bsc#1223015).
- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
- CVE-2024-26774: Fixed dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (bsc#1222622).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26815: Fixed improper TCA_TAPRIO_TC_ENTRY_INDEX check (bsc#1222635).
- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).
- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).
- CVE-2024-26731: Fixed NULL pointer dereference in sk_psock_verdict_data_ready() (bsc#1222371).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).
- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).
- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
- CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).
- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2023-52458: Fixed check that partition length needs to be aligned with block size (bsc#1220428).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
The following non-security bugs were fixed:
- 9p: add missing locking around taking dentry fid list (git-fixes)
- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).
- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).
- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).
- ACPI: EC: Abort address space access upon error (stable-fixes).
- ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).
- ACPI: EC: Evaluate orphan _REG under EC device (git-fixes).
- ACPI: EC: Install address space handler at the namespace root (stable-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).
- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).
- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).
- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).
- ACPI: x86: Add PNP_UART1_SKIP quirk for Lenovo Blade2 tablets (stable-fixes).
- ACPI: x86: Force StorageD3Enable on more products (stable-fixes).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).
- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).
- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: PCM: Allow resume only for suspended streams (stable-fixes).
- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
- ALSA: core: Remove debugfs at disconnection (git-fixes).
- ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).
- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).
- ALSA: emux: improve patch ioctl data validation (stable-fixes).
- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
- ALSA: hda/conexant: Mute speakers at suspend / shutdown (bsc#1228269).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
- ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (bsc#1228269).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).
- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).
- ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14AHP9 (stable-fixes).
- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ARP8 (stable-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).
- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).
- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).
- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).
- ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).
- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).
- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).
- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).
- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).
- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).
- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).
- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).
- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).
- ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).
- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).
- ALSA: hda/realtek: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).
- ALSA: hda/realtek: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).
- ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).
- ALSA: hda/realtek: cs35l41: Fixup remaining asus strix models (git-fixes).
- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).
- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).
- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).
- ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop (stable-fixes).
- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).
- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).
- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).
- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).
- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).
- ALSA: hda: clarify Copyright information (stable-fixes).
- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).
- ALSA: hda: cs35l41: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda: cs35l41: Fix swapped l/r audio channels for Lenovo ThinBook 13x Gen4 (git-fixes).
- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).
- ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() (git-fixes).
- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).
- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).
- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).
- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).
- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).
- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).
- ALSA: hda: cs35l56: Component should be unbound before deconstruction (git-fixes).
- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).
- ALSA: hda: cs35l56: Fix lifecycle of codec pointer (stable-fixes).
- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).
- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).
- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: hda: tas2781: Component should be unbound before deconstruction (git-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ALSA: seq: Do not clear bank selection at event -> UMP MIDI2 conversion (git-fixes).
- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).
- ALSA: seq: Fix missing MSB in MIDI2 SPP conversion (git-fixes).
- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).
- ALSA: seq: Fix missing channel at encoding RPN/NRPN MIDI2 messages (git-fixes).
- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).
- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).
- ALSA: seq: ump: Fix missing System Reset message handling (git-fixes).
- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).
- ALSA: seq: ump: Skip useless ports for static blocks (git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).
- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).
- ALSA: ump: Do not update FB name for static blocks (git-fixes).
- ALSA: ump: Force 1 Group for MIDI1 FBs (git-fixes).
- ALSA: ump: Set default protocol when not given explicitly (git-fixes).
- ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).
- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).
- ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).
- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).
- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).
- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).
- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).
- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).
- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).
- ASoC: Intel: avs: Set name of control as in topology (git-fixes).
- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).
- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).
- ASoC: Intel: common: add ACPI matching tables for Arrow Lake (stable-fixes).
- ASoC: Intel: sof-sdw: really remove FOUR_SPEAKER quirk (git-fixes).
- ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14 (stable-fixes).
- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0C0F (stable-fixes).
- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (git-fixes).
- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).
- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).
- ASoC: SOF: Intel: hda-pcm: Limit the maximum number of periods by MAX_BDL_ENTRIES (stable-fixes).
- ASoC: SOF: Intel: hda: fix null deref on system suspend entry (git-fixes).
- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).
- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).
- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).
- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).
- ASoC: SOF: imx8m: Fix DSP control regmap retrieval (git-fixes).
- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).
- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).
- ASoC: SOF: ipc4-topology: Preserve the DMA Link ID for ChainDMA on unprepare (git-fixes).
- ASoC: SOF: ipc4-topology: Use correct queue_id for requesting input pin format (stable-fixes).
- ASoC: SOF: pcm: Restrict DSP D0i3 during S0ix to IPC3 (stable-fixes).
- ASoC: SOF: sof-audio: Skip unprepare for in-use widgets on error rollback (stable-fixes).
- ASoC: TAS2781: Fix tasdev_load_calibrated_data() (git-fixes).
- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).
- ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).
- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).
- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).
- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M5602RA (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).
- ASoC: amd: yc: Revert "Fix non-functional mic on Lenovo 21J2" (stable-fixes).
- ASoC: amd: yc: Support mic on Lenovo Thinkpad E16 Gen 2 (bsc#1228269).
- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).
- ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config (git-fixes).
- ASoC: cs35l56: Accept values greater than 0 as IRQ numbers (git-fixes).
- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).
- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).
- ASoC: fsl-asoc-card: set priv->pdev before using it (git-fixes).
- ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).
- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
- ASoC: q6apm-lpass-dai: close graph on prepare errors (git-fixes).
- ASoC: qcom: Adjust issues in case of DT error in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix trcm mode by setting clock on right mclk (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt711-sdw: add missing readable registers (stable-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt715-sdca: volume step modification (git-fixes).
- ASoC: rt715: add vendor clear control register (git-fixes).
- ASoC: rt722-sdca-sdw: add debounce time for type detection (stable-fixes).
- ASoC: rt722-sdca-sdw: add silence detection register as volatile (stable-fixes).
- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).
- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
- ASoC: sof: amd: fix for firmware reload failure in Vangogh platform (git-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).
- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).
- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).
- ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).
- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).
- ASoC: topology: Do not assign fields that are already set (stable-fixes).
- ASoC: topology: Fix references to freed memory (stable-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).
- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).
- ASoc: tas2781: Enable RCA-based playback without DSP firmware download (git-fixes).
- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).
- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).
- Bluetooth: ISO: Check socket flag instead of hcon (git-fixes).
- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).
- Bluetooth: ISO: Fix BIS cleanup (stable-fixes).
- Bluetooth: Ignore too large handle values in BIG (git-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).
- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btintel: Refactor btintel_set_ppag() (git-fixes).
- Bluetooth: btnxpuart: Add handling for boot-signature timeout errors (git-fixes).
- Bluetooth: btnxpuart: Enable Power Save feature on startup (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).
- Bluetooth: hci_bcm4377: Fix msgid release (git-fixes).
- Bluetooth: hci_bcm4377: Use correct unit for timeouts (git-fixes).
- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).
- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: Fix setting of unicast qos interval (git-fixes).
- Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS (stable-fixes).
- Bluetooth: hci_event: Set QoS encryption from BIGInfo report (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).
- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).
- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).
- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
- Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: qca: fix device-address endianness (git-fixes).
- Bluetooth: qca: fix firmware check error path (git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
- Bluetooth: qca: set power_ctrl_enabled on NULL returned by gpiod_get_optional() (git-fixes).
- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).
- Edit "amdkfd: use calloc instead of kzalloc to avoid integer overflow" Reference CVE and bug numbers.
- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)
- Enable CONFIG_SCHED_CLUSTER=y on arm64 (jsc#PED-8701).
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_ECDSA.
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_RSA.
- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).
- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).
- HID: Add quirk for Logitech Casa touchpad (stable-fixes).
- HID: Ignore battery for ELAN touchscreens 2F2C and 4116 (stable-fixes).
- HID: amd_sfh: Handle "no sensors" in PM operations (git-fixes).
- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).
- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).
- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled (stable-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).
- HID: wacom: Modify pen IDs (git-fixes).
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- Input: ads7846 - use spi_device_id table (stable-fixes).
- Input: allocate keycode for Display refresh rate toggle (stable-fixes).
- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
- Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).
- Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).
- Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).
- Input: i8042 - add Ayaneo Kun to i8042 quirk table (stable-fixes).
- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).
- Input: imagis - use FIELD_GET where applicable (stable-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
- Input: qt1050 - handle CHIP_ID reading error (git-fixes).
- Input: silead - Always support 10 fingers (stable-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails (stable-fixes).
- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).
- Input: xpad - add support for ASUS ROG RAIKIRI (git-fixes).
- Input: xpad - add support for ASUS ROG RAIKIRI PRO (stable-fixes).
- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- KVM: SEV-ES: Delegate LBR virtualization to the processor (git-fixes).
- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (git-fixes).
- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (git-fixes).
- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).
- KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (git-fixes).
- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).
- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- KVM: arm64: Use local TLBI on permission relaxation (bsc#1219478).
- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).
- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).
- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).
- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).
- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).
- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).
- KVM: x86/pmu: Apply "fast" RDPMC only to Intel PMUs (git-fixes).
- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).
- KVM: x86/pmu: Disallow "fast" RDPMC for architectural Intel PMUs (git-fixes).
- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).
- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).
- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (bsc#1226158).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).
- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at "RESET" (git-fixes).
- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).
- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).
- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).
- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).
- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).
- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).
- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).
- KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).
- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).
- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).
- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).
- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).
- KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP (git-fixes).
- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).
- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).
- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).
- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).
- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (git-fixes).
- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).
- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).
- NFSD: Fix checksum mismatches in the duplicate reply cache (git-fixes).
- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- NFSv4.1 enforce rootpath check in fs_location query (git-fixes).
- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362).
- NFSv4: Fixup smatch warning for ambiguous return (git-fixes).
- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).
- PCI/AER: Block runtime suspend when handling errors (stable-fixes).
- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).
- PCI/DPC: Use FIELD_GET() (stable-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/MSI: Fix UAF in msi_capability_init (git-fixes).
- PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).
- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).
- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)
- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).
- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).
- PCI: Do not wait for disconnected devices when resuming (git-fixes).
- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).
- PCI: Extend ACS configurability (bsc#1228090).
- PCI: Fix resource double counting on remove & rescan (git-fixes).
- PCI: Fix typos in docs and comments (stable-fixes).
- PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).
- PCI: dw-rockchip: Fix initial PERST# GPIO value (git-fixes).
- PCI: dwc: Fix index 0 incorrectly being interpreted as a free ATU slot (git-fixes).
- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
- PCI: endpoint: Clean up error handling in vpci_scan_bus() (git-fixes).
- PCI: endpoint: Fix error handling in epf_ntb_epc_cleanup() (git-fixes).
- PCI: endpoint: pci-epf-test: Make use of cached 'epc_features' in pci_epf_test_core_init() (git-fixes).
- PCI: hv: Fix ring buffer size calculation (git-fixes).
- PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).
- PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes).
- PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).
- PCI: qcom-ep: Disable resources unconditionally during PERST# assert (git-fixes).
- PCI: qcom: Add support for sa8775p SoC (git-fixes).
- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).
- PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).
- PCI: switchtec: Use normal comment style (stable-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).
- PCI: vmd: Create domain symlink before pci_bus_add_devices() (bsc#1227363).
- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).
- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).
- Port "certs: Add ECDSA signature verification self-test".
- Port "certs: Move RSA self-test data to separate file".
- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).
- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- RDMA/bnxt_re: Fix the max msix vectors macro (git-fixes)
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).
- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)
- RDMA/mlx5: Ensure created mkeys always have a populated rb_key (git-fixes)
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- RDMA/mlx5: Fix unwind flow as part of mlx5_ib_stage_init_init (git-fixes)
- RDMA/mlx5: Follow rb_key.ats when creating new mkeys (git-fixes)
- RDMA/mlx5: Remove extra unlock on error path (git-fixes)
- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)
- RDMA/restrack: Fix potential invalid address access (git-fixes)
- RDMA/rxe: Allow good work requests to be executed (git-fixes)
- RDMA/rxe: Fix data copy for IB_SEND_INLINE (git-fixes)
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- RDMA/rxe: Fix responder length checking for UD request packets (git-fixes)
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- RDMA/rxe: Fix the problem "mutex_destroy missing" (git-fixes)
- Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
- Refresh kabi workaround ath updates (bsc#1227149#)
- Refresh the previous ASoC patch, landed in subsystem tree (bsc#1228269)
- Remove NTFSv3 from configs (bsc#1224429)
- SEV: disable SEV-ES DebugSwap by default (git-fixes).
- SUNRPC: Fix gss_free_in_token_pages() (git-fixes).
- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).
- SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).
- Temporarily drop KVM patch that caused a regression (bsc#1226158)
- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).
- USB: core: Add hub_get() and hub_put() routines (stable-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix deadlock in port "disable" sysfs attribute (stable-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
- USB: serial: mos7840: fix crash on resume (git-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Fibocom FM350-GL (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
- USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add Rolling RW350-GL variants (stable-fixes).
- USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: add Telit generic core-dump composition (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: add support for Foxconn T99W651 (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).
- Update ath11k suspend patches from the latest subsystem tree (bsc#1207948).
- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
- Workaround broken chacha crypto fallback (bsc#1218205).
- X.509: Fix the parser of extended key usage for length (bsc#1218820).
- accel/ivpu: Fix deadlock in context_xa (git-fixes).
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).
- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).
- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).
- arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)
- arm64/io: add constant-argument check (bsc#1226502 git-fixes)
- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)
- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)
- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184).
- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).
- arm64: bpf: fix 32bit unconditional bswap (git-fixes).
- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- arm64: dts: freescale: imx8mm-verdin: enable hysteresis on slow input (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)
- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)
- arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)
- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx93-11x11-evk: Remove the 'no-sdio' property (git-fixes)
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add mdio and ethernet-phy nodes to (git-fixes)
- arm64: dts: rockchip: Add missing power-domains for rk356x vop_mmu (git-fixes)
- arm64: dts: rockchip: Add pinctrl for UART0 to rk3308-rock-pi-s (git-fixes)
- arm64: dts: rockchip: Add sdmmc related properties on (git-fixes)
- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)
- arm64: dts: rockchip: Drop invalid mic-in-differential on (git-fixes)
- arm64: dts: rockchip: Fix SD NAND and eMMC init on rk3308-rock-pi-s (git-fixes)
- arm64: dts: rockchip: Fix mic-in-differential usage on (git-fixes)
- arm64: dts: rockchip: Fix mic-in-differential usage on rk3566-roc-pc (git-fixes)
- arm64: dts: rockchip: Fix the DCDC_REG2 minimum voltage on Quartz64 (git-fixes)
- arm64: dts: rockchip: Fix the value of `dlg,jack-det-rate` mismatch (git-fixes)
- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: Rename LED related pinctrl nodes on (git-fixes)
- arm64: dts: rockchip: Update WIFi/BT related nodes on (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)
- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8688).
- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8688).
- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8688).
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)
- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)
- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)
- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).
- ata,scsi: libata-core: Do not leak memory for ata_port struct members (git-fixes).
- ata: ahci: Clean up sysfs file on error (git-fixes).
- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).
- ata: libata-core: Fix double free on error (git-fixes).
- ata: libata-core: Fix null pointer dereference on error (git-fixes).
- ata: libata-scsi: Fix offsets for the fixed format sense data (git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
- auxdisplay: ht16k33: Drop reference after LED registration (git-fixes).
- ax25: Fix netdev refcount issue (git-fixes).
- ax25: Fix refcount imbalance on inbound connections (git-fixes).
- ax25: Fix reference count leak issue of net_device (git-fixes).
- ax25: Fix reference count leak issues of ax25_dev (git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).
- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).
- bitops: add missing prototype check (git-fixes).
- blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (bsc#1225605).
- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).
- block: Move checking GENHD_FL_NO_PART to bdev_add_partition() (bsc#1226213).
- block: fix q->blkg_list corruption during disk rebind (bsc#1223591).
- bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX (git-fixes).
- bnx2x: Fix firmware version string character counts (git-fixes).
- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).
- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).
- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).
- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).
- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).
- bpf, arm64: Fix incorrect runtime stats (git-fixes)
- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)
- bpf, scripts: Correct GPL license name (git-fixes).
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
- bpf: check bpf_func_state->callback_depth when pruning states (bsc#1225903).
- bpf: correct loop detection for iterators convergence (bsc#1225903).
- bpf: exact states comparison for iterator convergence checks (bsc#1225903).
- bpf: extract __check_reg_arg() utility function (bsc#1225903).
- bpf: extract same_callsites() as utility function (bsc#1225903).
- bpf: extract setup_func_entry() utility function (bsc#1225903).
- bpf: fix precision backtracking instruction iteration (bsc#1225756).
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).
- bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).
- bpf: print full verifier states on infinite loop detection (bsc#1225903).
- bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).
- bpf: widening for callback iterators (bsc#1225903).
- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)
- btrfs: add and use helper to check if block group is used (bsc#1220120).
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).
- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).
- btrfs: always clear PERTRANS metadata during commit (git-fixes)
- btrfs: always print transaction aborted messages with an error level (git-fixes)
- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).
- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).
- btrfs: assert delayed node locked when removing delayed item (git-fixes)
- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).
- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).
- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).
- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).
- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)
- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)
- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)
- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)
- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)
- btrfs: do not arbitrarily slow down delalloc if we're committing (git-fixes)
- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).
- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).
- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)
- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).
- btrfs: do not warn if discard range is not aligned to sector (git-fixes)
- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).
- btrfs: error out when COWing block using a stale transaction (git-fixes)
- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)
- btrfs: error when COWing block from a root that is being deleted (git-fixes)
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).
- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)
- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)
- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)
- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).
- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).
- btrfs: fix race when refilling delayed refs block reserve (git-fixes)
- btrfs: fix start transaction qgroup rsv double free (git-fixes)
- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).
- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes)
- btrfs: free qgroup rsv on io failure (git-fixes)
- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)
- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)
- btrfs: initialize key where it's used when running delayed data ref (bsc#1220120).
- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).
- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).
- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).
- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).
- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).
- btrfs: make error messages more clear when getting a chunk map (git-fixes)
- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).
- btrfs: make find_free_dev_extent() static (bsc#1220120).
- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).
- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).
- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).
- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).
- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)
- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).
- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)
- btrfs: print available space across all block groups when dumping space info (bsc#1220120).
- btrfs: print available space for a block group when dumping a space info (bsc#1220120).
- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).
- btrfs: print target number of bytes when dumping free space (bsc#1220120).
- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).
- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)
- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)
- btrfs: remove pointless 'ref_root' variable from run_delayed_data_ref() (bsc#1220120).
- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).
- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).
- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).
- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).
- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).
- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).
- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).
- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).
- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)
- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)
- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).
- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).
- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)
- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).
- btrfs: store the error that turned the fs into error state (bsc#1220120).
- btrfs: sysfs: validate scrub_speed_max value (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).
- btrfs: update documentation for add_new_free_space() (bsc#1220120).
- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).
- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).
- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).
- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).
- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)
- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)
- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).
- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).
- bus: mhi: host: allow MHI client drivers to provide the firmware via a pointer (bsc#1227149).
- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).
- cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).
- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).
- can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).
- can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).
- can: mcp251xfd: fix infinite loop when xmit fails (git-fixes).
- cdrom: rearrange last_media_change check to avoid unintentional overflow (stable-fixes).
- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).
- ceph: always check dir caps asynchronously (bsc#1226022).
- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).
- ceph: break the check delayed cap loop every 5s (bsc#1226022).
- ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228417).
- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).
- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).
- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).
- certs: Add ECDSA signature verification self-test (bsc#1222777).
- certs: Move RSA self-test data to separate file (bsc#1222777).
- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes).
- checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).
- cifs: Add a laundromat thread for cached directories (git-fixes, bsc#1225172).
- cifs: Do not use certain unnecessary folio_*() functions (bsc#1225172).
- cifs: account for primary channel in the interface list (bsc#1225172).
- cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1225172).
- cifs: distribute channels across interfaces based on speed (bsc#1225172).
- cifs: do not pass cifs_sb when trying to add channels (bsc#1225172).
- cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1225172).
- cifs: fix charset issue in reconnection (bsc#1225172).
- cifs: fix leak of iface for primary channel (git-fixes, bsc#1225172).
- cifs: handle cases where a channel is closed (bsc#1225172).
- cifs: handle cases where multiple sessions share connection (bsc#1225172).
- cifs: reconnect work should have reference on server struct (bsc#1225172).
- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Get runtime PM before walking tree for clk_summary (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
- clk: Show active consumers of clocks in debugfs (stable-fixes).
- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (git-fixes).
- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).
- clk: mediatek: mt8183: Only enable runtime PM on mt8183-mfgcfg (git-fixes).
- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).
- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).
- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).
- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).
- clk: qcom: clk-alpha-pll: set ALPHA_EN bit for Stromer Plus PLLs (git-fixes).
- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).
- clk: qcom: gcc-sm6350: Fix gpll6* & gpll7 parents (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).
- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).
- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).
- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).
- clk: rs9: fix wrong default value for clock amplitude (git-fixes).
- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).
- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).
- clkdev: Update clkdev id usage to allow for longer names (stable-fixes).
- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).
- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- config/arm64: Enable CoreSight PMU drivers (bsc#1228289 jsc#PED-7859)
- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)
- coresight: trbe: Allocate platform data per device (bsc#1220587)
- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)
- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).
- counter: ti-eqep: enable clock at probe (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- cpufreq/amd-pstate: Fix the scaling_max_freq setting on shared memory CPPC systems (git-fixes).
- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).
- cpufreq: amd-pstate: fix memory leak on CPU EPP exit (stable-fixes).
- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).
- cpufreq: exit() callback is optional (git-fixes).
- cpufreq: ti-cpufreq: Handle deferred probe with dev_err_probe() (git-fixes).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- crypto/ecdh: make ecdh_compute_value() to zeroize the public key (bsc#1222768).
- crypto/ecdsa: make ecdsa_ecc_ctx_deinit() to zeroize the public key (bsc#1222768).
- crypto: aead,cipher - zeroize key buffer after use (stable-fixes).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).
- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).
- crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked (git-fixes).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: deflate - Add aliases to deflate (bsc#1227190).
- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).
- crypto: ecdh - explicitly zeroize private_key (stable-fixes).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- crypto: ecdsa - Fix the public key format description (git-fixes).
- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).
- crypto: hisilicon/debugfs - Fix debugfs uninit process issue (stable-fixes).
- crypto: hisilicon/qm - Add the err memory release process to qm uninit (stable-fixes).
- crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).
- crypto: iaa - Account for cpu-less numa nodes (bsc#1227190).
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).
- crypto: qat - extend scope of lock in adf_cfg_add_key_value_param() (git-fixes).
- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).
- crypto: qat - improve error logging to be consistent across features (git-fixes).
- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).
- crypto: qat - specify firmware files for 402xx (git-fixes).
- crypto: rsa - add a check for allocation failure (bsc#1222775).
- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).
- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).
- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).
- cxl/region: Fix cxlr_pmem leaks (git-fixes).
- cxl/region: Fix memregion leaks in devm_cxl_add_region() (git-fixes).
- cxl/test: Add missing vmalloc.h for tools/testing/cxl/test/mem.c (git-fixes).
- cxl/trace: Correct DPA field masks for general_media & dram events (git-fixes).
- cxl/trace: Properly initialize cxl_poison region name (git-fixes).
- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).
- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).
- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).
- decompress_bunzip2: fix rare decompression failure (git-fixes).
- device-dax: make dax_bus_type const (jsc#PED-5853).
- devres: Fix devm_krealloc() wasting memory (git-fixes).
- devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).
- dlm: fix user space lkb refcounting (git-fixes).
- dlm: fix user space lock decision to copy lvb (git-fixes).
- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).
- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).
- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).
- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
- dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape (bsc#1219596)
- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).
- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).
- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).
- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).
- dma-mapping: benchmark: fix node id validation (git-fixes).
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).
- dma: fix call order in dmam_free_coherent (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).
- dmaengine: ioatdma: Fix error path in ioat3_dma_probe() (git-fixes).
- dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe() (git-fixes).
- dmaengine: ioatdma: Fix leaking on version mismatch (git-fixes).
- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- dmaengine: ti: k3-udma: Fix BCHAN count with UHC and HC channels (git-fixes).
- docs: Restore "smart quotes" for quotes (stable-fixes).
- docs: crypto: async-tx-api: fix broken code example (git-fixes).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).
- dpll: spec: use proper enum for pin capabilities attribute (git-fixes).
- driver core: Introduce device_link_wait_removal() (stable-fixes).
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- drivers/xen: Improve the late XenStore init protocol (git-fixes).
- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).
- drivers: soc: xilinx: check return status of get_api_version() (git-fixes).
- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).
- drm/amd/amdgpu: Fix uninitialized variable warnings (git-fixes).
- drm/amd/display: ASSERT when failing to find index by plane/stream id (stable-fixes).
- drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).
- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).
- drm/amd/display: Add dml2 copy functions (stable-fixes).
- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).
- drm/amd/display: Add refresh rate range check (stable-fixes).
- drm/amd/display: Allocate zero bw after bw alloc enable (stable-fixes).
- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).
- drm/amd/display: Check index msg_id before read or write (stable-fixes).
- drm/amd/display: Check pipe offset before setting vblank (stable-fixes).
- drm/amd/display: Disable seamless boot on 128b/132b encoding (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).
- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/display: Fix DC mode screen flickering on DCN321 (stable-fixes).
- drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport (stable-fixes).
- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).
- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).
- drm/amd/display: Fix overlapping copy within dml_core_mode_programming (stable-fixes).
- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
- drm/amd/display: Fix refresh rate range for some panel (stable-fixes).
- drm/amd/display: Fix uninitialized variables in DM (stable-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).
- drm/amd/display: Move 'struct scaler_data' off stack (git-fixes).
- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).
- drm/amd/display: Prevent crash when disable stream (stable-fixes).
- drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4 (stable-fixes).
- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).
- drm/amd/display: Remove pixle rate limit for subvp (stable-fixes).
- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).
- drm/amd/display: Return the correct HDCP error code (stable-fixes).
- drm/amd/display: Revert Remove pixle rate limit for subvp (stable-fixes).
- drm/amd/display: Send DP_TOTAL_LTTPR_CNT during detection if LTTPR is present (stable-fixes).
- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).
- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).
- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).
- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).
- drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).
- drm/amd/display: Skip pipe if the pipe idx not set properly (stable-fixes).
- drm/amd/display: Update efficiency bandwidth for dcn351 (stable-fixes).
- drm/amd/display: Update odm when ODM combine is changed on an otg master pipe with no plane (stable-fixes).
- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).
- drm/amd/display: Workaround register access in idle race with cursor (stable-fixes).
- drm/amd/display: change dram_clock_latency to 34us for dcn35 (stable-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
- drm/amd/display: fix input states translation error for dcn35 & dcn351 (stable-fixes).
- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).
- drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).
- drm/amd/pm: Restore config space after reset (stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
- drm/amd/pm: remove logically dead code for renoir (git-fixes).
- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).
- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).
- drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).
- drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).
- drm/amdgpu/display: Address kdoc for 'is_psr_su' in 'fill_dc_dirty_rects' (git-fixes).
- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).
- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).
- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).
- drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes).
- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).
- drm/amdgpu: Fix VRAM memory accounting (stable-fixes).
- drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() (git-fixes).
- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: Fix memory range calculation (git-fixes).
- drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).
- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).
- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).
- drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).
- drm/amdgpu: Indicate CU havest info to CP (stable-fixes).
- drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: Update BO eviction priorities (stable-fixes).
- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (stable-fixes).
- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
- drm/amdgpu: avoid using null object of framebuffer (stable-fixes).
- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).
- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).
- drm/amdgpu: fix doorbell regression (git-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
- drm/amdgpu: fix locking scope when flushing tlb (stable-fixes).
- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).
- drm/amdgpu: fix the warning about the expression (int)size - len (stable-fixes).
- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).
- drm/amdgpu: fix use-after-free bug (stable-fixes).
- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).
- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).
- drm/amdgpu: init microcode chip name from ip versions (stable-fixes).
- drm/amdgpu: make damage clips support configurable (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu: remove invalid resource->start check v2 (git-fixes).
- drm/amdgpu: silence UBSAN warning (stable-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
- drm/amdkfd: Add VRAM accounting for SVM migration (stable-fixes).
- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).
- drm/amdkfd: Fix CU Masking for GFX 9.4.3 (git-fixes).
- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).
- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).
- drm/amdkfd: Let VRAM allocations go to GTT domain on small APUs (stable-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).
- drm/arm/komeda: Fix komeda probe failing if there are no links in the secondary pipeline (git-fixes).
- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).
- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).
- drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: anx7625: Update audio status while detecting (git-fixes).
- drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: it6505: fix hibernate to resume no display issue (git-fixes).
- drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611uxc: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: samsung-dsim: Set P divider based on min/max of fin pll (git-fixes).
- drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
- drm/buddy: check range allocation matches alignment (stable-fixes).
- drm/ci: update device type for volteer devices (git-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
- drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).
- drm/drm_file: Fix pid refcounting race (git-fixes).
- drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).
- drm/etnaviv: fix tx clock gating on some GC7000 variants (stable-fixes).
- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).
- drm/exynos: do not return negative values from .get_modes() (stable-fixes).
- drm/exynos: dp: drop driver owner initialization (stable-fixes).
- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).
- drm/fbdev-dma: Fix framebuffer mode for big endian devices (git-fixes).
- drm/fbdev-dma: Only set smem_start is enable per module option (git-fixes).
- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).
- drm/fbdev-generic: Fix framebuffer on big endian devices (git-fixes).
- drm/gma500: Remove lid code (git-fixes).
- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).
- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).
- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).
- drm/i915/dp: Do not switch the LTTPR mode on an active link (git-fixes).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (git-fixes).
- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).
- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).
- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).
- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).
- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).
- drm/i915/gt: Fix CCS id's calculation for CCS mode setting (git-fixes).
- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).
- drm/i915/hwmon: Get rid of devm (stable-fixes).
- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).
- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).
- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).
- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).
- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).
- drm/i915/mtl: Update workaround 14018575942 (git-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915/vrr: Generate VRR "safe window" for DSB (git-fixes).
- drm/i915: Disable live M/N updates when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).
- drm/i915: Fix audio component initialization (git-fixes).
- drm/i915: Include the PLL name in the debug messages (stable-fixes).
- drm/i915: Pre-populate the cursor physical dma address (git-fixes).
- drm/i915: Replace a memset() with zero initialization (stable-fixes).
- drm/i915: Stop printing pipe name as hex (stable-fixes).
- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).
- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).
- drm/i915: Use named initializers for DPLL info (stable-fixes).
- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).
- drm/komeda: check for error-valued pointer (git-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
- drm/lima: Mark simple_ondemand governor as softdep (git-fixes).
- drm/lima: add mask irq callback to gp and pp (stable-fixes).
- drm/lima: fix shared irq handling on driver remove (stable-fixes).
- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/mediatek: Add DRM_MODE_ROTATE_0 to rotation property (git-fixes).
- drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).
- drm/mediatek: Add missing plane settings when async update (git-fixes).
- drm/mediatek: Call drm_atomic_helper_shutdown() at shutdown time (stable-fixes).
- drm/mediatek: Fix XRGB setting error in Mixer (git-fixes).
- drm/mediatek: Fix XRGB setting error in OVL (git-fixes).
- drm/mediatek: Fix bit depth overwritten for mtk_ovl_set bit_depth() (git-fixes).
- drm/mediatek: Fix destination alpha error in OVL (git-fixes).
- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).
- drm/mediatek: Remove less-than-zero comparison of an unsigned value (git-fixes).
- drm/mediatek: Set DRM mode configs accordingly (git-fixes).
- drm/mediatek: Support DRM plane alpha in Mixer (git-fixes).
- drm/mediatek: Support DRM plane alpha in OVL (git-fixes).
- drm/mediatek: Support RGBA8888 and RGBX8888 in OVL on MT8195 (git-fixes).
- drm/mediatek: Turn off the layers with zero width or height (git-fixes).
- drm/mediatek: Use 8-bit alpha in ETHDR (git-fixes).
- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/meson: fix canvas release in bind function (git-fixes).
- drm/meson: gate px_clk when setting rate (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
- drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).
- drm/mgag200: Set DDC timeout in milliseconds (git-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).
- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_generic_write_seq() (git-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).
- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).
- drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).
- drm/msm/dpu: fix encoder irq wait skip (git-fixes).
- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).
- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
- drm/msm/dsi: set VIDEO_COMPRESSION_MODE_CTRL_WC (git-fixes).
- drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).
- drm/msm: Add newlines to some debug prints (git-fixes).
- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).
- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).
- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).
- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).
- drm/nouveau: do not attempt to schedule hpd_work on headless cards (git-fixes).
- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).
- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).
- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).
- drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).
- drm/panel: himax-hx8394: Handle errors from mipi_dsi_dcs_set_display_on() better (git-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).
- drm/panel: ilitek-ili9882t: Check for errors on the NOP in prepare() (git-fixes).
- drm/panel: ilitek-ili9882t: If prepare fails, disable GPIO before regulators (git-fixes).
- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).
- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).
- drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).
- drm/panel: sitronix-st7789v: Add check for of_drm_get_panel_orientation (git-fixes).
- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).
- drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).
- drm/probe-helper: warn about negative .get_modes() (stable-fixes).
- drm/qxl: Add check for drm_cvt_mode (git-fixes).
- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).
- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).
- drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).
- drm/radeon: check bo_va->bo is non-NULL before using it (stable-fixes).
- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).
- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).
- drm/radeon: silence UBSAN warning (v3) (stable-fixes).
- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).
- drm/rockchip: vop2: Fix the port mux of VP2 (git-fixes).
- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).
- drm/sched: fix null-ptr-deref in init entity (git-fixes).
- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).
- drm/sun4i: hdmi: Convert encoder to atomic (stable-fixes).
- drm/sun4i: hdmi: Move mode_set into enable (stable-fixes).
- drm/ttm: Always take the bo delayed cleanup path for imported bos (git-fixes).
- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).
- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).
- drm/udl: Remove DRM_CONNECTOR_POLL_HPD (git-fixes).
- drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).
- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).
- drm/vmwgfx: Do not memcmp equivalent pointers (git-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).
- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).
- drm/vmwgfx: Fix prime import/export (git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
- drm: Check output polling initialized before disabling (stable-fixes).
- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
- drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm: zynqmp_dpsub: Always register bridge (git-fixes).
- drm: zynqmp_dpsub: Fix an error handling path in zynqmp_dpsub_probe() (git-fixes).
- drm: zynqmp_kms: Fix AUX bus not getting unregistered (git-fixes).
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).
- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).
- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).
- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)
- ecryptfs: Reject casefold directory inodes (git-fixes)
- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (stable-fixes).
- eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).
- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).
- efi/unaccepted: touch soft lockup during memory accept (git-fixes).
- efi/x86: Free EFI memory map only when installing a new one (git-fixes).
- efi: disable mirror feature during crashkernel (stable-fixes).
- efi: fix panic in kdump kernel (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated (git-fixes).
- erofs: ensure m_llen is reset to 0 if metadata is invalid (git-fixes).
- exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
- f2fs: fix error path of __f2fs_build_free_nids (git-fixes).
- fast_dput(): handle underflows gracefully (git-fixes)
- fat: fix uninitialized field in nostale filehandles (git-fixes)
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
- fbdev: sh7760fb: allow modular build (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
- filelock: fix potential use-after-free in posix_lock_inode (git-fixes).
- firewire: core: use long bus reset on gap count error (stable-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).
- firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).
- firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).
- firmware: cs_dsp: Return error if block header overflows file (git-fixes).
- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).
- firmware: cs_dsp: Validate payload length before processing block (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- firmware: dmi: Stop decoding on broken entry (stable-fixes).
- firmware: psci: Fix return value from psci_system_suspend() (git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).
- firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).
- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).
- firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).
- fpga: dfl-pci: add PCI subdevice ID for Intel D5005 card (stable-fixes).
- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)
- fs/file: fix the check in find_next_fd() (git-fixes).
- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes).
- fs: Fix error checking for d_hash_and_lookup() (git-fixes)
- fs: indicate request originates from old mount API (git-fixes)
- fs: relax mount_setattr() permission checks (git-fixes)
- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: do not unhash root (bsc#1223946).
- fuse: fix root lookup with nonzero generation (bsc#1223945).
- fuse: verify {g,u}id mount options correctly (bsc#1228193).
- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).
- geneve: make sure to pull inner header in geneve_rx() (git-fixes).
- genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() (git-fixes).
- gfs2: Do not forget to complete delayed withdraw (git-fixes).
- gfs2: Fix "ignore unlock failures after withdraw" (git-fixes).
- gfs2: Fix invalid metadata access in punch_hole (git-fixes).
- gfs2: Get rid of gfs2_alloc_blocks generation parameter (git-fixes).
- gfs2: Rename gfs2_lookup_{ simple => meta } (git-fixes).
- gfs2: Use mapping->gfp_mask for metadata inodes (git-fixes).
- gfs2: convert to ctime accessor functions (git-fixes).
- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).
- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).
- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: davinci: Validate the obtained number of IRQs (git-fixes).
- gpio: lpc32xx: fix module autoloading (stable-fixes).
- gpio: mc33880: Convert comma to semicolon (git-fixes).
- gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (stable-fixes).
- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).
- gpio: tqmx86: fix broken IRQ_TYPE_EDGE_BOTH interrupt type (git-fixes).
- gpio: tqmx86: fix typo in Kconfig label (git-fixes).
- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).
- gpio: tqmx86: store IRQ trigger type and unmask status separately (git-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).
- gpiolib: cdev: fix uninitialised kfifo (git-fixes).
- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).
- gpiolib: swnode: Remove wrong header inclusion (git-fixes).
- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).
- hfsplus: fix to avoid false alarm of circular locking (git-fixes).
- hfsplus: fix uninit-value in copy_name (git-fixes).
- hpet: Support 32-bit userspace (git-fixes).
- hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).
- hwmon: (amc6821) add of_match table (stable-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).
- hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- hwrng: amd - Convert PCIBIOS_* return codes to errnos (git-fixes).
- hwrng: core - Fix wrong quality calculation at hw rng registration (git-fixes).
- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).
- i2c: acpi: Unbind mux adapters before delete (git-fixes).
- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: cadence: Avoid fifo clear after start (git-fixes).
- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).
- i2c: i801: Annotate apanel_addr as __ro_after_init (stable-fixes).
- i2c: mark HostNotify target address as used (git-fixes).
- i2c: ocores: set IACK bit after core is enabled (git-fixes).
- i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: rcar: bring hardware to known state when probing (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).
- i2c: testunit: avoid re-issued work after read message (git-fixes).
- i2c: testunit: correct Kconfig description (git-fixes).
- i2c: testunit: discard write requests while old command is running (git-fixes).
- i2c: testunit: do not erase registers after STOP (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
- i40e: Enforce software interrupt during busy-poll exit (git-fixes).
- i40e: Fix VF MAC filter removal (git-fixes).
- i40e: Fix firmware version comparison function (git-fixes).
- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).
- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).
- i40e: fix vf may be used uninitialized in this function warning (git-fixes).
- i40e: fix: remove needless retries of NVM update (bsc#1227736).
- i915: make inject_virtual_interrupt() void (stable-fixes).
- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).
- ice: fix enabling RX VLAN filtering (git-fixes).
- ice: fix memory corruption bug with suspend and rebuild (git-fixes).
- ice: fix stats being updated by way too large values (git-fixes).
- ice: fix typo in assignment (git-fixes).
- ice: fix uninitialized dplls mutex usage (git-fixes).
- ice: reconfig host after changing MSI-X on VF (git-fixes).
- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).
- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).
- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).
- ida: make 'ida_dump' static (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- idpf: disable local BH when scheduling napi for marker packets (git-fixes).
- idpf: extend tx watchdog timeout (bsc#1224137).
- idpf: fix kernel panic on unknown packet types (git-fixes).
- igb: Fix missing time sync events (git-fixes).
- igb: extend PTP timestamp adjustments to i211 (git-fixes).
- igc: Fix missing time sync events (git-fixes).
- igc: Remove stale comment about Tx timestamping (git-fixes).
- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).
- iio: Fix the sorting functionality in iio_gts_build_avail_time_table (git-fixes).
- iio: accel: fxls8962af: select IIO_BUFFER & IIO_KFIFO_BUF (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio: accel: mxc4005: Reset chip on probe() and resume() (stable-fixes).
- iio: accel: mxc4005: allow module autoloading via OF compatible (stable-fixes).
- iio: adc: ad7266: Fix variable checking bug (git-fixes).
- iio: adc: ad9467: fix scan type sign (git-fixes).
- iio: adc: ad9467: use chip_info variables instead of array (stable-fixes).
- iio: adc: ad9467: use spi_get_device_match_data() (stable-fixes).
- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).
- iio: chemical: bme680: Fix calibration data variable (git-fixes).
- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).
- iio: chemical: bme680: Fix pressure value output (git-fixes).
- iio: chemical: bme680: Fix sensor data read operation (git-fixes).
- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- iio: frequency: adrf6780: rm clk provider include (git-fixes).
- iio: gts-helper: Fix division loop (git-fixes).
- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).
- iio: pressure: Fixes BME280 SPI driver data (git-fixes).
- iio: pressure: bmp280: Fix BMP580 temperature reading (stable-fixes).
- iio: pressure: dps310: support negative temperature values (git-fixes).
- iio: pressure: fix some word spelling errors (stable-fixes).
- iio: xilinx-ams: Do not include ams_ctrl_channels in scan_mask (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- inet: frags: eliminate kernel-doc warning (git-fixes).
- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- init: open /initrd.image with O_LARGEFILE (stable-fixes).
- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).
- input: Add event code for accessibility key (stable-fixes).
- input: Add support for "Do Not Disturb" (stable-fixes).
- intel: legacy: Partial revert of field get conversion (git-fixes).
- intel_th: pci: Add Granite Rapids SOC support (stable-fixes).
- intel_th: pci: Add Granite Rapids support (stable-fixes).
- intel_th: pci: Add Lunar Lake support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).
- intel_th: pci: Add Meteor Lake-S support (stable-fixes).
- intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).
- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc RPM master ID (git-fixes).
- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).
- interconnect: qcom: sm8550: Enable sync_state (git-fixes).
- io-wq: write next_work before dropping acct_lock (git-fixes).
- io_uring/io-wq: Use set_bit() and test_bit() at worker->flags (git-fixes).
- io_uring/io-wq: avoid garbage value of 'match' in io_wq_enqueue() (git-fixes).
- io_uring/kbuf: get rid of bl->is_ready (git-fixes).
- io_uring/kbuf: get rid of lower BGID lists (git-fixes).
- io_uring/kbuf: protect io_buffer_list teardown with a reference (git-fixes).
- io_uring/kbuf: rename is_mapped (git-fixes).
- io_uring/net: correct the type of variable (git-fixes).
- io_uring/net: correctly handle multishot recvmsg retry setup (git-fixes).
- io_uring/net: fix sendzc lazy wake polling (git-fixes).
- io_uring/net: move receive multishot out of the generic msghdr path (git-fixes).
- io_uring/net: restore msg_control on sendzc retry (git-fixes).
- io_uring/net: unify how recvmsg and sendmsg copy in the msghdr (git-fixes).
- io_uring/rsrc: do not lock while !TASK_RUNNING (git-fixes).
- io_uring/rsrc: fix incorrect assignment of iter->nr_segs in io_import_fixed (git-fixes).
- io_uring/rw: do not allow multishot reads without NOWAIT support (git-fixes).
- io_uring/rw: return IOU_ISSUE_SKIP_COMPLETE for multishot retry (git-fixes).
- io_uring/sqpoll: work around a potential audit memory leak (git-fixes).
- io_uring/unix: drop usage of io_uring socket (git-fixes).
- io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64() failure (git-fixes).
- io_uring: clean rings on NO_MMAP alloc fail (git-fixes).
- io_uring: clear opcode specific data for an early failure (git-fixes).
- io_uring: do not save/restore iowait state (git-fixes).
- io_uring: fail NOP if non-zero op flags is passed in (git-fixes).
- io_uring: fix io_queue_proc modifying req->flags (git-fixes).
- io_uring: fix mshot io-wq checks (git-fixes).
- io_uring: fix mshot read defer taskrun cqe posting (git-fixes).
- io_uring: fix poll_remove stalled req completion (git-fixes).
- io_uring: kabi cookie remove (bsc#1217384).
- io_uring: remove looping around handling traditional task_work (git-fixes).
- io_uring: remove unconditional looping in local task_work handling (git-fixes).
- io_uring: use private workqueue for exit work (git-fixes).
- io_uring: use the right type for work_llist empty check (git-fixes).
- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)
- iommu/amd: Enhance def_domain_type to handle untrusted device (git-fixes).
- iommu/amd: Fix panic accessing amd_iommu_enable_faulting (bsc#1224767).
- iommu/amd: Fix sysfs leak in iommu init (git-fixes).
- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).
- iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
- iommu/vt-d: Allocate DMAR fault interrupts locally (bsc#1224767).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- iommu/vt-d: Fix WARN_ON in iommu probe path (git-fixes).
- iommu/vt-d: Fix wrong use of pasid config (git-fixes).
- iommu/vt-d: Improve ITE fault handling if target device isn't present (git-fixes).
- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).
- iommu/vt-d: Update iotlb in nested domain attach (git-fixes).
- iommu/vt-d: Use rbtree to track iommu probed devices (git-fixes).
- iommu: Fix compilation without CONFIG_IOMMU_INTEL (git-fixes).
- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).
- iommu: Return right value in iommu_sva_bind_device() (git-fixes).
- iommu: Undo pasid attachment only for the devices that have succeeded (git-fixes).
- iommu: mtk: fix module autoloading (git-fixes).
- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).
- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).
- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).
- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).
- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).
- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).
- ionic: set adminq irq affinity (git-fixes).
- ipmi: ssif_bmc: prevent integer overflow on 32bit systems (git-fixes).
- ipv4: annotate data-races around fi->fib_dead (git-fixes).
- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)
- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).
- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).
- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).
- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).
- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register's index (stable-fixes).
- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).
- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).
- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).
- iwlwifi: fw: fix more kernel-doc warnings (bsc#1227149).
- iwlwifi: mvm: Drop unused fw_trips_index[] from iwl_mvm_thermal_device (bsc#1227149).
- iwlwifi: mvm: Populate trip table before registering thermal zone (bsc#1227149).
- iwlwifi: mvm: Use for_each_thermal_trip() for walking trip points (bsc#1227149).
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).
- jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).
- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
- jfs: Fix array-index-out-of-bounds in diFree (git-fixes).
- jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).
- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).
- kABI fix of KVM: x86/pmu: Prioritize VMX interception over
- kABI fix of KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- kABI workaround for cs35l56 (git-fixes).
- kABI workaround for of driver changes (git-fixes).
- kABI workaround for sof_ipc_pcm_ops (git-fixes).
- kABI workaround for wireless updates (bsc#1227149).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- kABI: bpf: verifier kABI workaround (bsc#1225903).
- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).
- kabi/severities: Ignore io_uring internal symbols
- kabi/severities: Remove mitigation-related symbols
- kabi/severities: cleanup and update for WiFi driver entries (bsc#1227149)
- kabi/severities: cover all ath/* drivers (bsc#1227149)
- kabi/severities: cover all mt76 modules (bsc#1227149)
- kabi/severities: ignore IMS functions
- kabi/severities: ignore TAS2781 symbol drop, it's only locally used
- kabi/severities: ignore Wangxun ethernet driver local symbols
- kabi/severities: ignore amd pds internal symbols
- kabi/severities: ignore brcmfmac-specific local symbols
- kabi/severities: ignore kABI changes Realtek WiFi drivers (bsc#1227149)
- kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)
- kasan, fortify: properly rename memintrinsics (git-fixes).
- kasan/test: avoid gcc warning for intentional overflow (git-fixes).
- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).
- kasan: print the original fault addr when access invalid shadow (git-fixes).
- kbuild: Fix build target deb-pkg: ln: failed to create hard link (git-fixes).
- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).
- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-fixes).
- kbuild: avoid build error when single DTB is turned into composite DTB (git-fixes).
- kconfig: doc: fix a typo in the note about 'imply' (git-fixes).
- kconfig: fix comparison to constant symbols, 'm', 'n' (git-fixes).
- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).
- kconfig: gconf: give a proper initial state to the Save button (stable-fixes).
- kconfig: remove wrong expr_trans_bool() (stable-fixes).
- kcov: do not lose track of remote references during softirqs (git-fixes).
- kernel-binary: vdso: Own module_dir
- kernel-doc: fix struct_group_tagged() parsing (git-fixes).
- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).
- kheaders: explicitly define file modes for archived headers (stable-fixes).
- knfsd: LOOKUP can return an illegal error value (git-fixes).
- kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).
- kprobe/ftrace: bail out if ftrace was killed (git-fixes).
- kprobe/ftrace: fix build error due to bad function definition (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- kselftest: Add a ksft_perror() helper (stable-fixes).
- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).
- kunit: Fix checksum tests on big endian CPUs (git-fixed).
- leds: flash: leds-qcom-flash: Test the correct variable in init (git-fixes).
- leds: mt6360: Fix memory leak in mt6360_init_isnk_properties() (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).
- leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).
- leds: triggers: Flush pending brightness before activating trigger (git-fixes).
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).
- lib: objagg: Fix general protection fault (git-fixes).
- lib: objagg: Fix spelling (git-fixes).
- lib: test_objagg: Fix spelling (git-fixes).
- libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228192).
- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).
- libperf evlist: Avoid out-of-bounds access (git-fixes).
- libsubcmd: Fix parse-options memory leak (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)
- lsm: fix the logic in security_inode_getsecctx() (git-fixes).
- mISDN: Fix a use after free in hfcmulti_tx() (git-fixes).
- mISDN: fix MISDN_TIME_STAMP handling (git-fixes).
- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).
- mac802154: fix time calculation in ieee802154_configure_durations() (git-fixes).
- mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (git-fixes).
- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).
- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).
- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).
- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).
- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).
- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).
- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).
- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).
- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).
- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).
- md: add a new helper rdev_has_badblock() (jsc#PED-7542).
- md: add a new helper reshape_interrupted() (jsc#PED-7542).
- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).
- md: check mddev->pers before calling md_set_readonly() (jsc#PED-7542).
- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).
- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).
- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).
- md: export helper md_is_rdwr() (jsc#PED-7542).
- md: export helpers to stop sync_thread (jsc#PED-7542).
- md: factor out a helper to sync mddev (jsc#PED-7542).
- md: fix kmemleak of rdev->serial (jsc#PED-7542).
- md: get rdev->mddev with READ_ONCE() (jsc#PED-7542).
- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).
- md: preserve KABI in struct md_personality (jsc#PED-7542).
- md: remove redundant check of 'mddev->sync_thread' (jsc#PED-7542).
- md: remove redundant md_wakeup_thread() (jsc#PED-7542).
- md: return directly before setting did_set_md_closing (jsc#PED-7542).
- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).
- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
- media: cadence: csi2rx: use match fwnode for media link (git-fixes).
- media: cec: core: remove length check of Timer Status (stable-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
- media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).
- media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).
- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).
- media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).
- media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).
- media: dvbdev: Initialize sbuf (stable-fixes).
- media: dw2102: Do not translate i2c read into write (stable-fixes).
- media: dw2102: fix a potential buffer overflow (git-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: i2c: Fix imx412 exposure control (git-fixes).
- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).
- media: imon: Fix race getting ictx->lock (git-fixes).
- media: imx-jpeg: Drop initial source change event if capture has been setup (git-fixes).
- media: imx-jpeg: Remove some redundant error logs (git-fixes).
- media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() (git-fixes).
- media: ipu3-cio2: Request IRQ earlier (git-fixes).
- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).
- media: mc: Fix flags handling when creating pad links (stable-fixes).
- media: mc: Fix graph walk in media_pipeline_start (git-fixes).
- media: mc: Rename pad variable to clarify intent (stable-fixes).
- media: mc: mark the media devnode as registered from the, start (git-fixes).
- media: mxl5xx: Move xpt structures off stack (stable-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
- media: pci: ivtv: Add check for DMA map result (git-fixes).
- media: radio-shark2: Avoid led_names truncations (git-fixes).
- media: rcar-vin: Fix YUYV8_1X16 handling for CSI-2 (git-fixes).
- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).
- media: renesas: vsp1: Fix _irqsave and _irq mix (git-fixes).
- media: renesas: vsp1: Store RPF partition configuration per RPF instance (git-fixes).
- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).
- media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).
- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).
- media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).
- media: uvcvideo: Override default flags (git-fixes).
- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).
- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).
- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).
- media: v4l: async: Fix NULL pointer dereference in adding ancillary links (git-fixes).
- media: v4l: subdev: Fix typo in documentation (git-fixes).
- media: venus: fix use after free in vdec_close (git-fixes).
- media: venus: flush all buffers in output plane streamoff (git-fixes).
- mei: demote client disconnect warning on suspend to debug (stable-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- mei: me: release irq in mei_me_pci_resume error path (git-fixes).
- mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).
- mfd: pm8008: Fix regmap irq chip initialisation (git-fixes).
- misc: fastrpc: Avoid updating PD type for capability request (git-fixes).
- misc: fastrpc: Copy the complete capability structure to user (git-fixes).
- misc: fastrpc: Fix DSP capabilities request (git-fixes).
- misc: fastrpc: Fix memory leak in audio daemon attach operation (git-fixes).
- misc: fastrpc: Fix ownership reassignment of remote heap (git-fixes).
- misc: fastrpc: Restrict untrusted app to attach to privileged PD (git-fixes).
- misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe() (git-fixes).
- misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() (git-fixes).
- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mlxbf_gige: stop interface during shutdown (git-fixes).
- mlxsw: Use refcount_t for reference counting (git-fixes).
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).
- mm,page_owner: drop unnecessary check (bsc#1222366).
- mm,page_owner: fix recursion (bsc#1222366).
- mm/slab: make __free(kfree) accept error pointers (git-fixes).
- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).
- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).
- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).
- mm_init kABI workaround (git-fixes).
- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).
- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Do not force a retune before RPMB switch (stable-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).
- mmc: omap: fix broken slot switch lookup (git-fixes).
- mmc: omap: fix deferred probe (git-fixes).
- mmc: omap: restore original power up/down steps (git-fixes).
- mmc: sdhci-acpi: Add quirk to enable pull-up on the card-detect GPIO on Asus T100TA (git-fixes).
- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).
- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).
- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).
- mmc: sdhci-brcmstb: check R1_STATUS for erase/trim/discard (git-fixes).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).
- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).
- mmc: sdhci: Add support for "Tuning Error" interrupts (stable-fixes).
- mmc: sdhci: Do not invert write-protect twice (git-fixes).
- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS (stable-fixes).
- module: do not ignore sysfs_create_link() failures (git-fixes).
- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).
- mptcp: annotate data-races around msk->rmem_fwd_alloc (git-fixes).
- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).
- mptcp: move __mptcp_error_report in protocol.c (git-fixes).
- mptcp: process pending subflow error on close (git-fixes).
- mt76: connac: move more mt7921/mt7915 mac shared code in connac lib (bsc#1227149).
- mt76: mt7996: rely on mt76_sta_stats in mt76_wcid (bsc#1227149).
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).
- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).
- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).
- mtd: rawnand: Fix the nand_read_data_op() early check (git-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).
- mtd: spinand: Add support for 5-byte IDs (stable-fixes).
- net/dcb: check for detached device before executing callbacks (bsc#1215587).
- net/mlx5: Correctly compare pkt reformat ids (git-fixes).
- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).
- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).
- net/mlx5: Fix MTMP register capability offset in MCAM register (git-fixes).
- net/mlx5: Fix fw reporter diagnose output (git-fixes).
- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).
- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).
- net/mlx5: Properly link new fs rules into the tree (git-fixes).
- net/mlx5: Register devlink first under devlink lock (git-fixes).
- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).
- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).
- net/mlx5: offset comp irq index in name by one (git-fixes).
- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).
- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).
- net/mlx5e: Fix MACsec state loss upon state update in offload path (git-fixes).
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).
- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).
- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).
- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).
- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).
- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).
- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).
- net/smc: fix documentation of buffer sizes (git-fixes).
- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).
- net: NSH: fix kernel-doc notation warning (git-fixes).
- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).
- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).
- net: annotate data-races around sk->sk_bind_phc (git-fixes).
- net: annotate data-races around sk->sk_forward_alloc (git-fixes).
- net: annotate data-races around sk->sk_lingertime (git-fixes).
- net: annotate data-races around sk->sk_tsflags (git-fixes).
- net: bonding: remove kernel-doc comment marker (git-fixes).
- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).
- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).
- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).
- net: cfg802154: fix kernel-doc notation warnings (git-fixes).
- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).
- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).
- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).
- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).
- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).
- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).
- net: ena: Fix incorrect descriptor free behavior (git-fixes).
- net: ena: Fix potential sign extension issue (git-fixes).
- net: ena: Fix redundant device NUMA node override (jsc#PED-8688).
- net: ena: Move XDP code to its new files (git-fixes).
- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).
- net: ena: Remove ena_select_queue (git-fixes).
- net: ena: Set tx_info->xdpf value to NULL (git-fixes).
- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).
- net: ena: Wrong missing IO completions check order (git-fixes).
- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).
- net: ethernet: mtk_wed: introduce mtk_wed_buf structure (bsc#1227149).
- net: ethernet: mtk_wed: rename mtk_rxbm_desc in mtk_wed_bm_desc (bsc#1227149).
- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).
- net: fec: Set mac_managed_pm during probe (git-fixes).
- net: fill in MODULE_DESCRIPTION()s in kuba@'s modules (bsc#1227149).
- net: hns3: Remove io_stop_wc() calls after __iowrite64_copy() (bsc#1226502)
- net: hns3: fix index limit to support all queue stats (git-fixes).
- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).
- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).
- net: hns3: fix port duplex configure error in IMP reset (git-fixes).
- net: hns3: fix wrong judgment condition issue (git-fixes).
- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).
- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).
- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).
- net: ks8851: Inline ks8851_rx_skb() (git-fixes).
- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).
- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).
- net: lan743x: Support WOL at both the PHY and MAC appropriately (git-fixes).
- net: lan743x: disable WOL upon resume to restore full data path operation (git-fixes).
- net: libwx: fix memory leak on free page (git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
- net: llc: fix kernel-doc notation warnings (git-fixes).
- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (stable-fixes).
- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- net: mana: Fix possible double free in error handling path (git-fixes).
- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).
- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).
- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).
- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).
- net: phy: micrel: Fix potential null pointer dereference (git-fixes).
- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).
- net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume (git-fixes).
- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).
- net: phy: microchip: lan87xx: reinit PHY after cable test (git-fixes).
- net: phy: mxl-gpy: Remove interrupt mask clearing from config_init (git-fixes).
- net: phy: phy_device: Fix PHY LED blinking code comment (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).
- net: ravb: Always process TX descriptor ring (git-fixes).
- net: ravb: Always update error counters (git-fixes).
- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).
- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).
- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).
- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).
- net: sparx5: flower: fix fragment flags handling (git-fixes).
- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).
- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).
- net: stmmac: fix rx queue priority assignment (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
- net: tls: fix returned read length with async decrypt (bsc#1221858).
- net: tls: fix use-after-free with partial reads and async (bsc#1221858).
- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).
- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
- net: usb: ax88179_178a: improve link status logs (git-fixes).
- net: usb: ax88179_178a: improve reset check (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: qmi_wwan: add Telit FN912 compositions (stable-fixes).
- net: usb: qmi_wwan: add Telit FN920C04 compositions (git-fixes).
- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: veth: do not manipulate GRO when using XDP (git-fixes).
- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).
- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- nf_conntrack: fix -Wunused-const-variable= (git-fixes).
- nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- nfp: flower: handle acti_netdevs allocation failure (git-fixes).
- nfs: Avoid flushing many pages with NFS_FILE_SYNC (bsc#1218442).
- nfs: Block on write congestion (bsc#1218442).
- nfs: Bump default write congestion size (bsc#1218442).
- nfs: Drop pointless check from nfs_commit_release_pages() (bsc#1218442).
- nfs: Fix up kabi after adding write_congestion_wait (bsc#1218442).
- nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).
- nfs: Properly initialize server->writeback (bsc#1218442).
- nfs: drop the incorrect assertion in nfs_swap_rw() (git-fixes).
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).
- nfs: fix undefined behavior in nfs_block_bits() (git-fixes).
- nfs: keep server info for remounts (git-fixes).
- nfsd: Fix a regression in nfsd_setattr() (git-fixes).
- nfsd: do not call locks_release_private() twice concurrently (git-fixes).
- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (git-fixes).
- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- nilfs2: add missing check for inode numbers on directory entries (stable-fixes).
- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).
- nilfs2: convert persistent object allocator to use kmap_local (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).
- nilfs2: fix inode number range checks (stable-fixes).
- nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (git-fixes).
- nilfs2: fix out-of-range warning (git-fixes).
- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).
- nilfs2: fix potential hang in nilfs_detach_log_writer() (git-fixes).
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
- nilfs2: make superblock data array index computation sparse friendly (git-fixes).
- nilfs2: return the mapped address from nilfs_get_page() (stable-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- nouveau/gsp: do not check devinit disable on GSP (git-fixes).
- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).
- nouveau: add an ioctl to report vram usage (stable-fixes).
- nouveau: add an ioctl to return vram bar size (stable-fixes).
- nouveau: fix devinit paths to only handle display on GSP (git-fixes).
- nouveau: fix function cast warning (git-fixes).
- nouveau: fix instmem race condition around ptr stores (git-fixes).
- nouveau: lock the client object tree (stable-fixes).
- nouveau: report byte usage in VRAM usage (git-fixes).
- nouveau: reset the bo resource bus info after an eviction (git-fixes).
- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).
- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).
- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).
- nvme-fabrics: short-circuit reconnect retries (bsc#1186716).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvme-pci: Add quirk for broken MSIs (git-fixes).
- nvme-tcp: Export the nvme_tcp_wq to sysfs (bsc#1224049).
- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).
- nvme/tcp: Add wq_unbound modparam for nvme_tcp_wq (bsc#1224049).
- nvme: cancel pending I/O if nvme controller is in terminal state (bsc#1226503).
- nvme: do not retry authentication failures (bsc#1186716).
- nvme: find numa distance only if controller has valid numa id (git-fixes).
- nvme: fix multipath batched completion accounting (git-fixes).
- nvme: fix nvme_pr_* status code parsing (git-fixes).
- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).
- nvme: return kernel error codes for admin queue connect (bsc#1186716).
- nvmet-auth: replace pr_debug() with pr_err() to report an error (git-fixes).
- nvmet-auth: return the error code to the nvmet_auth_host_hash() callers (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvmet-passthru: propagate status from id override functions (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- nvmet-tcp: fix possible memory leak when tearing down a controller (git-fixes).
- nvmet: fix ns enable/disable possible hang (git-fixes).
- nvmet: fix nvme status code when namespace is disabled (git-fixes).
- nvmet: lock config semaphore when accessing DH-HMAC-CHAP key (bsc#1186716).
- nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists() (git-fixes).
- nvmet: return DHCHAP status codes from nvmet_setup_auth() (bsc#1186716).
- ocfs2: adjust enabling place for la window (bsc#1219224).
- ocfs2: fix DIO failure due to insufficient transaction credits (git-fixes).
- ocfs2: fix races between hole punching and AIO+DIO (git-fixes).
- ocfs2: fix sparse warnings (bsc#1219224).
- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).
- ocfs2: speed up chain-list searching (bsc#1219224).
- ocfs2: use coarse time for new created files (git-fixes).
- octeontx2-af: Add array index check (git-fixes).
- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).
- octeontx2-af: Fix devlink params (git-fixes).
- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).
- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).
- octeontx2-af: Use separate handlers for interrupts (git-fixes).
- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).
- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).
- octeontx2-pf: Use default max_active works instead of one (git-fixes).
- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).
- octeontx2-pf: check negative error code in otx2_open() (git-fixes).
- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).
- octeontx2: Detect the mbox up or down message via register (git-fixes).
- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).
- of: module: add buffer overflow check in of_modalias() (git-fixes).
- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).
- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).
- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).
- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).
- of: property: fix typo in io-channels (git-fixes).
- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).
- of: unittest: Fix compile in the non-dynamic case (git-fixes).
- orangefs: fix out-of-bounds fsid access (git-fixes).
- overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).
- pNFS/filelayout: fixup pNfs allocation modes (git-fixes).
- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).
- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).
- perf annotate: Get rid of duplicate --group option item (git-fixes).
- perf auxtrace: Fix multiple use of --itrace option (git-fixes).
- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).
- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).
- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).
- perf daemon: Fix file leak in daemon_session__control (git-fixes).
- perf docs: Document bpf event modifier (git-fixes).
- perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() (git-fixes).
- perf expr: Fix "has_event" function for metric style events (git-fixes).
- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).
- perf jevents: Drop or simplify small integer values (git-fixes).
- perf list: fix short description for some cache events (git-fixes).
- perf lock contention: Add a missing NULL check (git-fixes).
- perf metric: Do not remove scale from counts (git-fixes).
- perf pmu: Count sys and cpuid JSON events separately (git fixes).
- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).
- perf pmu: Treat the msr pmu as software (git-fixes).
- perf print-events: make is_event_supported() more robust (git-fixes).
- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).
- perf record: Check conflict between '--timestamp-filename' option and pipe mode before recording (git-fixes).
- perf record: Delete session after stopping sideband thread (git-fixes).
- perf record: Fix debug message placement for test consumption (git-fixes).
- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).
- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).
- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).
- perf script: Show also errors for --insn-trace option (git-fixes).
- perf srcline: Add missed addr2line closes (git-fixes).
- perf stat: Avoid metric-only segv (git-fixes).
- perf stat: Do not display metric header for non-leader uncore events (git-fixes).
- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).
- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).
- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).
- perf tests: Apply attributes to all events in object code reading test (git-fixes).
- perf tests: Make "test data symbol" more robust on Neoverse N1 (git-fixes).
- perf tests: Make data symbol test wait for perf to start (bsc#1220045).
- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).
- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).
- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).
- perf top: Uniform the event name for the hybrid machine (git-fixes).
- perf top: Use evsel's cpus to replace user_requested_cpus (git-fixes).
- perf ui browser: Avoid SEGV on title (git fixes).
- perf ui browser: Do not save pointer to stack memory (git-fixes).
- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).
- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).
- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).
- perf/x86/amd/core: Update and fix stalled-cycles-* events for Zen 2 and later (git-fixes).
- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).
- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).
- perf/x86/intel/ds: Do not clear ->pebs_data_cfg for the last PEBS event (git-fixes).
- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).
- perf/x86: Fix out of range data (git-fixes).
- phy: cadence-torrent: Check return value on register read (git-fixes).
- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).
- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).
- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).
- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).
- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).
- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
- pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).
- pinctrl: freescale: mxs: Fix refcount of child (git-fixes).
- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).
- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).
- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
- pinctrl: renesas: r8a779g0: FIX PWM suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix (H)SCIF1 suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix (H)SCIF3 suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix CANFD5 suffix (git-fixes).
- pinctrl: renesas: r8a779g0: Fix FXR_TXEN[AB] suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix IRQ suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix TCLK suffixes (git-fixes).
- pinctrl: renesas: r8a779g0: Fix TPU suffixes (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).
- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).
- pinctrl: rockchip: update rk3308 iomux routes (git-fixes).
- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).
- pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).
- platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).
- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).
- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).
- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
- platform/x86/intel/tpmi: Handle error from tpmi_process_info() (stable-fixes).
- platform/x86: ISST: Add Grand Ridge to HPM CPU list (stable-fixes).
- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).
- platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).
- platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).
- platform/x86: lg-laptop: Change ACPI device id (stable-fixes).
- platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).
- platform/x86: lg-laptop: Use ACPI device handle when evaluating WMAB/WMBB (stable-fixes).
- platform/x86: thinkpad_acpi: Take hotkey_mutex during hotkey_exit() (git-fixes).
- platform/x86: toshiba_acpi: Add quirk for buttons on Z830 (stable-fixes).
- platform/x86: toshiba_acpi: Fix array out-of-bounds access (git-fixes).
- platform/x86: toshiba_acpi: Fix quickstart quirk handling (git-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6" tablet (stable-fixes).
- platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).
- platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).
- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
- power: supply: ab8500: Fix error handling when calling iio_read_channel_processed() (git-fixes).
- power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).
- power: supply: ingenic: Fix some error handling paths in ingenic_battery_get_property() (git-fixes).
- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).
- powerpc/64s/radix/kfence: map __kfence_pool at page granularity (bsc#1223570 ltc#205770).
- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).
- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).
- powerpc/prom: Add CPU info to hardware description string later (bsc#1215199).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).
- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).
- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).
- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- ppdev: Add an error check in register_device (git-fixes).
- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).
- printk: Add this_cpu_in_panic() (bsc#1225607).
- printk: Adjust mapping for 32bit seq macros (bsc#1225607).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).
- printk: Consolidate console deferred printing (bsc#1225607).
- printk: Disable passing console lock owner completely during panic() (bsc#1225607).
- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).
- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).
- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).
- printk: Let no_printk() use _printk() (bsc#1225618).
- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).
- printk: Wait for all reserved records with pr_flush() (bsc#1225607).
- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).
- printk: ringbuffer: Clarify special lpos values (bsc#1225607).
- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).
- proc/kcore: do not try to access unaccepted memory (git-fixes).
- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).
- pstore: inode: Only d_invalidate() is needed (git-fixes).
- pwm: img: fix pwm clock lookup (git-fixes).
- pwm: sti: Prepare removing pwm_chip from driver data (stable-fixes).
- pwm: sti: Simplify probe function using devm functions (git-fixes).
- pwm: stm32: Always do lazy disabling (git-fixes).
- qibfs: fix dentry leak (git-fixes)
- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).
- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).
- random: handle creditable entropy from atomic process context (git-fixes).
- regmap-i2c: Subtract reg size from max_write (stable-fixes).
- regmap: Add regmap_read_bypassed() (git-fixes).
- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).
- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).
- regmap: maple: Fix uninitialized symbol 'ret' warnings (git-fixes).
- regulator: bd71815: fix ramp values (git-fixes).
- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).
- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).
- regulator: core: Fix modpost error "regulator_get_regmap" undefined (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- regulator: irq_helpers: duplicate IRQ name (stable-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
- regulator: tps65132: Add of_match table (stable-fixes).
- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).
- remoteproc: imx_rproc: Fix refcount mistake in imx_rproc_addr_init (git-fixes).
- remoteproc: imx_rproc: Skip over memory region when node value is NULL (git-fixes).
- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).
- remoteproc: k3-r5: Fix IPC-only mode detection (git-fixes).
- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).
- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).
- remoteproc: stm32_rproc: Fix mailbox interrupts queuing (git-fixes).
- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).
- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (git-fixes).
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
- ring-buffer: Only update pages_touched when a new page is touched (git-fixes).
- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).
- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.
- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.
- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.
- rtc: abx80x: Fix return value of nvmem callback on read (git-fixes).
- rtc: cmos: Fix return value of nvmem callbacks (git-fixes).
- rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).
- rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).
- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).
- s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227072).
- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348).
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).
- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).
- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223593).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).
- s390: Implement __iowrite32_copy() (bsc#1226502)
- s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)
- saa7134: Unchecked i2c_transfer function result fixed (git-fixes).
- sched/balancing: Rename newidle_balance() => sched_balance_newidle() (bsc#1222173).
- sched/core: Fix incorrect initialization of the 'burst' parameter in cpu_max_write() (bsc#1226791).
- sched/fair: Check root_domain::overload value before update (bsc#1222173).
- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).
- sched/psi: Select KERNFS as needed (git-fixes).
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).
- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842).
- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).
- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).
- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
- scsi: mpi3mr: Reduce stack usage in mpi3mr_refresh_sas_ports() (git-fixes).
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).
- scsi: sg: Avoid race in error handling & drop bogus warn (git-fixes).
- scsi: sg: Avoid sg device teardown race (git-fixes).
- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).
- sctp: annotate data-races around sk->sk_wmem_queued (git-fixes).
- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).
- selftests/binderfs: use the Makefile's rules, not Make's implicit rules (git-fixes).
- selftests/bpf: add edge case backtracking logic test (bsc#1225756).
- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).
- selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).
- selftests/bpf: test if state loops are detected in a tricky case (bsc#1225903).
- selftests/bpf: test widening for iterating callbacks (bsc#1225903).
- selftests/bpf: tests for iterating callbacks (bsc#1225903).
- selftests/bpf: tests with delayed read/precision makrs in loop body (bsc#1225903).
- selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).
- selftests/bpf: track tcp payload offset as scalar in xdp_synproxy (bsc#1225903).
- selftests/ftrace: Fix event filter target_func selection (stable-fixes).
- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).
- selftests/kcmp: remove unused open mode (git-fixes).
- selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages (git-fixes).
- selftests/mm: fix build warnings on ppc64 (stable-fixes).
- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).
- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).
- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).
- selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).
- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).
- selftests: default to host arch for LLVM builds (git-fixes).
- selftests: fix OOM in msg_zerocopy selftest (git-fixes).
- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).
- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).
- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).
- selftests: make order checking verbose in msg_zerocopy selftest (git-fixes).
- selftests: mptcp: add ms units for tc-netem delay (stable-fixes).
- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).
- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).
- selftests: net: move amt to socat for better compatibility (git-fixes).
- selftests: sud_test: return correct emulated syscall value on RISC-V (stable-fixes).
- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).
- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).
- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).
- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).
- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).
- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).
- selinux: avoid dereference of garbage after mount failure (git-fixes).
- selinux: introduce an initial SID for early boot processes (bsc#1208593).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).
- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).
- serial: Lock console when calling into driver before registration (git-fixes).
- serial: bcm63xx-uart: fix tx after conversion to uart_port_tx_limited() (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
- serial: core: introduce uart_port_tx_limited_flags() (git-fixes).
- serial: core: only stop transmit when HW fifo is empty (git-fixes).
- serial: exar: adding missing CTI and Exar PCI ids (stable-fixes).
- serial: imx: Introduce timeout when waiting on transmitter empty (stable-fixes).
- serial: imx: Raise TX trigger level to 8 (stable-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
- serial: max3100: Update uart_driver_registered on driver removal (git-fixes).
- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).
- serial: max310x: fix syntax error in IRQ error message (git-fixes).
- serial: mxs-auart: add spinlock around changing cts state (git-fixes).
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
- serial: stm32: Reset .throttled state in .startup() (git-fixes).
- series.conf: cleanup Fix subsection header to silence series_insert error.
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes, bsc#1225172).
- smb3: allow controlling maximum number of cached directories (git-fixes, bsc#1225172).
- smb3: do not start laundromat thread when dir leases disabled (git-fixes, bsc#1225172).
- smb3: show beginning time for per share stats (bsc#1225172).
- smb: client: do not start laundromat thread on nohandlecache (git-fixes, bsc#1225172).
- smb: client: ensure to try all targets when finding nested links (bsc#1225172).
- smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1225172).
- smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes, bsc#1225172).
- smb: client: get rid of dfs code dep in namespace.c (bsc#1225172).
- smb: client: get rid of dfs naming in automount code (bsc#1225172).
- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1225172).
- smb: client: make laundromat a delayed worker (git-fixes, bsc#1225172).
- smb: client: prevent new fids from being removed by laundromat (git-fixes, bsc#1225172).
- smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1225172).
- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1225172).
- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1225172).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).
- soc: qcom: pdr: fix parsing of domains lists (git-fixes).
- soc: qcom: pdr: protect locator_addr with the main mutex (git-fixes).
- soc: qcom: pmic_glink: Handle the return value of pmic_glink_init (git-fixes).
- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).
- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).
- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
- soc: qcom: rpmh-rsc: Ensure irqs are not disabled by rpmh_rsc_send_data() callers (git-fixes).
- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).
- soc: xilinx: rename cpu_number1 to dummy_cpu_number (git-fixes).
- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).
- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).
- soundwire: cadence: fix invalid PDI offset (stable-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).
- spi: atmel-quadspi: Add missing check for clk_prepare (git-fixes).
- spi: cadence: Ensure data lines set to low during dummy-cycle period (stable-fixes).
- spi: fix null pointer dereference within spi_sync (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).
- spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).
- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).
- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).
- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).
- spi: microchip-core: defer asserting chip select until just before write to TX FIFO (git-fixes).
- spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer (git-fixes).
- spi: microchip-core: fix the issues in the isr (git-fixes).
- spi: microchip-core: only disable SPI controller when register value change requires it (git-fixes).
- spi: mux: set ctlr->bits_per_word_mask (stable-fixes).
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).
- spi: spi-microchip-core: Fix the number of chip selects supported (git-fixes).
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
- spi: spidev: add correct compatible for Rohm BH2228FV (git-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- spi: stm32: qspi: Clamp stm32_qspi_get_mode() output to CCR_BUSWIDTH_4 (git-fixes).
- spi: stm32: qspi: Fix dual flash mode sanity test in stm32_qspi_setup() (git-fixes).
- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).
- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
- ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (stable-fixes).
- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).
- staging: vc04_services: fix information leak in create_component() (git-fixes).
- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).
- stmmac: Clear variable when destroying workqueue (git-fixes).
- struct acpi_ec kABI workaround (git-fixes).
- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).
- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)
- supported.conf: Add APM X-Gene SoC hardware monitoring driver (jsc#PED-8649) Module is marked supported because of merge from SP6, but lets add reference to SLM6.0 maintenance task.
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8644)
- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)
- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.
- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.
- supported.conf: mark vdpa modules supported (jsc#PED-8954)
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
- supported.conf: update for mt76 stuff (bsc#1227149)
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)
- swiotlb: use the calculated number of areas (git-fixes).
- tcp: Dump bound-only sockets in inet_diag (bsc#1204562).
- thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data (stable-fixes).
- thermal/drivers/mediatek/lvts_thermal: Return error in case of invalid efuse data (git-fixes).
- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).
- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).
- thunderbolt: Introduce tb_port_reset() (stable-fixes).
- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).
- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).
- thunderbolt: debugfs: Fix margin debugfs node creation condition (git-fixes).
- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).
- tls: do not skip over different type records from the rx_list (bsc#1221858).
- tls: fix peeking with sync+async decryption (bsc#1221858).
- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).
- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
- tools/memory-model: Fix bug in lock.cat (git-fixes).
- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).
- tools/power turbostat: Remember global max_die_id (stable-fixes).
- tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs (stable-fixes).
- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).
- tools: ynl: do not leak mcast_groups on init error (git-fixes).
- tools: ynl: fix handling of multiple mcast groups (git-fixes).
- tools: ynl: make sure we always pass yarg to mnl_cb_run (git-fixes).
- tpm_tis: Do *not* flush uninitialized work (git-fixes).
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
- tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).
- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
- tracing: Build event generation tests only as modules (git-fixes).
- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
- tracing: Remove precision vsnprintf() check from print event (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tty: mcf: MCF54418 has 10 UARTS (git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
- tty: n_tty: Fix buffer offsets when lookahead is used (git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
- ubifs: Set page uptodate in the correct place (git-fixes).
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
- ubifs: fix sort function prototype (git-fixes).
- usb-storage: alauda: Check whether the media is initialized (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).
- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc3-am62: Disable wakeup at remove (git-fixes).
- usb: dwc3-am62: Rename private data (git-fixes).
- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).
- usb: dwc3: core: Add DWC31 version 2.00a controller (stable-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: dwc3: core: Workaround for CSR read timeout (stable-fixes).
- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).
- usb: dwc3: pci: Do not set "linux,phy_charger_detect" property on Lenovo Yoga Tab2 1380 (stable-fixes).
- usb: dwc3: pci: Drop duplicate ID (git-fixes).
- usb: dwc3: pci: add support for the Intel Panther Lake (stable-fixes).
- usb: fotg210: Add missing kernel doc description (git-fixes).
- usb: gadget: aspeed_udc: fix device address configuration (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: function: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).
- usb: gadget: printer: SS+ support (stable-fixes).
- usb: gadget: printer: fix races against disable (git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).
- usb: gadget: uvc: configfs: ensure guid to be valid before set (stable-fixes).
- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).
- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).
- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).
- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: phy: generic: Get the vbus supply (git-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).
- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).
- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).
- usb: typec: tcpm: Update PD of Type-C port upon pd_set (git-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).
- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: typec: ucsi: Check for notifications after init (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).
- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).
- usb: typec: ucsi: Never send a lone connector change ack (stable-fixes).
- usb: typec: ucsi: always register a link to USB PD device (git-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
- usb: typec: ucsi: glink: fix child node release in probe function (git-fixes).
- usb: typec: ucsi: simplify partner's PD caps registration (git-fixes).
- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).
- usb: typec: ucsi_glink: drop special handling for CCI_BUSY (stable-fixes).
- usb: ucsi: stm32: fix command completion handling (git-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- usb: xhci-plat: Do not include xhci.h (stable-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper.
- usb: xhci: correct return value in case of STS_HCE (git-fixes).
- usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (stable-fixes).
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
- vboxsf: explicitly deny setlease attempts (stable-fixes).
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- vdpa_sim: reset must not run (git-fixes).
- veth: try harder when allocating queue memory (git-fixes).
- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).
- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).
- virtio_net: Do not send RSS key if it is not supported (git-fixes).
- virtio_net: avoid data-races on dev->stats fields (git-fixes).
- virtio_net: checksum offloading handling fix (git-fixes).
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
- vmlinux.lds.h: catch .bss..L* sections into BSS") (git-fixes).
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- watchdog: bd9576: Drop "always-running" property (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
- watchdog: rzg2l_wdt: Check return status of pm_runtime_put() (git-fixes).
- watchdog: rzg2l_wdt: Use pm_runtime_resume_and_get() (git-fixes).
- watchdog: rzn1: Convert comma to semicolon (git-fixes).
- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).
- wifi: add HAS_IOPORT dependencies (bsc#1227149).
- wifi: ar5523: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: ath10/11/12k: Use alloc_ordered_workqueue() to create ordered workqueues (bsc#1227149).
- wifi: ath10k: Annotate struct ath10k_ce_ring with __counted_by (bsc#1227149).
- wifi: ath10k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath10k: Drop checks that are always false (bsc#1227149).
- wifi: ath10k: Drop cleaning of driver data from probe error path and remove (bsc#1227149).
- wifi: ath10k: Fix a few spelling errors (bsc#1227149).
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: ath10k: Fix enum ath10k_fw_crash_dump_type kernel-doc (bsc#1227149).
- wifi: ath10k: Fix htt_data_tx_completion kernel-doc warning (bsc#1227149).
- wifi: ath10k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath10k: Remove unused struct ath10k_htc_frame (bsc#1227149).
- wifi: ath10k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).
- wifi: ath10k: Use DECLARE_FLEX_ARRAY() for ath10k_htc_record (bsc#1227149).
- wifi: ath10k: Use list_count_nodes() (bsc#1227149).
- wifi: ath10k: add missing wmi_10_4_feature_mask documentation (bsc#1227149).
- wifi: ath10k: add support to allow broadcast action frame RX (bsc#1227149).
- wifi: ath10k: consistently use kstrtoX_from_user() functions (bsc#1227149).
- wifi: ath10k: correctly document enum wmi_tlv_tx_pause_id (bsc#1227149).
- wifi: ath10k: drop HTT_DATA_TX_STATUS_DOWNLOAD_FAIL (bsc#1227149).
- wifi: ath10k: fix QCOM_RPROC_COMMON dependency (git-fixes).
- wifi: ath10k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).
- wifi: ath10k: fix htt_q_state_conf & htt_q_state kernel-doc (bsc#1227149).
- wifi: ath10k: improve structure padding (bsc#1227149).
- wifi: ath10k: indicate to mac80211 scan complete with aborted flag for ATH10K_SCAN_STARTING state (bsc#1227149).
- wifi: ath10k: poll service ready message before failing (git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath10k: remove ath10k_htc_record::pauload[] (bsc#1227149).
- wifi: ath10k: remove duplicate memset() in 10.4 TDLS peer update (bsc#1227149).
- wifi: ath10k: remove struct wmi_pdev_chanlist_update_event (bsc#1227149).
- wifi: ath10k: remove unused template structs (bsc#1227149).
- wifi: ath10k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath10k: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: ath10k: simplify __ath10k_htt_tx_txq_recalc() (bsc#1227149).
- wifi: ath10k: simplify ath10k_peer_create() (bsc#1227149).
- wifi: ath10k: use flexible array in struct wmi_host_mem_chunks (bsc#1227149).
- wifi: ath10k: use flexible array in struct wmi_tdls_peer_capabilities (bsc#1227149).
- wifi: ath10k: use flexible arrays for WMI start scan TLVs (bsc#1227149).
- wifi: ath11k: Add HTT stats for PHY reset case (bsc#1227149).
- wifi: ath11k: Add coldboot calibration support for QCN9074 (bsc#1227149).
- wifi: ath11k: Allow ath11k to boot without caldata in ftm mode (bsc#1227149).
- wifi: ath11k: Consistently use ath11k_vif_to_arvif() (bsc#1227149).
- wifi: ath11k: Consolidate WMI peer flags (bsc#1227149).
- wifi: ath11k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath11k: Do not directly use scan_flags in struct scan_req_params (bsc#1227149).
- wifi: ath11k: EMA beacon support (bsc#1227149).
- wifi: ath11k: Fix a few spelling errors (bsc#1227149).
- wifi: ath11k: Fix ath11k_htc_record flexible record (bsc#1227149).
- wifi: ath11k: Introduce and use ath11k_sta_to_arsta() (bsc#1227149).
- wifi: ath11k: MBSSID beacon support (bsc#1227149).
- wifi: ath11k: MBSSID configuration during vdev create/start (bsc#1227149).
- wifi: ath11k: MBSSID parameter configuration in AP mode (bsc#1227149).
- wifi: ath11k: Really consistently use ath11k_vif_to_arvif() (bsc#1227149).
- wifi: ath11k: Relocate the func ath11k_mac_bitrate_mask_num_ht_rates() and change hweight16 to hweight8 (bsc#1227149).
- wifi: ath11k: Remove ath11k_base::bd_api (bsc#1227149).
- wifi: ath11k: Remove cal_done check during probe (bsc#1227149).
- wifi: ath11k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).
- wifi: ath11k: Remove scan_flags union from struct scan_req_params (bsc#1227149).
- wifi: ath11k: Remove struct ath11k::ops (bsc#1227149).
- wifi: ath11k: Remove unneeded semicolon (bsc#1227149).
- wifi: ath11k: Remove unused declarations (bsc#1227149).
- wifi: ath11k: Remove unused struct ath11k_htc_frame (bsc#1227149).
- wifi: ath11k: Send HT fixed rate in WMI peer fixed param (bsc#1227149).
- wifi: ath11k: Split coldboot calibration hw_param (bsc#1227149).
- wifi: ath11k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).
- wifi: ath11k: Use device_get_match_data() (bsc#1227149).
- wifi: ath11k: Use list_count_nodes() (bsc#1227149).
- wifi: ath11k: add WMI event debug messages (bsc#1227149).
- wifi: ath11k: add WMI_TLV_SERVICE_EXT_TPC_REG_SUPPORT service bit (bsc#1227149).
- wifi: ath11k: add chip id board name while searching board-2.bin for WCN6855 (bsc#1227149).
- wifi: ath11k: add firmware-2.bin support (bsc#1227149).
- wifi: ath11k: add handler for WMI_VDEV_SET_TPC_POWER_CMDID (bsc#1227149).
- wifi: ath11k: add parse of transmit power envelope element (bsc#1227149).
- wifi: ath11k: add parsing of phy bitmap for reg rules (bsc#1227149).
- wifi: ath11k: add support for QCA2066 (bsc#1227149).
- wifi: ath11k: add support to select 6 GHz regulatory type (bsc#1227149).
- wifi: ath11k: ath11k_debugfs_register(): fix format-truncation warning (bsc#1227149).
- wifi: ath11k: avoid forward declaration of ath11k_mac_start_vdev_delay() (bsc#1227149).
- wifi: ath11k: call ath11k_mac_fils_discovery() without condition (bsc#1227149).
- wifi: ath11k: constify MHI channel and controller configs (bsc#1227149).
- wifi: ath11k: debug: add ATH11K_DBG_CE (bsc#1227149).
- wifi: ath11k: debug: remove unused ATH11K_DBG_ANY (bsc#1227149).
- wifi: ath11k: debug: use all upper case in ATH11k_DBG_HAL (bsc#1227149).
- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
- wifi: ath11k: do not use %pK (bsc#1227149).
- wifi: ath11k: document HAL_RX_BUF_RBM_SW4_BM (bsc#1227149).
- wifi: ath11k: dp: cleanup debug message (bsc#1227149).
- wifi: ath11k: driver settings for MBSSID and EMA (bsc#1227149).
- wifi: ath11k: drop NULL pointer check in ath11k_update_per_peer_tx_stats() (bsc#1227149).
- wifi: ath11k: drop redundant check in ath11k_dp_rx_mon_dest_process() (bsc#1227149).
- wifi: ath11k: enable 36 bit mask for stream DMA (bsc#1227149).
- wifi: ath11k: factory test mode support (bsc#1227149).
- wifi: ath11k: fill parameters for vdev set tpc power WMI command (bsc#1227149).
- wifi: ath11k: fix CAC running state during virtual interface start (bsc#1227149).
- wifi: ath11k: fix IOMMU errors on buffer rings (bsc#1227149).
- wifi: ath11k: fix RCU documentation in ath11k_mac_op_ipv6_changed() (git-fixes).
- wifi: ath11k: fix WCN6750 firmware crash caused by 17 num_vdevs (bsc#1227149).
- wifi: ath11k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).
- wifi: ath11k: fix a possible dead lock caused by ab->base_lock (bsc#1227149).
- wifi: ath11k: fix ath11k_mac_op_remain_on_channel() stack usage (bsc#1227149).
- wifi: ath11k: fix connection failure due to unexpected peer delete (bsc#1227149).
- wifi: ath11k: fix tid bitmap is 0 in peer rx mu stats (bsc#1227149).
- wifi: ath11k: fix wrong definition of CE ring's base address (git-fixes).
- wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).
- wifi: ath11k: hal: cleanup debug message (bsc#1227149).
- wifi: ath11k: htc: cleanup debug messages (bsc#1227149).
- wifi: ath11k: initialize eirp_power before use (bsc#1227149).
- wifi: ath11k: mac: fix struct ieee80211_sband_iftype_data handling (bsc#1227149).
- wifi: ath11k: mhi: add a warning message for MHI_CB_EE_RDDM crash (bsc#1227149).
- wifi: ath11k: move pci.ops registration ahead (bsc#1227149).
- wifi: ath11k: move power type check to ASSOC stage when connecting to 6 GHz AP (bsc#1227149).
- wifi: ath11k: move references from rsvd2 to info fields (bsc#1227149).
- wifi: ath11k: pci: cleanup debug logging (bsc#1227149).
- wifi: ath11k: print debug level in debug messages (bsc#1227149).
- wifi: ath11k: provide address list if chip supports 2 stations (bsc#1227149).
- wifi: ath11k: qmi: refactor ath11k_qmi_m3_load() (bsc#1227149).
- wifi: ath11k: refactor ath11k_wmi_tlv_parse_alloc() (bsc#1227149).
- wifi: ath11k: refactor setting country code logic (stable-fixes).
- wifi: ath11k: refactor vif parameter configurations (bsc#1227149).
- wifi: ath11k: rely on mac80211 debugfs handling for vif (bsc#1227149).
- wifi: ath11k: remove ath11k_htc_record::pauload[] (bsc#1227149).
- wifi: ath11k: remove invalid peer create logic (bsc#1227149).
- wifi: ath11k: remove manual mask names from debug messages (bsc#1227149).
- wifi: ath11k: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath11k: remove unsupported event handlers (bsc#1227149).
- wifi: ath11k: remove unused function ath11k_tm_event_wmi() (bsc#1227149).
- wifi: ath11k: remove unused members of 'struct ath11k_base' (bsc#1227149).
- wifi: ath11k: remove unused scan_events from struct scan_req_params (bsc#1227149).
- wifi: ath11k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1227149).
- wifi: ath11k: rename ath11k_start_vdev_delay() (bsc#1227149).
- wifi: ath11k: rename the sc naming convention to ab (bsc#1227149).
- wifi: ath11k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).
- wifi: ath11k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath11k: restore country code during resume (git-fixes).
- wifi: ath11k: save max transmit power in vdev start response event from firmware (bsc#1227149).
- wifi: ath11k: save power spectral density(PSD) of regulatory rule (bsc#1227149).
- wifi: ath11k: simplify ath11k_mac_validate_vht_he_fixed_rate_settings() (bsc#1227149).
- wifi: ath11k: simplify the code with module_platform_driver (bsc#1227149).
- wifi: ath11k: store cur_regulatory_info for each radio (bsc#1227149).
- wifi: ath11k: support 2 station interfaces (bsc#1227149).
- wifi: ath11k: update proper pdev/vdev id for testmode command (bsc#1227149).
- wifi: ath11k: update regulatory rules when connect to AP on 6 GHz band for station (bsc#1227149).
- wifi: ath11k: update regulatory rules when interface added (bsc#1227149).
- wifi: ath11k: use RCU when accessing struct inet6_dev::ac_list (bsc#1227149).
- wifi: ath11k: use WMI_VDEV_SET_TPC_POWER_CMDID when EXT_TPC_REG_SUPPORT for 6 GHz (bsc#1227149).
- wifi: ath11k: use kstrtoul_from_user() where appropriate (bsc#1227149).
- wifi: ath11k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).
- wifi: ath11k: wmi: add unified command debug messages (bsc#1227149).
- wifi: ath11k: wmi: cleanup error handling in ath11k_wmi_send_init_country_cmd() (bsc#1227149).
- wifi: ath11k: wmi: use common error handling style (bsc#1227149).
- wifi: ath11k: workaround too long expansion sparse warnings (bsc#1227149).
- wifi: ath12k: Add logic to write QRTR node id to scratch (bsc#1227149).
- wifi: ath12k: Add missing qmi_txn_cancel() calls (bsc#1227149).
- wifi: ath12k: Add support to parse new WMI event for 6 GHz regulatory (bsc#1227149).
- wifi: ath12k: Consistently use ath12k_vif_to_arvif() (bsc#1227149).
- wifi: ath12k: Consolidate WMI peer flags (bsc#1227149).
- wifi: ath12k: Correct 6 GHz frequency value in rx status (git-fixes).
- wifi: ath12k: Do not drop tx_status in failure case (git-fixes).
- wifi: ath12k: Do not use scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: Enable Mesh support for QCN9274 (bsc#1227149).
- wifi: ath12k: Fix a few spelling errors (bsc#1227149).
- wifi: ath12k: Fix tx completion ring (WBM2SW) setup failure (git-fixes).
- wifi: ath12k: Fix uninitialized use of ret in ath12k_mac_allocate() (bsc#1227149).
- wifi: ath12k: Introduce and use ath12k_sta_to_arsta() (bsc#1227149).
- wifi: ath12k: Introduce the container for mac80211 hw (bsc#1227149).
- wifi: ath12k: Make QMI message rules const (bsc#1227149).
- wifi: ath12k: Optimize the mac80211 hw data access (bsc#1227149).
- wifi: ath12k: Read board id to support split-PHY QCN9274 (bsc#1227149).
- wifi: ath12k: Refactor the mac80211 hw access from link/radio (bsc#1227149).
- wifi: ath12k: Remove ath12k_base::bd_api (bsc#1227149).
- wifi: ath12k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).
- wifi: ath12k: Remove some dead code (bsc#1227149).
- wifi: ath12k: Remove struct ath12k::ops (bsc#1227149).
- wifi: ath12k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath12k: Remove unnecessary struct qmi_txn initializers (bsc#1227149).
- wifi: ath12k: Remove unused declarations (bsc#1227149).
- wifi: ath12k: Remove unused scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: Set default beacon mode to burst mode (bsc#1227149).
- wifi: ath12k: Update Qualcomm Innovation Center, Inc. copyrights (stable-fixes).
- wifi: ath12k: Use initializers for QMI message buffers (bsc#1227149).
- wifi: ath12k: Use msdu_end to check MCBC (bsc#1227149).
- wifi: ath12k: Use pdev_id rather than mac_id to get pdev (bsc#1227149).
- wifi: ath12k: WMI support to process EHT capabilities (bsc#1227149).
- wifi: ath12k: add 320 MHz bandwidth enums (bsc#1227149).
- wifi: ath12k: add CE and ext IRQ flag to indicate irq_handler (bsc#1227149).
- wifi: ath12k: add EHT PHY modes (bsc#1227149).
- wifi: ath12k: add MAC id support in WBM error path (bsc#1227149).
- wifi: ath12k: add MLO header in peer association (bsc#1227149).
- wifi: ath12k: add P2P IE in beacon template (bsc#1227149).
- wifi: ath12k: add QMI PHY capability learn support (bsc#1227149).
- wifi: ath12k: add WMI support for EHT peer (bsc#1227149).
- wifi: ath12k: add ath12k_qmi_free_resource() for recovery (bsc#1227149).
- wifi: ath12k: add fallback board name without variant while searching board-2.bin (bsc#1227149).
- wifi: ath12k: add firmware-2.bin support (bsc#1227149).
- wifi: ath12k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED (bsc#1227149).
- wifi: ath12k: add keep backward compatibility of PHY mode to avoid firmware crash (bsc#1227149).
- wifi: ath12k: add msdu_end structure for WCN7850 (bsc#1227149).
- wifi: ath12k: add parsing of phy bitmap for reg rules (bsc#1227149).
- wifi: ath12k: add processing for TWT disable event (bsc#1227149).
- wifi: ath12k: add processing for TWT enable event (bsc#1227149).
- wifi: ath12k: add qmi_cnss_feature_bitmap field to hardware parameters (bsc#1227149).
- wifi: ath12k: add rcu lock for ath12k_wmi_p2p_noa_event() (bsc#1227149).
- wifi: ath12k: add read variant from SMBIOS for download board data (bsc#1227149).
- wifi: ath12k: add string type to search board data in board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: add support for BA1024 (bsc#1227149).
- wifi: ath12k: add support for collecting firmware log (bsc#1227149).
- wifi: ath12k: add support for hardware rfkill for WCN7850 (bsc#1227149).
- wifi: ath12k: add support for peer meta data version (bsc#1227149).
- wifi: ath12k: add support one MSI vector (bsc#1227149).
- wifi: ath12k: add support to search regdb data in board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: add wait operation for tx management packets for flush from mac80211 (bsc#1227149).
- wifi: ath12k: advertise P2P dev support for WCN7850 (bsc#1227149).
- wifi: ath12k: allow specific mgmt frame tx while vdev is not up (bsc#1227149).
- wifi: ath12k: ath12k_start_vdev_delay(): convert to use ar (bsc#1227149).
- wifi: ath12k: avoid deadlock by change ieee80211_queue_work for regd_update_work (bsc#1227149).
- wifi: ath12k: avoid duplicated vdev stop (git-fixes).
- wifi: ath12k: avoid explicit HW conversion argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid explicit RBM id argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid explicit mac id argument in Rxdma replenish (bsc#1227149).
- wifi: ath12k: avoid repeated hw access from ar (bsc#1227149).
- wifi: ath12k: avoid repeated wiphy access from hw (bsc#1227149).
- wifi: ath12k: call ath12k_mac_fils_discovery() without condition (bsc#1227149).
- wifi: ath12k: change DMA direction while mapping reinjected packets (git-fixes).
- wifi: ath12k: change MAC buffer ring size to 2048 (bsc#1227149).
- wifi: ath12k: change WLAN_SCAN_PARAMS_MAX_IE_LEN from 256 to 512 (bsc#1227149).
- wifi: ath12k: change interface combination for P2P mode (bsc#1227149).
- wifi: ath12k: change to initialize recovery variables earlier in ath12k_core_reset() (bsc#1227149).
- wifi: ath12k: change to treat alpha code na as world wide regdomain (bsc#1227149).
- wifi: ath12k: change to use dynamic memory for channel list of scan (bsc#1227149).
- wifi: ath12k: check M3 buffer size as well whey trying to reuse it (bsc#1227149).
- wifi: ath12k: check hardware major version for WCN7850 (bsc#1227149).
- wifi: ath12k: configure RDDM size to MHI for device recovery (bsc#1227149).
- wifi: ath12k: configure puncturing bitmap (bsc#1227149).
- wifi: ath12k: correct the data_type from QMI_OPT_FLAG to QMI_UNSIGNED_1_BYTE for mlo_capable (bsc#1227149).
- wifi: ath12k: delete the timer rx_replenish_retry during rmmod (bsc#1227149).
- wifi: ath12k: designating channel frequency for ROC scan (bsc#1227149).
- wifi: ath12k: disable QMI PHY capability learn in split-phy QCN9274 (bsc#1227149).
- wifi: ath12k: do not drop data frames from unassociated stations (bsc#1227149).
- wifi: ath12k: do not restore ASPM in case of single MSI vector (bsc#1227149).
- wifi: ath12k: drop NULL pointer check in ath12k_update_per_peer_tx_stats() (bsc#1227149).
- wifi: ath12k: drop failed transmitted frames from metric calculation (git-fixes).
- wifi: ath12k: enable 320 MHz bandwidth for 6 GHz band in EHT PHY capability for WCN7850 (bsc#1227149).
- wifi: ath12k: enable 802.11 power save mode in station mode (bsc#1227149).
- wifi: ath12k: enable IEEE80211_HW_SINGLE_SCAN_ON_ALL_BANDS for WCN7850 (bsc#1227149).
- wifi: ath12k: fetch correct pdev id from WMI_SERVICE_READY_EXT_EVENTID (bsc#1227149).
- wifi: ath12k: fix PCI read and write (bsc#1227149).
- wifi: ath12k: fix WARN_ON during ath12k_mac_update_vif_chan (bsc#1227149).
- wifi: ath12k: fix broken structure wmi_vdev_create_cmd (bsc#1227149).
- wifi: ath12k: fix conf_mutex in ath12k_mac_op_unassign_vif_chanctx() (bsc#1227149).
- wifi: ath12k: fix debug messages (bsc#1227149).
- wifi: ath12k: fix fetching MCBC flag for QCN9274 (bsc#1227149).
- wifi: ath12k: fix firmware assert during insmod in memory segment mode (bsc#1227149).
- wifi: ath12k: fix firmware crash during reo reinject (git-fixes).
- wifi: ath12k: fix invalid m3 buffer address (bsc#1227149).
- wifi: ath12k: fix invalid memory access while processing fragmented packets (git-fixes).
- wifi: ath12k: fix kernel crash during resume (bsc#1227149).
- wifi: ath12k: fix license in p2p.c and p2p.h (bsc#1227149).
- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).
- wifi: ath12k: fix peer metadata parsing (git-fixes).
- wifi: ath12k: fix potential wmi_mgmt_tx_queue race condition (bsc#1227149).
- wifi: ath12k: fix radar detection in 160 MHz (bsc#1227149).
- wifi: ath12k: fix recovery fail while firmware crash when doing channel switch (bsc#1227149).
- wifi: ath12k: fix the error handler of rfkill config (bsc#1227149).
- wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 (bsc#1227149).
- wifi: ath12k: fix the problem that down grade phy mode operation (bsc#1227149).
- wifi: ath12k: fix wrong definition of CE ring's base address (git-fixes).
- wifi: ath12k: fix wrong definitions of hal_reo_update_rx_queue (bsc#1227149).
- wifi: ath12k: get msi_data again after request_irq is called (bsc#1227149).
- wifi: ath12k: implement handling of P2P NoA event (bsc#1227149).
- wifi: ath12k: implement remain on channel for P2P mode (bsc#1227149).
- wifi: ath12k: increase vdev setup timeout (bsc#1227149).
- wifi: ath12k: indicate NON MBSSID vdev by default during vdev start (bsc#1227149).
- wifi: ath12k: indicate scan complete for scan canceled when scan running (bsc#1227149).
- wifi: ath12k: indicate to mac80211 scan complete with aborted flag for ATH12K_SCAN_STARTING state (bsc#1227149).
- wifi: ath12k: move HE capabilities processing to a new function (bsc#1227149).
- wifi: ath12k: move peer delete after vdev stop of station for WCN7850 (bsc#1227149).
- wifi: ath12k: parse WMI service ready ext2 event (bsc#1227149).
- wifi: ath12k: peer assoc for 320 MHz (bsc#1227149).
- wifi: ath12k: prepare EHT peer assoc parameters (bsc#1227149).
- wifi: ath12k: propagate EHT capabilities to userspace (bsc#1227149).
- wifi: ath12k: refactor DP Rxdma ring structure (bsc#1227149).
- wifi: ath12k: refactor QMI MLO host capability helper function (bsc#1227149).
- wifi: ath12k: refactor ath12k_bss_assoc() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_allocate() and ath12k_mac_destroy() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_ampdu_action() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_conf_tx() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_config() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_configure_filter() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_flush() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_start() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_stop() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_op_update_vif_offload() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_register() and ath12k_mac_unregister() (bsc#1227149).
- wifi: ath12k: refactor ath12k_mac_setup_channels_rates() (bsc#1227149).
- wifi: ath12k: refactor ath12k_wmi_tlv_parse_alloc() (bsc#1227149).
- wifi: ath12k: refactor multiple MSI vector implementation (bsc#1227149).
- wifi: ath12k: refactor the rfkill worker (bsc#1227149).
- wifi: ath12k: register EHT mesh capabilities (bsc#1227149).
- wifi: ath12k: relax list iteration in ath12k_mac_vif_unref() (bsc#1227149).
- wifi: ath12k: relocate ath12k_dp_pdev_pre_alloc() call (bsc#1227149).
- wifi: ath12k: remove hal_desc_sz from hw params (bsc#1227149).
- wifi: ath12k: remove redundant memset() in ath12k_hal_reo_qdesc_setup() (bsc#1227149).
- wifi: ath12k: remove the unused scan_events from ath12k_wmi_scan_req_arg (bsc#1227149).
- wifi: ath12k: remove unused ATH12K_BD_IE_BOARD_EXT (bsc#1227149).
- wifi: ath12k: rename HE capabilities setup/copy functions (bsc#1227149).
- wifi: ath12k: rename the sc naming convention to ab (bsc#1227149).
- wifi: ath12k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).
- wifi: ath12k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: ath12k: send WMI_PEER_REORDER_QUEUE_SETUP_CMDID when ADDBA session starts (bsc#1227149).
- wifi: ath12k: set IRQ affinity to CPU0 in case of one MSI vector (bsc#1227149).
- wifi: ath12k: set PERST pin no pull request for WCN7850 (bsc#1227149).
- wifi: ath12k: split hal_ops to support RX TLVs word mask compaction (bsc#1227149).
- wifi: ath12k: subscribe required word mask from rx tlv (bsc#1227149).
- wifi: ath12k: support default regdb while searching board-2.bin for WCN7850 (bsc#1227149).
- wifi: ath12k: trigger station disconnect on hardware restart (bsc#1227149).
- wifi: ath12k: use ATH12K_PCI_IRQ_DP_OFFSET for DP IRQ (bsc#1227149).
- wifi: ath12k: use correct flag field for 320 MHz channels (bsc#1227149).
- wifi: ath12k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).
- wifi: ath5k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath5k: Remove redundant dev_err() (bsc#1227149).
- wifi: ath5k: ath5k_hw_get_median_noise_floor(): use swap() (bsc#1227149).
- wifi: ath5k: remove phydir check from ath5k_debug_init_device() (bsc#1227149).
- wifi: ath5k: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath5k: remove unused ath5k_eeprom_info::ee_antenna (bsc#1227149).
- wifi: ath5k: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: ath6kl: Remove error checking for debugfs_create_dir() (bsc#1227149).
- wifi: ath6kl: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath6kl: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: ath9k: Convert to platform remove callback returning void (bsc#1227149).
- wifi: ath9k: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: ath9k: Remove unnecessary ternary operators (bsc#1227149).
- wifi: ath9k: Remove unused declarations (bsc#1227149).
- wifi: ath9k: avoid using uninitialized array (bsc#1227149).
- wifi: ath9k: clean up function ath9k_hif_usb_resume (bsc#1227149).
- wifi: ath9k: consistently use kstrtoX_from_user() functions (bsc#1227149).
- wifi: ath9k: delete some unused/duplicate macros (bsc#1227149).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
- wifi: ath9k: fix parameter check in ath9k_init_debug() (bsc#1227149).
- wifi: ath9k: remove redundant assignment to variable ret (bsc#1227149).
- wifi: ath9k: reset survey of current channel after a scan started (bsc#1227149).
- wifi: ath9k: simplify ar9003_hw_process_ini() (bsc#1227149).
- wifi: ath9k: use u32 for txgain indexes (bsc#1227149).
- wifi: ath9k: work around memset overflow warning (bsc#1227149).
- wifi: ath9k_htc: fix format-truncation warning (bsc#1227149).
- wifi: ath: Use is_multicast_ether_addr() to check multicast Ether address (bsc#1227149).
- wifi: ath: dfs_pattern_detector: Use flex array to simplify code (bsc#1227149).
- wifi: ath: remove unused-but-set parameter (bsc#1227149).
- wifi: ath: work around false-positive stringop-overread warning (bsc#1227149).
- wifi: atk10k: Do not opencode ath10k_pci_priv() in ath10k_ahb_priv() (bsc#1227149).
- wifi: atmel: remove unused ioctl function (bsc#1227149).
- wifi: b43: silence sparse warnings (bsc#1227149).
- wifi: brcm80211: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).
- wifi: brcmfmac: Annotate struct brcmf_gscan_config with __counted_by (bsc#1227149).
- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).
- wifi: brcmfmac: Detect corner error case earlier with log (bsc#1227149).
- wifi: brcmfmac: add linefeed at end of file (bsc#1227149).
- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).
- wifi: brcmfmac: allow per-vendor event handling (bsc#1227149).
- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).
- wifi: brcmfmac: do not cast hidden SSID attribute value to boolean (bsc#1227149).
- wifi: brcmfmac: do not pass hidden SSID attribute as value directly (bsc#1227149).
- wifi: brcmfmac: export firmware interface functions (bsc#1227149).
- wifi: brcmfmac: firmware: Annotate struct brcmf_fw_request with __counted_by (bsc#1227149).
- wifi: brcmfmac: fix format-truncation warnings (bsc#1227149).
- wifi: brcmfmac: fix gnu_printf warnings (bsc#1227149).
- wifi: brcmfmac: fweh: Add __counted_by for struct brcmf_fweh_queue_item and use struct_size() (bsc#1227149).
- wifi: brcmfmac: fweh: Fix boot crash on Raspberry Pi 4 (bsc#1227149).
- wifi: brcmfmac: move feature overrides before feature_disable (bsc#1227149).
- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).
- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).
- wifi: brcmsmac: cleanup SCB-related data types (bsc#1227149).
- wifi: brcmsmac: fix gnu_printf warnings (bsc#1227149).
- wifi: brcmsmac: phy: Remove unreachable code (bsc#1227149).
- wifi: brcmsmac: remove more unused data types (bsc#1227149).
- wifi: brcmsmac: remove unused data type (bsc#1227149).
- wifi: brcmsmac: replace deprecated strncpy with memcpy (bsc#1227149).
- wifi: brcmsmac: silence sparse warnings (bsc#1227149).
- wifi: brcmutil: use helper function pktq_empty() instead of open code (bsc#1227149).
- wifi: carl9170: Remove redundant assignment to pointer super (bsc#1227149).
- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- wifi: carl9170: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: cfg80211: Add support for setting TID to link mapping (bsc#1227149).
- wifi: cfg80211: Allow AP/P2PGO to indicate port authorization to peer STA/P2PClient (bsc#1227149).
- wifi: cfg80211: Extend support for scanning while MLO connected (bsc#1227149).
- wifi: cfg80211: Fix typo in documentation (bsc#1227149).
- wifi: cfg80211: Handle specific BSSID in 6GHz scanning (bsc#1227149).
- wifi: cfg80211: Include operating class 137 in 6GHz band (bsc#1227149).
- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).
- wifi: cfg80211: OWE DH IE handling offload (bsc#1227149).
- wifi: cfg80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: cfg80211: Schedule regulatory check on BSS STA channel change (bsc#1227149).
- wifi: cfg80211: Update the default DSCP-to-UP mapping (bsc#1227149).
- wifi: cfg80211: add BSS usage reporting (bsc#1227149).
- wifi: cfg80211: add RNR with reporting AP information (bsc#1227149).
- wifi: cfg80211: add a flag to disable wireless extensions (bsc#1227149).
- wifi: cfg80211: add local_state_change to deauth trace (bsc#1227149).
- wifi: cfg80211: add locked debugfs wrappers (bsc#1227149).
- wifi: cfg80211: add support for SPP A-MSDUs (bsc#1227149).
- wifi: cfg80211: address several kerneldoc warnings (bsc#1227149).
- wifi: cfg80211: allow reg update by driver even if wiphy->regd is set (bsc#1227149).
- wifi: cfg80211: annotate iftype_data pointer with sparse (bsc#1227149).
- wifi: cfg80211: avoid double free if updating BSS fails (bsc#1227149).
- wifi: cfg80211: call reg_call_notifier on beacon hints (bsc#1227149).
- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).
- wifi: cfg80211: check RTNL when iterating devices (bsc#1227149).
- wifi: cfg80211: check wiphy mutex is held for wdev mutex (bsc#1227149).
- wifi: cfg80211: consume both probe response and beacon IEs (bsc#1227149).
- wifi: cfg80211: detect stuck ECSA element in probe resp (bsc#1227149).
- wifi: cfg80211: ensure cfg80211_bss_update frees IEs on error (bsc#1227149).
- wifi: cfg80211: export DFS CAC time and usable state helper functions (bsc#1227149).
- wifi: cfg80211: expose nl80211_chan_width_to_mhz for wide sharing (bsc#1227149).
- wifi: cfg80211: fix 6 GHz scan request building (stable-fixes).
- wifi: cfg80211: fix CQM for non-range use (bsc#1227149).
- wifi: cfg80211: fix header kernel-doc typos (bsc#1227149).
- wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush() (bsc#1227149).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
- wifi: cfg80211: fix spelling & punctutation (bsc#1227149).
- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).
- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: fully move wiphy work to unbound workqueue (git-fixes).
- wifi: cfg80211: generate an ML element for per-STA profiles (bsc#1227149).
- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).
- wifi: cfg80211: handle UHB AP and STA power type (bsc#1227149).
- wifi: cfg80211: hold wiphy lock in cfg80211_any_wiphy_oper_chan() (bsc#1227149).
- wifi: cfg80211: hold wiphy mutex for send_interface (bsc#1227149).
- wifi: cfg80211: improve documentation for flag fields (bsc#1227149).
- wifi: cfg80211: introduce cfg80211_ssid_eq() (bsc#1227149).
- wifi: cfg80211: make RX assoc data const (bsc#1227149).
- wifi: cfg80211: make read-only array centers_80mhz static const (bsc#1227149).
- wifi: cfg80211: modify prototype for change_beacon (bsc#1227149).
- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).
- wifi: cfg80211: reg: Support P2P operation on DFS channels (bsc#1227149).
- wifi: cfg80211: reg: describe return values in kernel-doc (bsc#1227149).
- wifi: cfg80211: reg: fix various kernel-doc issues (bsc#1227149).
- wifi: cfg80211: reg: hold wiphy mutex for wdev iteration (bsc#1227149).
- wifi: cfg80211: remove scan_width support (bsc#1227149).
- wifi: cfg80211: remove wdev mutex (bsc#1227149).
- wifi: cfg80211: rename UHB to 6 GHz (bsc#1227149).
- wifi: cfg80211: report per-link errors during association (bsc#1227149).
- wifi: cfg80211: report unprotected deauth/disassoc in wowlan (bsc#1227149).
- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).
- wifi: cfg80211: save power spectral density(psd) of regulatory rule (bsc#1227149).
- wifi: cfg80211: set correct param change count in ML element (bsc#1227149).
- wifi: cfg80211: sme: hold wiphy lock for wdev iteration (bsc#1227149).
- wifi: cfg80211: sort certificates in build (bsc#1227149).
- wifi: cfg80211: split struct cfg80211_ap_settings (bsc#1227149).
- wifi: cfg80211: validate HE operation element parsing (bsc#1227149).
- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).
- wifi: cfg80211: wext: convert return value to kernel-doc (bsc#1227149).
- wifi: cfg80211: wext: set ssids=NULL for passive scans (git-fixes).
- wifi: cw1200: Avoid processing an invalid TIM IE (bsc#1227149).
- wifi: cw1200: Convert to GPIO descriptors (bsc#1227149).
- wifi: cw1200: fix __le16 sparse warnings (bsc#1227149).
- wifi: cw1200: restore endian swapping (bsc#1227149).
- wifi: drivers: Explicitly include correct DT includes (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for Broadcom WLAN (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for ar5523 (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for mt76 drivers (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for p54spi (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wcn36xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wilc1000 (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wl1251 and wl12xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wl18xx (bsc#1227149).
- wifi: fill in MODULE_DESCRIPTION()s for wlcore (bsc#1227149).
- wifi: hostap: Add __counted_by for struct prism2_download_data and use struct_size() (bsc#1227149).
- wifi: hostap: fix stringop-truncations GCC warning (bsc#1227149).
- wifi: hostap: remove unused ioctl function (bsc#1227149).
- wifi: ieee80211: add UL-bandwidth definition of trigger frame (bsc#1227149).
- wifi: ieee80211: add definitions for negotiated TID to Link map (bsc#1227149).
- wifi: ieee80211: check for NULL in ieee80211_mle_size_ok() (stable-fixes).
- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).
- wifi: iwlmei: do not send SAP messages if AMT is disabled (bsc#1227149).
- wifi: iwlmei: do not send nic info with invalid mac address (bsc#1227149).
- wifi: iwlmei: send HOST_GOES_DOWN message even if wiamt is disabled (bsc#1227149).
- wifi: iwlmei: send driver down SAP message only if wiamt is enabled (bsc#1227149).
- wifi: iwlmvm: fw: Add new OEM vendor to tas approved list (bsc#1227149).
- wifi: iwlwifi: Add rf_mapping of new wifi7 devices (bsc#1227149).
- wifi: iwlwifi: Add support for PPAG cmd v5 and PPAG revision 3 (bsc#1227149).
- wifi: iwlwifi: Add support for new 802.11be device (bsc#1227149).
- wifi: iwlwifi: Do not mark DFS channels as NO-IR (bsc#1227149).
- wifi: iwlwifi: Extract common prph mac/phy regions data dump logic (bsc#1227149).
- wifi: iwlwifi: Fix spelling mistake "SESION" -> "SESSION" (bsc#1227149).
- wifi: iwlwifi: Use request_module_nowait (bsc#1227149).
- wifi: iwlwifi: abort scan when rfkill on but device enabled (bsc#1227149).
- wifi: iwlwifi: add HONOR to PPAG approved list (bsc#1227149).
- wifi: iwlwifi: add Razer to ppag approved list (bsc#1227149).
- wifi: iwlwifi: add mapping of a periphery register crf for WH RF (bsc#1227149).
- wifi: iwlwifi: add new RF support for wifi7 (bsc#1227149).
- wifi: iwlwifi: add support for SNPS DPHYIP region type (bsc#1227149).
- wifi: iwlwifi: add support for a wiphy_work rx handler (bsc#1227149).
- wifi: iwlwifi: add support for activating UNII-1 in WW via BIOS (bsc#1227149).
- wifi: iwlwifi: add support for new ini region types (bsc#1227149).
- wifi: iwlwifi: adjust rx_phyinfo debugfs to MLO (bsc#1227149).
- wifi: iwlwifi: always have 'uats_enabled' (bsc#1227149).
- wifi: iwlwifi: api: clean up some kernel-doc/typos (bsc#1227149).
- wifi: iwlwifi: api: dbg-tlv: fix up kernel-doc (bsc#1227149).
- wifi: iwlwifi: api: fix a small upper/lower-case typo (bsc#1227149).
- wifi: iwlwifi: api: fix center_freq label in PHY diagram (bsc#1227149).
- wifi: iwlwifi: api: fix constant version to match FW (bsc#1227149).
- wifi: iwlwifi: api: fix kernel-doc reference (bsc#1227149).
- wifi: iwlwifi: bump FW API to 84 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 86 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 87 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: bump FW API to 88 for AX/BZ/SC devices (bsc#1227149).
- wifi: iwlwifi: cancel session protection only if there is one (bsc#1227149).
- wifi: iwlwifi: change link id in time event to s8 (bsc#1227149).
- wifi: iwlwifi: check for kmemdup() return value in iwl_parse_tlv_firmware() (bsc#1227149).
- wifi: iwlwifi: cleanup BT Shared Single Antenna code (bsc#1227149).
- wifi: iwlwifi: cleanup sending PER_CHAIN_LIMIT_OFFSET_CMD (bsc#1227149).
- wifi: iwlwifi: cleanup uefi variables loading (bsc#1227149).
- wifi: iwlwifi: clear link_id in time_event (bsc#1227149).
- wifi: iwlwifi: dbg-tlv: avoid extra allocation/copy (bsc#1227149).
- wifi: iwlwifi: dbg-tlv: use struct_size() for allocation (bsc#1227149).
- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).
- wifi: iwlwifi: disable 160 MHz based on subsystem device ID (bsc#1227149).
- wifi: iwlwifi: disable eSR when BT is active (bsc#1227149).
- wifi: iwlwifi: disable multi rx queue for 9000 (bsc#1227149).
- wifi: iwlwifi: do not check TAS block list size twice (bsc#1227149).
- wifi: iwlwifi: do not use TRUE/FALSE with bool (bsc#1227149).
- wifi: iwlwifi: drop NULL pointer check in iwl_mvm_tzone_set_trip_temp() (bsc#1227149).
- wifi: iwlwifi: dvm: remove kernel-doc warnings (bsc#1227149).
- wifi: iwlwifi: error-dump: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fail NIC access fast on dead NIC (bsc#1227149).
- wifi: iwlwifi: fix #ifdef CONFIG_ACPI check (bsc#1227149).
- wifi: iwlwifi: fix iwl_mvm_get_valid_rx_ant() (git-fixes).
- wifi: iwlwifi: fix opmode start/stop race (bsc#1227149).
- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: fix system commands group ordering (bsc#1227149).
- wifi: iwlwifi: fix the rf step and flavor bits range (bsc#1227149).
- wifi: iwlwifi: fw: Add support for UATS table in UHB (bsc#1227149).
- wifi: iwlwifi: fw: Fix debugfs command sending (bsc#1227149).
- wifi: iwlwifi: fw: allow vmalloc for PNVM image (bsc#1227149).
- wifi: iwlwifi: fw: dbg: ensure correct config name sizes (bsc#1227149).
- wifi: iwlwifi: fw: disable firmware debug asserts (bsc#1227149).
- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
- wifi: iwlwifi: fw: file: clean up kernel-doc (bsc#1227149).
- wifi: iwlwifi: fw: file: do not use [0] for variable arrays (bsc#1227149).
- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).
- wifi: iwlwifi: fw: fix compiler warning for NULL string print (bsc#1227149).
- wifi: iwlwifi: fw: increase fw_version string size (bsc#1227149).
- wifi: iwlwifi: fw: reconstruct the API/CAPA enum number (bsc#1227149).
- wifi: iwlwifi: fw: replace deprecated strncpy with strscpy_pad (bsc#1227149).
- wifi: iwlwifi: handle per-phy statistics from fw (bsc#1227149).
- wifi: iwlwifi: implement GLAI ACPI table loading (bsc#1227149).
- wifi: iwlwifi: implement can_activate_links callback (bsc#1227149).
- wifi: iwlwifi: implement enable/disable for China 2022 regulatory (bsc#1227149).
- wifi: iwlwifi: iwl-fh.h: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: iwl-trans.h: clean up kernel-doc (bsc#1227149).
- wifi: iwlwifi: iwlmvm: handle unprotected deauth/disassoc in d3 (bsc#1227149).
- wifi: iwlwifi: load b0 version of ucode for HR1/HR2 (bsc#1227149).
- wifi: iwlwifi: make TB reallocation a debug message (bsc#1227149).
- wifi: iwlwifi: make time_events MLO aware (bsc#1227149).
- wifi: iwlwifi: mei: return error from register when not built (bsc#1227149).
- wifi: iwlwifi: mvm: Add basic link selection logic (bsc#1227149).
- wifi: iwlwifi: mvm: Add support for removing responder TKs (bsc#1227149).
- wifi: iwlwifi: mvm: Allow DFS concurrent operation (bsc#1227149).
- wifi: iwlwifi: mvm: Configure the link mapping for non-MLD FW (bsc#1227149).
- wifi: iwlwifi: mvm: Correctly report TSF data in scan complete (bsc#1227149).
- wifi: iwlwifi: mvm: Declare support for secure LTF measurement (bsc#1227149).
- wifi: iwlwifi: mvm: Do not warn if valid link pair was not found (bsc#1227149).
- wifi: iwlwifi: mvm: Do not warn on invalid link on scan complete (bsc#1227149).
- wifi: iwlwifi: mvm: Extend support for P2P service discovery (bsc#1227149).
- wifi: iwlwifi: mvm: Fix FTM initiator flags (bsc#1227149).
- wifi: iwlwifi: mvm: Fix scan abort handling with HW rfkill (stable-fixes).
- wifi: iwlwifi: mvm: Fix unreachable code path (bsc#1227149).
- wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).
- wifi: iwlwifi: mvm: Keep connection in case of missed beacons during RX (bsc#1227149).
- wifi: iwlwifi: mvm: Return success if link could not be removed (bsc#1227149).
- wifi: iwlwifi: mvm: Use the link ID provided in scan request (bsc#1227149).
- wifi: iwlwifi: mvm: add US/Canada MCC to API (bsc#1227149).
- wifi: iwlwifi: mvm: add a debug print when we get a BAR (bsc#1227149).
- wifi: iwlwifi: mvm: add a debugfs hook to clear the monitor data (bsc#1227149).
- wifi: iwlwifi: mvm: add a per-link debugfs (bsc#1227149).
- wifi: iwlwifi: mvm: add a print when sending RLC command (bsc#1227149).
- wifi: iwlwifi: mvm: add start mac ctdp sum calculation debugfs handler (bsc#1227149).
- wifi: iwlwifi: mvm: add support for TID to link mapping neg request (bsc#1227149).
- wifi: iwlwifi: mvm: add support for new wowlan_info_notif (bsc#1227149).
- wifi: iwlwifi: mvm: advertise MLO only if EHT is enabled (bsc#1227149).
- wifi: iwlwifi: mvm: advertise support for SCS traffic description (bsc#1227149).
- wifi: iwlwifi: mvm: advertise support for protected ranging negotiation (bsc#1227149).
- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).
- wifi: iwlwifi: mvm: always update keys in D3 exit (bsc#1227149).
- wifi: iwlwifi: mvm: avoid garbage iPN (bsc#1227149).
- wifi: iwlwifi: mvm: calculate EMLSR mode after connection (bsc#1227149).
- wifi: iwlwifi: mvm: check AP supports EMLSR (bsc#1227149).
- wifi: iwlwifi: mvm: check for iwl_mvm_mld_update_sta() errors (bsc#1227149).
- wifi: iwlwifi: mvm: check link more carefully (bsc#1227149).
- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).
- wifi: iwlwifi: mvm: check own capabilities for EMLSR (bsc#1227149).
- wifi: iwlwifi: mvm: cleanup MLO and non-MLO unification code (bsc#1227149).
- wifi: iwlwifi: mvm: combine condition/warning (bsc#1227149).
- wifi: iwlwifi: mvm: consider having one active link (bsc#1227149).
- wifi: iwlwifi: mvm: const-ify chandef pointers (bsc#1227149).
- wifi: iwlwifi: mvm: cycle FW link on chanctx removal (bsc#1227149).
- wifi: iwlwifi: mvm: d3: avoid intermediate/early mutex unlock (bsc#1227149).
- wifi: iwlwifi: mvm: d3: disconnect on GTK rekey failure (bsc#1227149).
- wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).
- wifi: iwlwifi: mvm: d3: implement suspend with MLO (bsc#1227149).
- wifi: iwlwifi: mvm: debugfs for fw system stats (bsc#1227149).
- wifi: iwlwifi: mvm: define RX queue sync timeout as a macro (bsc#1227149).
- wifi: iwlwifi: mvm: disable MLO for the time being (bsc#1227149).
- wifi: iwlwifi: mvm: disallow puncturing in US/Canada (bsc#1227149).
- wifi: iwlwifi: mvm: disconnect long CSA only w/o alternative (bsc#1227149).
- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed (bsc#1227149).
- wifi: iwlwifi: mvm: do not abort queue sync in CT-kill (bsc#1227149).
- wifi: iwlwifi: mvm: do not add dummy phy context (bsc#1227149).
- wifi: iwlwifi: mvm: do not always disable EMLSR due to BT coex (bsc#1227149).
- wifi: iwlwifi: mvm: do not do duplicate detection for nullfunc packets (bsc#1227149).
- wifi: iwlwifi: mvm: do not initialize csa_work twice (git-fixes).
- wifi: iwlwifi: mvm: do not limit VLP/AFC to UATS-enabled (git-fixes).
- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).
- wifi: iwlwifi: mvm: do not send BT_COEX_CI command on new devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not send NDPs for new tx devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not send STA_DISABLE_TX_CMD for newer firmware (bsc#1227149).
- wifi: iwlwifi: mvm: do not send the smart fifo command if not needed (bsc#1227149).
- wifi: iwlwifi: mvm: do not set trigger frame padding in AP mode (bsc#1227149).
- wifi: iwlwifi: mvm: do not support reduced tx power on ack for new devices (bsc#1227149).
- wifi: iwlwifi: mvm: do not wake up rx_sync_waitq upon RFKILL (git-fixes).
- wifi: iwlwifi: mvm: enable FILS DF Tx on non-PSC channel (bsc#1227149).
- wifi: iwlwifi: mvm: enable HE TX/RX <242 tone RU on new RFs (bsc#1227149).
- wifi: iwlwifi: mvm: expand queue sync warning messages (bsc#1227149).
- wifi: iwlwifi: mvm: extend alive timeout to 2 seconds (bsc#1227149).
- wifi: iwlwifi: mvm: fix ROC version check (bsc#1227149).
- wifi: iwlwifi: mvm: fix SB CFG check (bsc#1227149).
- wifi: iwlwifi: mvm: fix a battery life regression (bsc#1227149).
- wifi: iwlwifi: mvm: fix a crash on 7265 (bsc#1227149).
- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).
- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).
- wifi: iwlwifi: mvm: fix kernel-doc (bsc#1227149).
- wifi: iwlwifi: mvm: fix link ID management (bsc#1227149).
- wifi: iwlwifi: mvm: fix recovery flow in CSA (bsc#1227149).
- wifi: iwlwifi: mvm: fix regdb initialization (bsc#1227149).
- wifi: iwlwifi: mvm: fix the PHY context resolution for p2p device (bsc#1227149).
- wifi: iwlwifi: mvm: fix the TXF mapping for BZ devices (bsc#1227149).
- wifi: iwlwifi: mvm: fix the key PN index (bsc#1227149).
- wifi: iwlwifi: mvm: fix thermal kernel-doc (bsc#1227149).
- wifi: iwlwifi: mvm: fold the ref++ into iwl_mvm_phy_ctxt_add (bsc#1227149).
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).
- wifi: iwlwifi: mvm: handle BA session teardown in RF-kill (stable-fixes).
- wifi: iwlwifi: mvm: handle debugfs names more carefully (bsc#1227149).
- wifi: iwlwifi: mvm: handle link-STA allocation in restart (bsc#1227149).
- wifi: iwlwifi: mvm: implement ROC version 3 (bsc#1227149).
- wifi: iwlwifi: mvm: implement new firmware API for statistics (bsc#1227149).
- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).
- wifi: iwlwifi: mvm: increase session protection after CSA (bsc#1227149).
- wifi: iwlwifi: mvm: init vif works only once (git-fixes).
- wifi: iwlwifi: mvm: introduce PHY_CONTEXT_CMD_API_VER_5 (bsc#1227149).
- wifi: iwlwifi: mvm: introduce esr_disable_reason (bsc#1227149).
- wifi: iwlwifi: mvm: iterate active links for STA queues (bsc#1227149).
- wifi: iwlwifi: mvm: limit EHT 320 MHz MCS for STEP URM (bsc#1227149).
- wifi: iwlwifi: mvm: limit pseudo-D3 to 60 seconds (bsc#1227149).
- wifi: iwlwifi: mvm: log dropped frames (bsc#1227149).
- wifi: iwlwifi: mvm: log dropped packets due to MIC error (bsc#1227149).
- wifi: iwlwifi: mvm: make "pldr_sync" mode effective (bsc#1227149).
- wifi: iwlwifi: mvm: make functions public (bsc#1227149).
- wifi: iwlwifi: mvm: make pldr_sync AX210 specific (bsc#1227149).
- wifi: iwlwifi: mvm: move BA notif messages before action (bsc#1227149).
- wifi: iwlwifi: mvm: move RU alloc B2 placement (bsc#1227149).
- wifi: iwlwifi: mvm: move listen interval to constants (bsc#1227149).
- wifi: iwlwifi: mvm: offload IGTK in AP if BIGTK is supported (bsc#1227149).
- wifi: iwlwifi: mvm: partially support PHY context version 6 (bsc#1227149).
- wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF (bsc#1227149).
- wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).
- wifi: iwlwifi: mvm: reduce maximum RX A-MPDU size (bsc#1227149).
- wifi: iwlwifi: mvm: refactor TX rate handling (bsc#1227149).
- wifi: iwlwifi: mvm: refactor duplicate chanctx condition (bsc#1227149).
- wifi: iwlwifi: mvm: remove EHT code from mac80211.c (bsc#1227149).
- wifi: iwlwifi: mvm: remove IWL_MVM_STATUS_NEED_FLUSH_P2P (bsc#1227149).
- wifi: iwlwifi: mvm: remove flags for enable/disable beacon filter (bsc#1227149).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: remove one queue sync on BA session stop (bsc#1227149).
- wifi: iwlwifi: mvm: remove set_tim callback for MLD ops (bsc#1227149).
- wifi: iwlwifi: mvm: remove stale STA link data during restart (stable-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).
- wifi: iwlwifi: mvm: rework debugfs handling (bsc#1227149).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).
- wifi: iwlwifi: mvm: set properly mac header (git-fixes).
- wifi: iwlwifi: mvm: show dump even for pldr_sync (bsc#1227149).
- wifi: iwlwifi: mvm: show skb_mac_gso_segment() failure reason (bsc#1227149).
- wifi: iwlwifi: mvm: simplify the reorder buffer (bsc#1227149).
- wifi: iwlwifi: mvm: skip adding debugfs symlink for reconfig (bsc#1227149).
- wifi: iwlwifi: mvm: support CSA with MLD (bsc#1227149).
- wifi: iwlwifi: mvm: support SPP A-MSDUs (bsc#1227149).
- wifi: iwlwifi: mvm: support flush on AP interfaces (bsc#1227149).
- wifi: iwlwifi: mvm: support injection antenna control (bsc#1227149).
- wifi: iwlwifi: mvm: support iwl_dev_tx_power_cmd_v8 (bsc#1227149).
- wifi: iwlwifi: mvm: support set_antenna() (bsc#1227149).
- wifi: iwlwifi: mvm: unlock mvm if there is no primary link (bsc#1227149).
- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).
- wifi: iwlwifi: mvm: use fast balance scan in case of an active P2P GO (bsc#1227149).
- wifi: iwlwifi: mvm: use the new command to clear the internal buffer (bsc#1227149).
- wifi: iwlwifi: mvm: work around A-MSDU size problem (bsc#1227149).
- wifi: iwlwifi: no power save during transition to D3 (bsc#1227149).
- wifi: iwlwifi: nvm-parse: advertise common packet padding (bsc#1227149).
- wifi: iwlwifi: nvm: parse the VLP/AFC bit from regulatory (bsc#1227149).
- wifi: iwlwifi: pcie: (re-)assign BAR0 on driver bind (bsc#1227149).
- wifi: iwlwifi: pcie: Add new PCI device id and CNVI (bsc#1227149).
- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).
- wifi: iwlwifi: pcie: clean up WFPM control bits (bsc#1227149).
- wifi: iwlwifi: pcie: clean up device removal work (bsc#1227149).
- wifi: iwlwifi: pcie: clean up gen1/gen2 TFD unmap (bsc#1227149).
- wifi: iwlwifi: pcie: do not allow hw-rfkill to stop device on gen2 (bsc#1227149).
- wifi: iwlwifi: pcie: dump CSRs before removal (bsc#1227149).
- wifi: iwlwifi: pcie: enable TOP fatal error interrupt (bsc#1227149).
- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).
- wifi: iwlwifi: pcie: fix kernel-doc issues (bsc#1227149).
- wifi: iwlwifi: pcie: get_crf_id() can be void (bsc#1227149).
- wifi: iwlwifi: pcie: give up mem read if HW is dead (bsc#1227149).
- wifi: iwlwifi: pcie: move gen1 TB handling to header (bsc#1227149).
- wifi: iwlwifi: pcie: point invalid TFDs to invalid data (bsc#1227149).
- wifi: iwlwifi: pcie: propagate iwl_pcie_gen2_apm_init() error (bsc#1227149).
- wifi: iwlwifi: pcie: rescan bus if no parent (bsc#1227149).
- wifi: iwlwifi: prepare for reading DSM from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading PPAG table from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading SAR tables from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading SPLC from UEFI (bsc#1227149).
- wifi: iwlwifi: prepare for reading TAS table from UEFI (bsc#1227149).
- wifi: iwlwifi: properly check if link is active (bsc#1227149).
- wifi: iwlwifi: properly set WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK (stable-fixes).
- wifi: iwlwifi: queue: fix kernel-doc (bsc#1227149).
- wifi: iwlwifi: queue: improve warning for no skb in reclaim (bsc#1227149).
- wifi: iwlwifi: queue: move iwl_txq_gen2_set_tb() up (bsc#1227149).
- wifi: iwlwifi: read DSM func 2 for specific RF types (bsc#1227149).
- wifi: iwlwifi: read DSM functions from UEFI (bsc#1227149).
- wifi: iwlwifi: read ECKV table from UEFI (bsc#1227149).
- wifi: iwlwifi: read PPAG table from UEFI (bsc#1227149).
- wifi: iwlwifi: read SAR tables from UEFI (bsc#1227149).
- wifi: iwlwifi: read SPLC from UEFI (bsc#1227149).
- wifi: iwlwifi: read WRDD table from UEFI (bsc#1227149).
- wifi: iwlwifi: read WTAS table from UEFI (bsc#1227149).
- wifi: iwlwifi: read mac step from aux register (bsc#1227149).
- wifi: iwlwifi: read txq->read_ptr under lock (stable-fixes).
- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).
- wifi: iwlwifi: refactor RX tracing (bsc#1227149).
- wifi: iwlwifi: remove 'def_rx_queue' struct member (bsc#1227149).
- wifi: iwlwifi: remove Gl A-step remnants (bsc#1227149).
- wifi: iwlwifi: remove WARN from read_mem32() (bsc#1227149).
- wifi: iwlwifi: remove async command callback (bsc#1227149).
- wifi: iwlwifi: remove dead-code (bsc#1227149).
- wifi: iwlwifi: remove extra kernel-doc (bsc#1227149).
- wifi: iwlwifi: remove memory check for LMAC error address (bsc#1227149).
- wifi: iwlwifi: remove retry loops in start (bsc#1227149).
- wifi: iwlwifi: remove unused function prototype (bsc#1227149).
- wifi: iwlwifi: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: iwlwifi: return negative -EINVAL instead of positive EINVAL (bsc#1227149).
- wifi: iwlwifi: rfi: use a single DSM function for all RFI configurations (bsc#1227149).
- wifi: iwlwifi: send EDT table to FW (bsc#1227149).
- wifi: iwlwifi: separate TAS 'read-from-BIOS' and 'send-to-FW' flows (bsc#1227149).
- wifi: iwlwifi: simplify getting DSM from ACPI (bsc#1227149).
- wifi: iwlwifi: skip affinity setting on non-SMP (bsc#1227149).
- wifi: iwlwifi: skip opmode start retries on dead transport (bsc#1227149).
- wifi: iwlwifi: small cleanups in PPAG table flows (bsc#1227149).
- wifi: iwlwifi: support link command version 2 (bsc#1227149).
- wifi: iwlwifi: support link id in SESSION_PROTECTION_NOTIF (bsc#1227149).
- wifi: iwlwifi: support link_id in SESSION_PROTECTION cmd (bsc#1227149).
- wifi: iwlwifi: take SGOM and UATS code out of ACPI ifdef (bsc#1227149).
- wifi: iwlwifi: take send-DSM-to-FW flows out of ACPI ifdef (bsc#1227149).
- wifi: iwlwifi: trace full frames with TX status request (bsc#1227149).
- wifi: iwlwifi: update context info structure definitions (bsc#1227149).
- wifi: iwlwifi: use system_unbound_wq for debug dump (bsc#1227149).
- wifi: iwlwifi: validate PPAG table when sent to FW (bsc#1227149).
- wifi: lib80211: remove unused variables iv32 and iv16 (bsc#1227149).
- wifi: libertas: Follow renaming of SPI "master" to "controller" (bsc#1227149).
- wifi: libertas: add missing calls to cancel_work_sync() (bsc#1227149).
- wifi: libertas: cleanup SDIO reset (bsc#1227149).
- wifi: libertas: handle possible spu_write_u16() errors (bsc#1227149).
- wifi: libertas: prefer kstrtoX() for simple integer conversions (bsc#1227149).
- wifi: libertas: simplify list operations in free_if_spi_card() (bsc#1227149).
- wifi: libertas: use convenient lists to manage SDIO packets (bsc#1227149).
- wifi: mac80211: Add __counted_by for struct ieee802_11_elems and use struct_size() (bsc#1227149).
- wifi: mac80211: Avoid address calculations via out of bounds array indexing (stable-fixes).
- wifi: mac80211: Check if we had first beacon with relevant links (bsc#1227149).
- wifi: mac80211: Do not force off-channel for management Tx with MLO (bsc#1227149).
- wifi: mac80211: Do not include crypto/algapi.h (bsc#1227149).
- wifi: mac80211: Extend support for scanning while MLO connected (bsc#1227149).
- wifi: mac80211: Fix SMPS handling in the context of MLO (bsc#1227149).
- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).
- wifi: mac80211: Notify the low level driver on change in MLO valid links (bsc#1227149).
- wifi: mac80211: Print local link address during authentication (bsc#1227149).
- wifi: mac80211: Recalc offload when monitor stop (git-fixes).
- wifi: mac80211: Remove unused function declarations (bsc#1227149).
- wifi: mac80211: Rename and update IEEE80211_VIF_DISABLE_SMPS_OVERRIDE (bsc#1227149).
- wifi: mac80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).
- wifi: mac80211: Sanity check tx bitrate if not provided by driver (bsc#1227149).
- wifi: mac80211: Schedule regulatory channels check on bandwith change (bsc#1227149).
- wifi: mac80211: Skip association timeout update after comeback rejection (bsc#1227149).
- wifi: mac80211: add a driver callback to add vif debugfs (bsc#1227149).
- wifi: mac80211: add a driver callback to check active_links (bsc#1227149).
- wifi: mac80211: add a flag to disallow puncturing (bsc#1227149).
- wifi: mac80211: add back SPDX identifier (bsc#1227149).
- wifi: mac80211: add ieee80211_tdls_sta_link_id() (stable-fixes).
- wifi: mac80211: add link id to ieee80211_gtk_rekey_add() (bsc#1227149).
- wifi: mac80211: add link id to mgd_prepare_tx() (bsc#1227149).
- wifi: mac80211: add more ops assertions (bsc#1227149).
- wifi: mac80211: add more warnings about inserting sta info (bsc#1227149).
- wifi: mac80211: add support for SPP A-MSDUs (bsc#1227149).
- wifi: mac80211: add support for mld in ieee80211_chswitch_done (bsc#1227149).
- wifi: mac80211: add support for parsing TID to Link mapping element (bsc#1227149).
- wifi: mac80211: add/remove driver debugfs entries as appropriate (bsc#1227149).
- wifi: mac80211: additions to change_beacon() (bsc#1227149).
- wifi: mac80211: address some kerneldoc warnings (bsc#1227149).
- wifi: mac80211: allow 64-bit radiotap timestamps (bsc#1227149).
- wifi: mac80211: allow for_each_sta_active_link() under RCU (bsc#1227149).
- wifi: mac80211: apply mcast rate only if interface is up (stable-fixes).
- wifi: mac80211: cancel multi-link reconf work on disconnect (git-fixes).
- wifi: mac80211: chanctx emulation set CHANGE_CHANNEL when in_reconfig (git-fixes).
- wifi: mac80211: check EHT/TTLM action frame length (bsc#1227149).
- wifi: mac80211: check wiphy mutex in ops (bsc#1227149).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).
- wifi: mac80211: cleanup airtime arithmetic with ieee80211_sta_keep_active() (bsc#1227149).
- wifi: mac80211: cleanup auth_data only if association continues (bsc#1227149).
- wifi: mac80211: convert A-MPDU work to wiphy work (bsc#1227149).
- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).
- wifi: mac80211: correctly set active links upon TTLM (bsc#1227149).
- wifi: mac80211: correcty limit wider BW TDLS STAs (git-fixes).
- wifi: mac80211: debugfs: lock wiphy instead of RTNL (bsc#1227149).
- wifi: mac80211: describe return values in kernel-doc (bsc#1227149).
- wifi: mac80211: disable softirqs for queued frame handling (git-fixes).
- wifi: mac80211: do not connect to an AP while it's in a CSA process (bsc#1227149).
- wifi: mac80211: do not re-add debugfs entries during resume (bsc#1227149).
- wifi: mac80211: do not select link ID if not provided in scan request (bsc#1227149).
- wifi: mac80211: do not set ESS capab bit in assoc request (bsc#1227149).
- wifi: mac80211: do not use rate mask for scanning (stable-fixes).
- wifi: mac80211: drop robust action frames before assoc (bsc#1227149).
- wifi: mac80211: drop spurious WARN_ON() in ieee80211_ibss_csa_beacon() (bsc#1227149).
- wifi: mac80211: ensure beacon is non-S1G prior to extracting the beacon timestamp field (stable-fixes).
- wifi: mac80211: ethtool: always hold wiphy mutex (bsc#1227149).
- wifi: mac80211: ethtool: hold wiphy mutex (bsc#1227149).
- wifi: mac80211: expand __ieee80211_data_to_8023() status (bsc#1227149).
- wifi: mac80211: extend wiphy lock in interface removal (bsc#1227149).
- wifi: mac80211: fix BA session teardown race (bsc#1227149).
- wifi: mac80211: fix BSS_CHANGED_UNSOL_BCAST_PROBE_RESP (bsc#1227149).
- wifi: mac80211: fix SMPS status handling (bsc#1227149).
- wifi: mac80211: fix TXQ error path and cleanup (bsc#1227149).
- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).
- wifi: mac80211: fix a expired vs. cancel race in roc (bsc#1227149).
- wifi: mac80211: fix advertised TTLM scheduling (bsc#1227149).
- wifi: mac80211: fix another key installation error path (bsc#1227149).
- wifi: mac80211: fix change_address deadlock during unregister (bsc#1227149).
- wifi: mac80211: fix channel switch link data (bsc#1227149).
- wifi: mac80211: fix driver debugfs for vif type change (bsc#1227149).
- wifi: mac80211: fix error path key leak (bsc#1227149).
- wifi: mac80211: fix header kernel-doc typos (bsc#1227149).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
- wifi: mac80211: fix ieee80211_drop_unencrypted_mgmt return type/value (bsc#1227149).
- wifi: mac80211: fix monitor channel with chanctx emulation (bsc#1227149).
- wifi: mac80211: fix potential key leak (bsc#1227149).
- wifi: mac80211: fix prep_connection error path (stable-fixes).
- wifi: mac80211: fix spelling typo in comment (bsc#1227149).
- wifi: mac80211: fix unaligned le16 access (git-fixes).
- wifi: mac80211: fix unsolicited broadcast probe config (bsc#1227149).
- wifi: mac80211: fix various kernel-doc issues (bsc#1227149).
- wifi: mac80211: fixes in FILS discovery updates (bsc#1227149).
- wifi: mac80211: flush STA queues on unauthorization (bsc#1227149).
- wifi: mac80211: flush wiphy work where appropriate (bsc#1227149).
- wifi: mac80211: handle debugfs when switching to/from MLO (bsc#1227149).
- wifi: mac80211: handle tasklet frames before stopping (stable-fixes).
- wifi: mac80211: hold wiphy lock in netdev/link debugfs (bsc#1227149).
- wifi: mac80211: hold wiphy_lock around concurrency checks (bsc#1227149).
- wifi: mac80211: improve CSA/ECSA connection refusal (bsc#1227149).
- wifi: mac80211: initialize SMPS mode correctly (bsc#1227149).
- wifi: mac80211: lock wiphy for aggregation debugfs (bsc#1227149).
- wifi: mac80211: lock wiphy in IP address notifier (bsc#1227149).
- wifi: mac80211: make mgd_protect_tdls_discover MLO-aware (bsc#1227149).
- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).
- wifi: mac80211: mesh: Remove unused function declaration mesh_ids_set_default() (bsc#1227149).
- wifi: mac80211: mesh: fix some kdoc warnings (bsc#1227149).
- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).
- wifi: mac80211: move CSA finalize to wiphy work (bsc#1227149).
- wifi: mac80211: move DFS CAC work to wiphy work (bsc#1227149).
- wifi: mac80211: move TDLS work to wiphy work (bsc#1227149).
- wifi: mac80211: move color change finalize to wiphy work (bsc#1227149).
- wifi: mac80211: move dynamic PS to wiphy work (bsc#1227149).
- wifi: mac80211: move filter reconfig to wiphy work (bsc#1227149).
- wifi: mac80211: move key tailroom work to wiphy work (bsc#1227149).
- wifi: mac80211: move link activation work to wiphy work (bsc#1227149).
- wifi: mac80211: move monitor work to wiphy work (bsc#1227149).
- wifi: mac80211: move tspec work to wiphy work (bsc#1227149).
- wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-fixes).
- wifi: mac80211: process and save negotiated TID to Link mapping request (bsc#1227149).
- wifi: mac80211: purge TX queues in flush_queues flow (bsc#1227149).
- wifi: mac80211: reduce iflist_mtx (bsc#1227149).
- wifi: mac80211: reject MLO channel configuration if not supported (bsc#1227149).
- wifi: mac80211: relax RCU check in for_each_vif_active_link() (bsc#1227149).
- wifi: mac80211: remove RX_DROP_UNUSABLE (bsc#1227149).
- wifi: mac80211: remove ampdu_mlme.mtx (bsc#1227149).
- wifi: mac80211: remove chanctx_mtx (bsc#1227149).
- wifi: mac80211: remove key_mtx (bsc#1227149).
- wifi: mac80211: remove link before AP (git-fixes).
- wifi: mac80211: remove local->mtx (bsc#1227149).
- wifi: mac80211: remove redundant ML element check (bsc#1227149).
- wifi: mac80211: remove shifted rate support (bsc#1227149).
- wifi: mac80211: remove sta_mtx (bsc#1227149).
- wifi: mac80211: remove unnecessary struct forward declaration (bsc#1227149).
- wifi: mac80211: rename ieee80211_tx_status() to ieee80211_tx_status_skb() (bsc#1227149).
- wifi: mac80211: rename struct cfg80211_rx_assoc_resp to cfg80211_rx_assoc_resp_data (bsc#1227149).
- wifi: mac80211: report per-link error during association (bsc#1227149).
- wifi: mac80211: reset negotiated TTLM on disconnect (git-fixes).
- wifi: mac80211: rework RX timestamp flags (bsc#1227149).
- wifi: mac80211: rework ack_frame_id handling a bit (bsc#1227149).
- wifi: mac80211: rx.c: fix sentence grammar (bsc#1227149).
- wifi: mac80211: set wiphy for virtual monitors (bsc#1227149).
- wifi: mac80211: simplify non-chanctx drivers (bsc#1227149).
- wifi: mac80211: split ieee80211_drop_unencrypted_mgmt() return value (bsc#1227149).
- wifi: mac80211: sta_info.c: fix sentence grammar (bsc#1227149).
- wifi: mac80211: support antenna control in injection (bsc#1227149).
- wifi: mac80211: support handling of advertised TID-to-link mapping (bsc#1227149).
- wifi: mac80211: take MBSSID/EHT data also from probe resp (bsc#1227149).
- wifi: mac80211: take wiphy lock for MAC addr change (bsc#1227149).
- wifi: mac80211: tx: clarify conditions in if statement (bsc#1227149).
- wifi: mac80211: update beacon counters per link basis (bsc#1227149).
- wifi: mac80211: update some locking documentation (bsc#1227149).
- wifi: mac80211: update the rx_chains after set_antenna() (bsc#1227149).
- wifi: mac80211: use bandwidth indication element for CSA (bsc#1227149).
- wifi: mac80211: use deflink and fix typo in link ID check (bsc#1227149).
- wifi: mac80211: use wiphy locked debugfs for sdata/link (bsc#1227149).
- wifi: mac80211: use wiphy locked debugfs helpers for agg_status (bsc#1227149).
- wifi: mac80211_hwsim: init peer measurement result (git-fixes).
- wifi: mt7601u: delete dead code checking debugfs returns (bsc#1227149).
- wifi: mt7601u: replace strlcpy() with strscpy() (bsc#1227149).
- wifi: mt76: Annotate struct mt76_rx_tid with __counted_by (bsc#1227149).
- wifi: mt76: Convert to platform remove callback returning void (bsc#1227149).
- wifi: mt76: Remove redundant assignment to variable tidno (bsc#1227149).
- wifi: mt76: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: mt76: Replace strlcpy() with strscpy() (bsc#1227149).
- wifi: mt76: Use PTR_ERR_OR_ZERO() to simplify code (bsc#1227149).
- wifi: mt76: add DMA mapping error check in mt76_alloc_txwi() (bsc#1227149).
- wifi: mt76: add ability to explicitly forbid LED registration with DT (bsc#1227149).
- wifi: mt76: add support for providing eeprom in nvmem cells (bsc#1227149).
- wifi: mt76: add tx_nss histogram to ethtool stats (bsc#1227149).
- wifi: mt76: change txpower init to per-phy (bsc#1227149).
- wifi: mt76: check sta rx control frame to multibss capability (bsc#1227149).
- wifi: mt76: check txs format before getting skb by pid (bsc#1227149).
- wifi: mt76: check vif type before reporting cca and csa (bsc#1227149).
- wifi: mt76: connac: add MBSSID support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add beacon duplicate TX mode support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add beacon protection support for mt7996 (bsc#1227149).
- wifi: mt76: connac: add connac3 mac library (bsc#1227149).
- wifi: mt76: connac: add data field in struct tlv (bsc#1227149).
- wifi: mt76: connac: add eht support for phy mode config (bsc#1227149).
- wifi: mt76: connac: add eht support for tx power (bsc#1227149).
- wifi: mt76: connac: add firmware support for mt7992 (bsc#1227149).
- wifi: mt76: connac: add more unified command IDs (bsc#1227149).
- wifi: mt76: connac: add more unified event IDs (bsc#1227149).
- wifi: mt76: connac: add new definition of tx descriptor (bsc#1227149).
- wifi: mt76: connac: add support for dsp firmware download (bsc#1227149).
- wifi: mt76: connac: add support to set ifs time by mcu command (bsc#1227149).
- wifi: mt76: connac: add thermal protection support for mt7996 (bsc#1227149).
- wifi: mt76: connac: check for null before dereferencing (bsc#1227149).
- wifi: mt76: connac: export functions for mt7925 (bsc#1227149).
- wifi: mt76: connac: introduce helper for mt7925 chipset (bsc#1227149).
- wifi: mt76: connac: set correct muar_idx for mt799x chipsets (bsc#1227149).
- wifi: mt76: connac: set fixed_bw bit in TX descriptor for fixed rate frames (bsc#1227149).
- wifi: mt76: connac: use muar idx 0xe for non-mt799x as well (bsc#1227149).
- wifi: mt76: disable HW AMSDU when using fixed rate (bsc#1227149).
- wifi: mt76: dma: introduce __mt76_dma_queue_reset utility routine (bsc#1227149).
- wifi: mt76: enable UNII-4 channel 177 support (bsc#1227149).
- wifi: mt76: fix race condition related to checking tx queue fill status (bsc#1227149).
- wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177 (bsc#1227149).
- wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function (bsc#1227149).
- wifi: mt76: increase MT_QFLAG_WED_TYPE size (bsc#1227149).
- wifi: mt76: introduce mt76_queue_is_wed_tx_free utility routine (bsc#1227149).
- wifi: mt76: introduce wed pointer in mt76_queue (bsc#1227149).
- wifi: mt76: limit support of precal loading for mt7915 to MTD only (bsc#1227149).
- wifi: mt76: make mt76_get_of_eeprom static again (bsc#1227149).
- wifi: mt76: mmio: move mt76_mmio_wed_{init,release}_rx_buf in common code (bsc#1227149).
- wifi: mt76: move ampdu_state in mt76_wcid (bsc#1227149).
- wifi: mt76: move mt76_mmio_wed_offload_{enable,disable} in common code (bsc#1227149).
- wifi: mt76: move mt76_net_setup_tc in common code (bsc#1227149).
- wifi: mt76: move rate info in mt76_vif (bsc#1227149).
- wifi: mt76: move wed reset common code in mt76 module (bsc#1227149).
- wifi: mt76: mt7603: add missing register initialization for MT7628 (bsc#1227149).
- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).
- wifi: mt76: mt7603: disable A-MSDU tx support on MT7628 (bsc#1227149).
- wifi: mt76: mt7603: fix beacon interval after disabling a single vif (bsc#1227149).
- wifi: mt76: mt7603: fix tx filter/flush function (bsc#1227149).
- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).
- wifi: mt76: mt7603: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7603: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7615: add missing chanctx ops (bsc#1227149).
- wifi: mt76: mt7615: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).
- wifi: mt76: mt7615: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7615: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt76_connac3: move lmac queue enumeration in mt76_connac3_mac.h (bsc#1227149).
- wifi: mt76: mt76x02: fix return value check in mt76x02_mac_process_rx (bsc#1227149).
- wifi: mt76: mt76x2u: add netgear wdna3100v3 to device table (bsc#1227149).
- wifi: mt76: mt7915 add tc offloading support (bsc#1227149).
- wifi: mt76: mt7915: accumulate mu-mimo ofdma muru stats (bsc#1227149).
- wifi: mt76: mt7915: add locking for accessing mapped registers (bsc#1227149).
- wifi: mt76: mt7915: add missing chanctx ops (bsc#1227149).
- wifi: mt76: mt7915: add support for MT7981 (bsc#1227149).
- wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band (bsc#1227149).
- wifi: mt76: mt7915: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).
- wifi: mt76: mt7915: drop return in mt7915_sta_statistics (bsc#1227149).
- wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981 (bsc#1227149).
- wifi: mt76: mt7915: fix error recovery with WED enabled (bsc#1227149).
- wifi: mt76: mt7915: fix monitor mode issues (bsc#1227149).
- wifi: mt76: mt7915: move mib_stats structure in mt76.h (bsc#1227149).
- wifi: mt76: mt7915: move poll_list in mt76_wcid (bsc#1227149).
- wifi: mt76: mt7915: move sta_poll_list and sta_poll_lock in mt76_dev (bsc#1227149).
- wifi: mt76: mt7915: report tx retries/failed counts for non-WED path (bsc#1227149).
- wifi: mt76: mt7915: update mpdu density capability (bsc#1227149).
- wifi: mt76: mt7915: update mt798x_wmac_adie_patch_7976 (bsc#1227149).
- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).
- wifi: mt76: mt7921: Support temp sensor (bsc#1227149).
- wifi: mt76: mt7921: add 6GHz power type support for clc (bsc#1227149).
- wifi: mt76: mt7921: convert acpisar and clc pointers to void (bsc#1227149).
- wifi: mt76: mt7921: enable set txpower for UNII-4 (bsc#1227149).
- wifi: mt76: mt7921: fix 6GHz disabled by the missing default CLC config (bsc#1227149).
- wifi: mt76: mt7921: fix CLC command timeout when suspend/resume (bsc#1227149).
- wifi: mt76: mt7921: fix a potential association failure upon resuming (bsc#1227149).
- wifi: mt76: mt7921: fix kernel panic by accessing invalid 6GHz channel info (bsc#1227149).
- wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform (bsc#1227149).
- wifi: mt76: mt7921: fix the unfinished command of regd_notifier before suspend (bsc#1227149).
- wifi: mt76: mt7921: fix wrong 6Ghz power type (bsc#1227149).
- wifi: mt76: mt7921: get regulatory information from the clc event (bsc#1227149).
- wifi: mt76: mt7921: get rid of MT7921_RESET_TIMEOUT marco (bsc#1227149).
- wifi: mt76: mt7921: make mt7921_mac_sta_poll static (bsc#1227149).
- wifi: mt76: mt7921: move acpi_sar code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move common register definition in mt792x_regs.h (bsc#1227149).
- wifi: mt76: mt7921: move connac nic capability handling to mt7921 (bsc#1227149).
- wifi: mt76: mt7921: move debugfs shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move dma shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move hif_ops macro in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move init shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move mac shared code in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt7921: move mt7921_dma_init in pci.c (bsc#1227149).
- wifi: mt76: mt7921: move mt7921u_disconnect mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: move mt792x_hw_dev in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move mt792x_mutex_{acquire/release} in mt792x.h (bsc#1227149).
- wifi: mt76: mt7921: move runtime-pm pci code in mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: move shared runtime-pm code on mt792x-lib (bsc#1227149).
- wifi: mt76: mt7921: reduce the size of MCU firmware download Rx queue (bsc#1227149).
- wifi: mt76: mt7921: rely on mib_stats shared definition (bsc#1227149).
- wifi: mt76: mt7921: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7921: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7921: remove macro duplication in regs.h (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_dev in mt792x_dev (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_hif_ops in mt792x_hif_ops (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_phy in mt792x_phy (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_sta in mt792x_sta (bsc#1227149).
- wifi: mt76: mt7921: rename mt7921_vif in mt792x_vif (bsc#1227149).
- wifi: mt76: mt7921: support 5.9/6GHz channel config in acpi (bsc#1227149).
- wifi: mt76: mt7921: update the channel usage when the regd domain changed (bsc#1227149).
- wifi: mt76: mt7921e: report tx retries/failed counts in tx free event (bsc#1227149).
- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (stable-fixes).
- wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips (bsc#1227149).
- wifi: mt76: mt7925: add flow to avoid chip bt function fail (bsc#1227149).
- wifi: mt76: mt7925: add support to set ifs time by mcu command (bsc#1227149).
- wifi: mt76: mt7925: ensure 4-byte alignment for suspend & wow command (bsc#1227149).
- wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band (bsc#1227149).
- wifi: mt76: mt7925: fix WoW failed in encrypted mode (bsc#1227149).
- wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band (bsc#1227149).
- wifi: mt76: mt7925: fix fw download fail (bsc#1227149).
- wifi: mt76: mt7925: fix mcu query command fail (bsc#1227149).
- wifi: mt76: mt7925: fix the wrong data type for scan command (bsc#1227149).
- wifi: mt76: mt7925: fix the wrong header translation config (bsc#1227149).
- wifi: mt76: mt7925: fix typo in mt7925_init_he_caps (bsc#1227149).
- wifi: mt76: mt7925: fix wmm queue mapping (bsc#1227149).
- wifi: mt76: mt7925: remove iftype from mt7925_init_eht_caps signature (bsc#1227149).
- wifi: mt76: mt7925: support temperature sensor (bsc#1227149).
- wifi: mt76: mt7925: update PCIe DMA settings (bsc#1227149).
- wifi: mt76: mt7925e: fix use-after-free in free_irq() (bsc#1227149).
- wifi: mt76: mt792x: add the illegal value check for mtcl table of acpi (bsc#1227149).
- wifi: mt76: mt792x: fix ethtool warning (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x-lib module (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x-usb module (bsc#1227149).
- wifi: mt76: mt792x: introduce mt792x_irq_map (bsc#1227149).
- wifi: mt76: mt792x: move MT7921_PM_TIMEOUT and MT7921_HW_SCAN_TIMEOUT in common code (bsc#1227149).
- wifi: mt76: mt792x: move more dma shared code in mt792x_dma (bsc#1227149).
- wifi: mt76: mt792x: move mt7921_load_firmware in mt792x-lib module (bsc#1227149).
- wifi: mt76: mt792x: move mt7921_skb_add_usb_sdio_hdr in mt792x module (bsc#1227149).
- wifi: mt76: mt792x: move shared structure definition in mt792x.h (bsc#1227149).
- wifi: mt76: mt792x: move some common usb code in mt792x module (bsc#1227149).
- wifi: mt76: mt792x: support mt7925 chip init (bsc#1227149).
- wifi: mt76: mt792x: update the country list of EU for ACPI SAR (bsc#1227149).
- wifi: mt76: mt792xu: enable dmashdl support (bsc#1227149).
- wifi: mt76: mt7996: Add mcu commands for getting sta tx statistic (bsc#1227149).
- wifi: mt76: mt7996: Use DECLARE_FLEX_ARRAY() and fix -Warray-bounds warnings (bsc#1227149).
- wifi: mt76: mt7996: add DMA support for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: add TX statistics for EHT mode in debugfs (bsc#1227149).
- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).
- wifi: mt76: mt7996: add muru support (bsc#1227149).
- wifi: mt76: mt7996: add sanity checks for background radar trigger (stable-fixes).
- wifi: mt76: mt7996: add support for variants with auxiliary RX path (bsc#1227149).
- wifi: mt76: mt7996: add thermal sensor device support (bsc#1227149).
- wifi: mt76: mt7996: add txpower setting support (bsc#1227149).
- wifi: mt76: mt7996: adjust WFDMA settings to improve performance (bsc#1227149).
- wifi: mt76: mt7996: adjust interface num and wtbl size for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: align the format of fixed rate command (bsc#1227149).
- wifi: mt76: mt7996: check txs format before getting skb by pid (bsc#1227149).
- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).
- wifi: mt76: mt7996: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).
- wifi: mt76: mt7996: drop return in mt7996_sta_statistics (bsc#1227149).
- wifi: mt76: mt7996: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).
- wifi: mt76: mt7996: enable PPDU-TxS to host (bsc#1227149).
- wifi: mt76: mt7996: enable VHT extended NSS BW feature (bsc#1227149).
- wifi: mt76: mt7996: ensure 4-byte alignment for beacon commands (bsc#1227149).
- wifi: mt76: mt7996: fix alignment of sta info event (bsc#1227149).
- wifi: mt76: mt7996: fix fortify warning (bsc#1227149).
- wifi: mt76: mt7996: fix fw loading timeout (bsc#1227149).
- wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing (bsc#1227149).
- wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature (bsc#1227149).
- wifi: mt76: mt7996: fix size of txpower MCU command (bsc#1227149).
- wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet() (bsc#1227149).
- wifi: mt76: mt7996: fix uninitialized variable in parsing txfree (bsc#1227149).
- wifi: mt76: mt7996: get tx_retries and tx_failed from txfree (bsc#1227149).
- wifi: mt76: mt7996: handle IEEE80211_RC_SMPS_CHANGED (bsc#1227149).
- wifi: mt76: mt7996: increase tx token size (bsc#1227149).
- wifi: mt76: mt7996: introduce mt7996_band_valid() (bsc#1227149).
- wifi: mt76: mt7996: mark GCMP IGTK unsupported (bsc#1227149).
- wifi: mt76: mt7996: move radio ctrl commands to proper functions (bsc#1227149).
- wifi: mt76: mt7996: only set vif teardown cmds at remove interface (bsc#1227149).
- wifi: mt76: mt7996: rely on mib_stats shared definition (bsc#1227149).
- wifi: mt76: mt7996: rely on shared poll_list field (bsc#1227149).
- wifi: mt76: mt7996: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).
- wifi: mt76: mt7996: remove TXS queue setting (bsc#1227149).
- wifi: mt76: mt7996: remove periodic MPDU TXS request (bsc#1227149).
- wifi: mt76: mt7996: rework ampdu params setting (bsc#1227149).
- wifi: mt76: mt7996: rework register offsets for mt7992 (bsc#1227149).
- wifi: mt76: mt7996: set DMA mask to 36 bits for boards with more than 4GB of RAM (bsc#1227149).
- wifi: mt76: mt7996: support more options for mt7996_set_bitrate_mask() (bsc#1227149).
- wifi: mt76: mt7996: support mt7992 eeprom loading (bsc#1227149).
- wifi: mt76: mt7996: support per-band LED control (bsc#1227149).
- wifi: mt76: mt7996: switch to mcu command for TX GI report (bsc#1227149).
- wifi: mt76: mt7996: use u16 for val field in mt7996_mcu_set_rro signature (bsc#1227149).
- wifi: mt76: permit to load precal from NVMEM cell for mt7915 (bsc#1227149).
- wifi: mt76: permit to use alternative cell name to eeprom NVMEM load (bsc#1227149).
- wifi: mt76: reduce spin_lock_bh held up in mt76_dma_rx_cleanup (bsc#1227149).
- wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).
- wifi: mt76: report non-binding skb tx rate when WED is active (bsc#1227149).
- wifi: mt76: set page_pool napi pointer for mmio devices (bsc#1227149).
- wifi: mt76: split get_of_eeprom in subfunction (bsc#1227149).
- wifi: mt76: usb: create a dedicated queue for psd traffic (bsc#1227149).
- wifi: mt76: usb: store usb endpoint in mt76_queue (bsc#1227149).
- wifi: mt76: use atomic iface iteration for pre-TBTT work (bsc#1227149).
- wifi: mt76: use chainmask for power delta calculation (bsc#1227149).
- wifi: mwifiex: Drop unused headers (bsc#1227149).
- wifi: mwifiex: Fix interface type change (git-fixes).
- wifi: mwifiex: Refactor 1-element array into flexible array in struct mwifiex_ie_types_chan_list_param_set (bsc#1227149).
- wifi: mwifiex: Replace one-element array with flexible-array member in struct mwifiex_ie_types_rxba_sync (bsc#1227149).
- wifi: mwifiex: Set WIPHY_FLAG_NETNS_OK flag (bsc#1227149).
- wifi: mwifiex: Use default @max_active for workqueues (bsc#1227149).
- wifi: mwifiex: Use helpers to check multicast addresses (bsc#1227149).
- wifi: mwifiex: Use list_count_nodes() (bsc#1227149).
- wifi: mwifiex: cleanup adapter data (bsc#1227149).
- wifi: mwifiex: cleanup private data structures (bsc#1227149).
- wifi: mwifiex: cleanup struct mwifiex_sdio_mpa_rx (bsc#1227149).
- wifi: mwifiex: drop BUG_ON from TX paths (bsc#1227149).
- wifi: mwifiex: fix comment typos in SDIO module (bsc#1227149).
- wifi: mwifiex: followup PCIE and related cleanups (bsc#1227149).
- wifi: mwifiex: handle possible mwifiex_write_reg() errors (bsc#1227149).
- wifi: mwifiex: handle possible sscanf() errors (bsc#1227149).
- wifi: mwifiex: mwifiex_process_sleep_confirm_resp(): remove unused priv variable (bsc#1227149).
- wifi: mwifiex: prefer strscpy() over strlcpy() (bsc#1227149).
- wifi: mwifiex: simplify PCIE write operations (bsc#1227149).
- wifi: mwifiex: use MODULE_FIRMWARE to add firmware files metadata (bsc#1227149).
- wifi: mwifiex: use cfg80211_ssid_eq() instead of mwifiex_ssid_cmp() (bsc#1227149).
- wifi: mwifiex: use is_zero_ether_addr() instead of ether_addr_equal() (bsc#1227149).
- wifi: mwifiex: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: nl80211: Avoid address calculations via out of bounds array indexing (git-fixes).
- wifi: nl80211: Extend del pmksa support for SAE and OWE security (bsc#1227149).
- wifi: nl80211: Remove unused declaration nl80211_pmsr_dump_results() (bsc#1227149).
- wifi: nl80211: additions to NL80211_CMD_SET_BEACON (bsc#1227149).
- wifi: nl80211: allow reporting wakeup for unprot deauth/disassoc (bsc#1227149).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- wifi: nl80211: fixes to FILS discovery updates (bsc#1227149).
- wifi: nl80211: refactor nl80211_send_mlme_event() arguments (bsc#1227149).
- wifi: p54: Add missing MODULE_FIRMWARE macro (bsc#1227149).
- wifi: p54: Annotate struct p54_cal_database with __counted_by (bsc#1227149).
- wifi: p54: fix GCC format truncation warning with wiphy->fw_version (bsc#1227149).
- wifi: plfxlc: Drop unused include (bsc#1227149).
- wifi: radiotap: add bandwidth definition of EHT U-SIG (bsc#1227149).
- wifi: remove unused argument of ieee80211_get_tdls_action() (bsc#1227149).
- wifi: rsi: fix restricted __le32 degrades to integer sparse warnings (bsc#1227149).
- wifi: rsi: rsi_91x_coex: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_debugfs: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_hal: Remove unnecessary conversions (bsc#1227149).
- wifi: rsi: rsi_91x_mac80211: Remove unnecessary conversions (bsc#1227149).
- wifi: rsi: rsi_91x_main: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_sdio: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_sdio_ops: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_usb: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rsi: rsi_91x_usb_ops: Remove unnecessary (void*) conversions (bsc#1227149).
- wifi: rt2x00: Simplify bool conversion (bsc#1227149).
- wifi: rt2x00: correct MAC_SYS_CTRL register RX mask in R-Calibration (bsc#1227149).
- wifi: rt2x00: disable RTS threshold for rt2800 by default (bsc#1227149).
- wifi: rt2x00: fix MT7620 low RSSI issue (bsc#1227149).
- wifi: rt2x00: fix rt2800 watchdog function (bsc#1227149).
- wifi: rt2x00: fix the typo in comments (bsc#1227149).
- wifi: rt2x00: improve MT7620 register initialization (bsc#1227149).
- wifi: rt2x00: introduce DMA busy check watchdog for rt2800 (bsc#1227149).
- wifi: rt2x00: limit MT7620 TX power based on eeprom calibration (bsc#1227149).
- wifi: rt2x00: make watchdog param per device (bsc#1227149).
- wifi: rt2x00: remove redundant check if u8 array element is less than zero (bsc#1227149).
- wifi: rt2x00: remove useless code in rt2x00queue_create_tx_descriptor() (bsc#1227149).
- wifi: rt2x00: rework MT7620 PA/LNA RF calibration (bsc#1227149).
- wifi: rt2x00: rework MT7620 channel config function (bsc#1227149).
- wifi: rt2x00: silence sparse warnings (bsc#1227149).
- wifi: rt2x00: simplify rt2x00crypto_rx_insert_iv() (bsc#1227149).
- wifi: rtl8xxxu: 8188e: convert usage of priv->vif to priv->vifs[0] (bsc#1227149).
- wifi: rtl8xxxu: 8188f: Limit TX power index (git-fixes).
- wifi: rtl8xxxu: Actually use macid in rtl8xxxu_gen2_report_connect (bsc#1227149).
- wifi: rtl8xxxu: Add TP-Link TL-WN823N V2 (bsc#1227149).
- wifi: rtl8xxxu: Add a description about the device ID 0x7392:0xb722 (bsc#1227149).
- wifi: rtl8xxxu: Add beacon functions (bsc#1227149).
- wifi: rtl8xxxu: Add parameter force to rtl8xxxu_refresh_rate_mask (bsc#1227149).
- wifi: rtl8xxxu: Add parameter macid to update_rate_mask (bsc#1227149).
- wifi: rtl8xxxu: Add parameter role to report_connect (bsc#1227149).
- wifi: rtl8xxxu: Add set_tim() callback (bsc#1227149).
- wifi: rtl8xxxu: Add sta_add() and sta_remove() callbacks (bsc#1227149).
- wifi: rtl8xxxu: Add start_ap() callback (bsc#1227149).
- wifi: rtl8xxxu: Allow creating interface in AP mode (bsc#1227149).
- wifi: rtl8xxxu: Allow setting rts threshold to -1 (bsc#1227149).
- wifi: rtl8xxxu: Clean up filter configuration (bsc#1227149).
- wifi: rtl8xxxu: Declare AP mode support for 8188f (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8192EU (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8710BU (RTL8188GU) (bsc#1227149).
- wifi: rtl8xxxu: Enable AP mode for RTL8723BU (bsc#1227149).
- wifi: rtl8xxxu: Enable hw seq for mgmt/non-QoS data frames (bsc#1227149).
- wifi: rtl8xxxu: Fix LED control code of RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: Fix off by one initial RTS rate (bsc#1227149).
- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).
- wifi: rtl8xxxu: Put the macid in txdesc (bsc#1227149).
- wifi: rtl8xxxu: Remove usage of ieee80211_get_tx_rate() (bsc#1227149).
- wifi: rtl8xxxu: Remove usage of tx_info->control.rates[0].flags (bsc#1227149).
- wifi: rtl8xxxu: Rename some registers (bsc#1227149).
- wifi: rtl8xxxu: Select correct queue for beacon frames (bsc#1227149).
- wifi: rtl8xxxu: Set maximum number of supported stations (bsc#1227149).
- wifi: rtl8xxxu: Support USB RX aggregation for the newer chips (bsc#1227149).
- wifi: rtl8xxxu: Support new chip RTL8192FU (bsc#1227149).
- wifi: rtl8xxxu: add hw crypto support for AP mode (bsc#1227149).
- wifi: rtl8xxxu: add macids for STA mode (bsc#1227149).
- wifi: rtl8xxxu: add missing number of sec cam entries for all variants (bsc#1227149).
- wifi: rtl8xxxu: check vif before using in rtl8xxxu_tx() (bsc#1227149).
- wifi: rtl8xxxu: convert EN_DESC_ID of TX descriptor to le32 type (bsc#1227149).
- wifi: rtl8xxxu: declare concurrent mode support for 8188f (bsc#1227149).
- wifi: rtl8xxxu: do not parse CFO, if both interfaces are connected in STA mode (bsc#1227149).
- wifi: rtl8xxxu: enable MFP support with security flag of RX descriptor (bsc#1227149).
- wifi: rtl8xxxu: enable channel switch support (bsc#1227149).
- wifi: rtl8xxxu: extend check for matching bssid to both interfaces (bsc#1227149).
- wifi: rtl8xxxu: extend wifi connected check to both interfaces (bsc#1227149).
- wifi: rtl8xxxu: fix error messages (bsc#1227149).
- wifi: rtl8xxxu: fix mixed declarations in rtl8xxxu_set_aifs() (bsc#1227149).
- wifi: rtl8xxxu: make instances of iface limit and combination to be static const (bsc#1227149).
- wifi: rtl8xxxu: make supporting AP mode only on port 0 transparent (bsc#1227149).
- wifi: rtl8xxxu: mark TOTOLINK N150UA V5/N150UA-B as tested (bsc#1227149).
- wifi: rtl8xxxu: prepare supporting two virtual interfaces (bsc#1227149).
- wifi: rtl8xxxu: remove assignment of priv->vif in rtl8xxxu_bss_info_changed() (bsc#1227149).
- wifi: rtl8xxxu: remove obsolete priv->vif (bsc#1227149).
- wifi: rtl8xxxu: rtl8xxxu_rx_complete(): remove unnecessary return (bsc#1227149).
- wifi: rtl8xxxu: support multiple interface in start_ap() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in bss_info_changed() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in configure_filter() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in set_aifs() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in update_beacon_work_callback() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in watchdog_callback() (bsc#1227149).
- wifi: rtl8xxxu: support multiple interfaces in {add,remove}_interface() (bsc#1227149).
- wifi: rtl8xxxu: support setting bssid register for multiple interfaces (bsc#1227149).
- wifi: rtl8xxxu: support setting linktype for both interfaces (bsc#1227149).
- wifi: rtl8xxxu: support setting mac address register for both interfaces (bsc#1227149).
- wifi: rtl8xxxu: update rate mask per sta (bsc#1227149).
- wifi: rtlwifi: Convert to use PCIe capability accessors (bsc#1227149).
- wifi: rtlwifi: Ignore IEEE80211_CONF_CHANGE_RETRY_LIMITS (bsc#1227149).
- wifi: rtlwifi: Remove bridge vendor/device ids (bsc#1227149).
- wifi: rtlwifi: Remove rtl_intf_ops.read_efuse_byte (bsc#1227149).
- wifi: rtlwifi: Remove unused PCI related defines and struct (bsc#1227149).
- wifi: rtlwifi: Speed up firmware loading for USB (bsc#1227149).
- wifi: rtlwifi: cleanup USB interface (bsc#1227149).
- wifi: rtlwifi: cleanup few rtlxxx_tx_fill_desc() routines (bsc#1227149).
- wifi: rtlwifi: cleanup few rtlxxxx_set_hw_reg() routines (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_hal (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_phy (bsc#1227149).
- wifi: rtlwifi: cleanup struct rtl_ps_ctl (bsc#1227149).
- wifi: rtlwifi: drop chk_switch_dmdp() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop fill_fake_txdesc() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop pre_fill_tx_bd_desc() from HAL interface (bsc#1227149).
- wifi: rtlwifi: drop unused const_amdpci_aspm (bsc#1227149).
- wifi: rtlwifi: remove misused flag from HAL data (bsc#1227149).
- wifi: rtlwifi: remove unreachable code in rtl92d_dm_check_edca_turbo() (bsc#1227149).
- wifi: rtlwifi: remove unused dualmac control leftovers (bsc#1227149).
- wifi: rtlwifi: remove unused timer and related code (bsc#1227149).
- wifi: rtlwifi: rtl8192cu: Fix 2T2R chip type detection (bsc#1227149).
- wifi: rtlwifi: rtl8192cu: Fix TX aggregation (bsc#1227149).
- wifi: rtlwifi: rtl8192de: Do not read register in _rtl92de_query_rxphystatus (bsc#1227149).
- wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).
- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).
- wifi: rtlwifi: rtl8723: Remove unused function rtl8723_cmd_send_packet() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Access full PMCS reg and use pci_regs.h (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Add pdev into _rtl8821ae_clear_pci_pme_status() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Remove unnecessary PME_Status bit set (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Reverse PM Capability exists check (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: Use pci_find_capability() (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: phy: remove some useless code (bsc#1227149).
- wifi: rtlwifi: rtl8821ae: phy: using calculate_bit_shift() (bsc#1227149).
- wifi: rtlwifi: rtl92ee_dm_dynamic_primary_cca_check(): fix typo in function name (bsc#1227149).
- wifi: rtlwifi: rtl_usb: Store the endpoint addresses (bsc#1227149).
- wifi: rtlwifi: rtl_usb: Use sync register writes (bsc#1227149).
- wifi: rtlwifi: set initial values for unexpected cases of USB endpoint priority (bsc#1227149).
- wifi: rtlwifi: simplify LED management (bsc#1227149).
- wifi: rtlwifi: simplify TX command fill callbacks (bsc#1227149).
- wifi: rtlwifi: simplify rtl_action_proc() and rtl_tx_agg_start() (bsc#1227149).
- wifi: rtlwifi: use convenient list_count_nodes() (bsc#1227149).
- wifi: rtlwifi: use eth_broadcast_addr() to assign broadcast address (bsc#1227149).
- wifi: rtlwifi: use helper function rtl_get_hdr() (bsc#1227149).
- wifi: rtlwifi: use unsigned long for bt_coexist_8723 timestamp (bsc#1227149).
- wifi: rtlwifi: use unsigned long for rtl_bssid_entry timestamp (bsc#1227149).
- wifi: rtw88: 8821c: tweak CCK TX filter setting for SRRC regulation (bsc#1227149).
- wifi: rtw88: 8821c: update TX power limit to V67 (bsc#1227149).
- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).
- wifi: rtw88: 8822c: update TX power limit to V70 (bsc#1227149).
- wifi: rtw88: 8822ce: refine power parameters for RFE type 5 (bsc#1227149).
- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).
- wifi: rtw88: Add support for the SDIO based RTL8723DS chipset (bsc#1227149).
- wifi: rtw88: Fix AP mode incorrect DTIM behavior (bsc#1227149).
- wifi: rtw88: Fix action frame transmission fail before association (bsc#1227149).
- wifi: rtw88: Skip high queue in hci_flush (bsc#1227149).
- wifi: rtw88: Stop high queue during scan (bsc#1227149).
- wifi: rtw88: Use random MAC when efuse MAC invalid (bsc#1227149).
- wifi: rtw88: add missing unwind goto for __rtw_download_firmware() (bsc#1227149).
- wifi: rtw88: debug: add to check if debug mask is enabled (bsc#1227149).
- wifi: rtw88: debug: remove wrapper of rtw_dbg() (bsc#1227149).
- wifi: rtw88: dump firmware debug information in abnormal state (bsc#1227149).
- wifi: rtw88: fix incorrect error codes in rtw_debugfs_copy_from_user (bsc#1227149).
- wifi: rtw88: fix incorrect error codes in rtw_debugfs_set_* (bsc#1227149).
- wifi: rtw88: fix not entering PS mode after AP stops (bsc#1227149).
- wifi: rtw88: fix typo rtw8822cu_probe (bsc#1227149).
- wifi: rtw88: process VO packets without workqueue to avoid PTK rekey failed (bsc#1227149).
- wifi: rtw88: refine register based H2C command (bsc#1227149).
- wifi: rtw88: regd: configure QATAR and UK (bsc#1227149).
- wifi: rtw88: regd: update regulatory map to R64-R42 (bsc#1227149).
- wifi: rtw88: remove unused USB bulkout size set (bsc#1227149).
- wifi: rtw88: remove unused and set but unused leftovers (bsc#1227149).
- wifi: rtw88: rtw8723d: Implement RTL8723DS (SDIO) efuse parsing (bsc#1227149).
- wifi: rtw88: simplify __rtw_tx_work() (bsc#1227149).
- wifi: rtw88: simplify vif iterators (bsc#1227149).
- wifi: rtw88: use cfg80211_ssid_eq() instead of rtw_ssid_equal() (bsc#1227149).
- wifi: rtw88: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).
- wifi: rtw88: use struct instead of macros to set TX desc (bsc#1227149).
- wifi: rtw89: 52c: rfk: disable DPK during MCC (bsc#1227149).
- wifi: rtw89: 52c: rfk: refine MCC channel info notification (bsc#1227149).
- wifi: rtw89: 8851b: add 8851B basic chip_info (bsc#1227149).
- wifi: rtw89: 8851b: add 8851be to Makefile and Kconfig (bsc#1227149).
- wifi: rtw89: 8851b: add BT coexistence support function (bsc#1227149).
- wifi: rtw89: 8851b: add DLE mem and HFC quota (bsc#1227149).
- wifi: rtw89: 8851b: add MAC configurations to chip_info (bsc#1227149).
- wifi: rtw89: 8851b: add NCTL post table (bsc#1227149).
- wifi: rtw89: 8851b: add RF configurations (bsc#1227149).
- wifi: rtw89: 8851b: add TX power related functions (bsc#1227149).
- wifi: rtw89: 8851b: add basic power on function (bsc#1227149).
- wifi: rtw89: 8851b: add set channel function (bsc#1227149).
- wifi: rtw89: 8851b: add set_channel_rf() (bsc#1227149).
- wifi: rtw89: 8851b: add support WoWLAN to 8851B (bsc#1227149).
- wifi: rtw89: 8851b: add to parse efuse content (bsc#1227149).
- wifi: rtw89: 8851b: add to read efuse version to recognize hardware version B (bsc#1227149).
- wifi: rtw89: 8851b: configure CRASH_TRIGGER feature for 8851B (bsc#1227149).
- wifi: rtw89: 8851b: configure GPIO according to RFE type (bsc#1227149).
- wifi: rtw89: 8851b: configure to force 1 TX power value (bsc#1227149).
- wifi: rtw89: 8851b: enable hw_scan support (bsc#1227149).
- wifi: rtw89: 8851b: fill BB related capabilities to chip_info (bsc#1227149).
- wifi: rtw89: 8851b: rfk: Fix spelling mistake KIP_RESOTRE -> KIP_RESTORE (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add AACK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add DACK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add DPK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add IQK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add LCK track (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add RCK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add RX DCK (bsc#1227149).
- wifi: rtw89: 8851b: rfk: add TSSI (bsc#1227149).
- wifi: rtw89: 8851b: rfk: update IQK to version 0x8 (bsc#1227149).
- wifi: rtw89: 8851b: update RF radio A parameters to R28 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R28 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R34 (bsc#1227149).
- wifi: rtw89: 8851b: update TX power tables to R37 (bsc#1227149).
- wifi: rtw89: 8851be: add 8851BE PCI entry and fill PCI capabilities (bsc#1227149).
- wifi: rtw89: 8852b: fix definition of KIP register number (git-fixes).
- wifi: rtw89: 8852b: update TX power tables to R35 (bsc#1227149).
- wifi: rtw89: 8852b: update TX power tables to R36 (bsc#1227149).
- wifi: rtw89: 8852c: Fix TSSI causes transmit power inaccuracy (bsc#1227149).
- wifi: rtw89: 8852c: Update bandedge parameters for better performance (bsc#1227149).
- wifi: rtw89: 8852c: add quirk to set PCI BER for certain platforms (bsc#1227149).
- wifi: rtw89: 8852c: declare to support two chanctx (bsc#1227149).
- wifi: rtw89: 8852c: read RX gain offset from efuse for 6GHz channels (bsc#1227149).
- wifi: rtw89: 8852c: update RF radio A/B parameters to R63 (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (1 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (2 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (3 of 3) (bsc#1227149).
- wifi: rtw89: 8852c: update TX power tables to R67 (bsc#1227149).
- wifi: rtw89: 8922a: add 8922A basic chip info (bsc#1227149).
- wifi: rtw89: 8922a: add BTG functions to assist BT coexistence to control TX/RX (bsc#1227149).
- wifi: rtw89: 8922a: add NCTL pre-settings for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: 8922a: add RF read/write v2 (bsc#1227149).
- wifi: rtw89: 8922a: add SER IMR tables (bsc#1227149).
- wifi: rtw89: 8922a: add TX power related ops (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops related to BB init (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops to get thermal value (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::bb_preinit to enable BB before downloading firmware (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::cfg_txrx_path (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::rfk_hw_init (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::rfk_init_late to do initial RF calibrations later (bsc#1227149).
- wifi: rtw89: 8922a: add chip_ops::{enable,disable}_bb_rf (bsc#1227149).
- wifi: rtw89: 8922a: add coexistence helpers of SW grant (bsc#1227149).
- wifi: rtw89: 8922a: add helper of set_channel (bsc#1227149).
- wifi: rtw89: 8922a: add ieee80211_ops::hw_scan (bsc#1227149).
- wifi: rtw89: 8922a: add more fields to beacon H2C command to support multi-links (bsc#1227149).
- wifi: rtw89: 8922a: add power on/off functions (bsc#1227149).
- wifi: rtw89: 8922a: add register definitions of H2C, C2H, page, RRSR and EDCCA (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel BB part (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel MAC part (bsc#1227149).
- wifi: rtw89: 8922a: add set_channel RF part (bsc#1227149).
- wifi: rtw89: 8922a: configure CRASH_TRIGGER FW feature (bsc#1227149).
- wifi: rtw89: 8922a: correct register definition and merge IO for ctrl_nbtg_bt_tx() (bsc#1227149).
- wifi: rtw89: 8922a: declare to support two chanctx (bsc#1227149).
- wifi: rtw89: 8922a: dump MAC registers when SER occurs (bsc#1227149).
- wifi: rtw89: 8922a: extend and add quota number (bsc#1227149).
- wifi: rtw89: 8922a: hook handlers of TX/RX descriptors to chip_ops (bsc#1227149).
- wifi: rtw89: 8922a: implement AP mode related reg for BE generation (bsc#1227149).
- wifi: rtw89: 8922a: implement {stop,resume}_sch_tx and cfg_ppdu (bsc#1227149).
- wifi: rtw89: 8922a: read efuse content from physical map (bsc#1227149).
- wifi: rtw89: 8922a: read efuse content via efuse map struct from logic map (bsc#1227149).
- wifi: rtw89: 8922a: rfk: implement chip_ops to call RF calibrations (bsc#1227149).
- wifi: rtw89: 8922a: set RX gain along with set_channel operation (bsc#1227149).
- wifi: rtw89: 8922a: set chip_ops FEM and GPIO to NULL (bsc#1227149).
- wifi: rtw89: 8922a: set memory heap address for secure firmware (bsc#1227149).
- wifi: rtw89: 8922a: update BA CAM number to 24 (bsc#1227149).
- wifi: rtw89: 8922a: update the register used in DIG and the DIG flow (bsc#1227149).
- wifi: rtw89: 8922ae: add 8922AE PCI entry and basic info (bsc#1227149).
- wifi: rtw89: 8922ae: add v2 interrupt handlers for 8922AE (bsc#1227149).
- wifi: rtw89: Add EHT rate mask as parameters of RA H2C command (bsc#1227149).
- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).
- wifi: rtw89: Fix clang -Wimplicit-fallthrough in rtw89_query_sar() (bsc#1227149).
- wifi: rtw89: Introduce Time Averaged SAR (TAS) feature (bsc#1227149).
- wifi: rtw89: Refine active scan behavior in 6 GHz (bsc#1227149).
- wifi: rtw89: Set default CQM config if not present (bsc#1227149).
- wifi: rtw89: TX power stuffs replace confusing naming of _max with _num (bsc#1227149).
- wifi: rtw89: Update EHT PHY beamforming capability (bsc#1227149).
- wifi: rtw89: acpi: process 6 GHz band policy from DSM (bsc#1227149).
- wifi: rtw89: add C2H RA event V1 to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add C2H event handlers of RFK log and report (bsc#1227149).
- wifi: rtw89: add CFO XTAL registers field to support 8851B (bsc#1227149).
- wifi: rtw89: add DBCC H2C to notify firmware the status (bsc#1227149).
- wifi: rtw89: add EHT capabilities for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add EHT radiotap in monitor mode (bsc#1227149).
- wifi: rtw89: add EVM and SNR statistics to debugfs (bsc#1227149).
- wifi: rtw89: add EVM for antenna diversity (bsc#1227149).
- wifi: rtw89: add H2C RA command V1 to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add H2C command to download beacon frame for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add RSSI based antenna diversity (bsc#1227149).
- wifi: rtw89: add RSSI statistics for the case of antenna diversity to debugfs (bsc#1227149).
- wifi: rtw89: add XTAL SI for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add chip_info::chip_gen to determine chip generation (bsc#1227149).
- wifi: rtw89: add chip_info::txwd_info size to generalize TX WD submit (bsc#1227149).
- wifi: rtw89: add chip_ops::h2c_ba_cam() to configure BA CAM (bsc#1227149).
- wifi: rtw89: add chip_ops::query_rxdesc() and rxd_len as helpers to support newer chips (bsc#1227149).
- wifi: rtw89: add chip_ops::update_beacon to abstract update beacon operation (bsc#1227149).
- wifi: rtw89: add firmware H2C command of BA CAM V1 (bsc#1227149).
- wifi: rtw89: add firmware parser for v1 format (bsc#1227149).
- wifi: rtw89: add firmware suit for BB MCU 0/1 (bsc#1227149).
- wifi: rtw89: add function prototype for coex request duration (bsc#1227149).
- wifi: rtw89: add mac_gen pointer to access mac port registers (bsc#1227149).
- wifi: rtw89: add mlo_dbcc_mode for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: add new H2C command to pause/sleep transmitting by MAC ID (bsc#1227149).
- wifi: rtw89: add new H2C for PS mode in 802.11be chip (bsc#1227149).
- wifi: rtw89: add reserved size as factor of DLE used size (bsc#1227149).
- wifi: rtw89: add subband index of primary channel to struct rtw89_chan (bsc#1227149).
- wifi: rtw89: add to display hardware rates v1 histogram in debugfs (bsc#1227149).
- wifi: rtw89: add to fill TX descriptor for firmware command v2 (bsc#1227149).
- wifi: rtw89: add to fill TX descriptor v2 (bsc#1227149).
- wifi: rtw89: add to parse firmware elements of BB and RF tables (bsc#1227149).
- wifi: rtw89: add to query RX descriptor format v2 (bsc#1227149).
- wifi: rtw89: add tx_wake notify for 8851B (bsc#1227149).
- wifi: rtw89: add wait/completion for abort scan (bsc#1227149).
- wifi: rtw89: adjust init_he_cap() to add EHT cap into iftype_data (bsc#1227149).
- wifi: rtw89: advertise missing extended scan feature (bsc#1227149).
- wifi: rtw89: avoid stringop-overflow warning (bsc#1227149).
- wifi: rtw89: call rtw89_chan_get() by vif chanctx if aware of vif (bsc#1227149).
- wifi: rtw89: chan: MCC take reconfig into account (bsc#1227149).
- wifi: rtw89: chan: add sub-entity swap function to cover replacing (bsc#1227149).
- wifi: rtw89: chan: move handling from add/remove to assign/unassign for MLO (bsc#1227149).
- wifi: rtw89: chan: support MCC on Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: chan: tweak bitmap recalc ahead before MLO (bsc#1227149).
- wifi: rtw89: chan: tweak weight recalc ahead before MLO (bsc#1227149).
- wifi: rtw89: change naming of BA CAM from V1 to V0_EXT (bsc#1227149).
- wifi: rtw89: change qutoa to DBCC by default for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: change supported bandwidths of chip_info to bit mask (bsc#1227149).
- wifi: rtw89: cleanup firmware elements parsing (bsc#1227149).
- wifi: rtw89: cleanup private data structures (bsc#1227149).
- wifi: rtw89: cleanup rtw89_iqk_info and related code (bsc#1227149).
- wifi: rtw89: coex: Add Bluetooth RSSI level information (bsc#1227149).
- wifi: rtw89: coex: Add Pre-AGC control to enhance Wi-Fi RX performance (bsc#1227149).
- wifi: rtw89: coex: Add coexistence policy to decrease WiFi packet CRC-ERR (bsc#1227149).
- wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members (bsc#1227149).
- wifi: rtw89: coex: Record down Wi-Fi initial mode information (bsc#1227149).
- wifi: rtw89: coex: Reorder H2C command index to align with firmware (bsc#1227149).
- wifi: rtw89: coex: Set Bluetooth scan low-priority when Wi-Fi link/scan (bsc#1227149).
- wifi: rtw89: coex: Still show hardware grant signal info even Wi-Fi is PS (bsc#1227149).
- wifi: rtw89: coex: To improve Wi-Fi performance while BT is idle (bsc#1227149).
- wifi: rtw89: coex: Translate antenna configuration from ID to string (bsc#1227149).
- wifi: rtw89: coex: Update BTG control related logic (bsc#1227149).
- wifi: rtw89: coex: Update RF parameter control setting logic (bsc#1227149).
- wifi: rtw89: coex: Update coexistence policy for Wi-Fi LPS (bsc#1227149).
- wifi: rtw89: coex: When Bluetooth not available do not set power/gain (bsc#1227149).
- wifi: rtw89: coex: add BTC ctrl_info version 7 and related logic (bsc#1227149).
- wifi: rtw89: coex: add annotation __counted_by() for struct rtw89_btc_btf_set_slot_table (bsc#1227149).
- wifi: rtw89: coex: add annotation __counted_by() to struct rtw89_btc_btf_set_mon_reg (bsc#1227149).
- wifi: rtw89: coex: add init_info H2C command format version 7 (bsc#1227149).
- wifi: rtw89: coex: add return value to ensure H2C command is success or not (bsc#1227149).
- wifi: rtw89: coex: fix configuration for shared antenna for 8922A (bsc#1227149).
- wifi: rtw89: coex: use struct assignment to replace memcpy() to append TDMA content (bsc#1227149).
- wifi: rtw89: configure PPDU max user by chip (bsc#1227149).
- wifi: rtw89: consider RX info for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: consolidate registers of mac port to struct (bsc#1227149).
- wifi: rtw89: correct PHY register offset for PHY-1 (bsc#1227149).
- wifi: rtw89: correct aSIFSTime for 6GHz band (stable-fixes).
- wifi: rtw89: correct the DCFO tracking flow to improve CFO compensation (bsc#1227149).
- wifi: rtw89: debug: add FW log component for scan (bsc#1227149).
- wifi: rtw89: debug: add debugfs entry to disable dynamic mechanism (bsc#1227149).
- wifi: rtw89: debug: add to check if debug mask is enabled (bsc#1227149).
- wifi: rtw89: debug: remove wrapper of rtw89_debug() (bsc#1227149).
- wifi: rtw89: debug: show txpwr table according to chip gen (bsc#1227149).
- wifi: rtw89: debug: txpwr table access only valid page according to chip (bsc#1227149).
- wifi: rtw89: debug: txpwr table supports Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: declare EXT NSS BW of VHT capability (bsc#1227149).
- wifi: rtw89: declare MCC in interface combination (bsc#1227149).
- wifi: rtw89: define hardware rate v1 for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: differentiate narrow_bw_ru_dis setting according to chip gen (bsc#1227149).
- wifi: rtw89: disable RTS when broadcast/multicast (bsc#1227149).
- wifi: rtw89: download firmware with five times retry (bsc#1227149).
- wifi: rtw89: drop TIMING_BEACON_ONLY and sync beacon TSF by self (bsc#1227149).
- wifi: rtw89: enlarge supported length of read_reg debugfs entry (bsc#1227149).
- wifi: rtw89: extend PHY status parser to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fix HW scan not aborting properly (git-fixes).
- wifi: rtw89: fix HW scan timeout due to TSF sync issue (bsc#1227149).
- wifi: rtw89: fix a width vs precision bug (bsc#1227149).
- wifi: rtw89: fix disabling concurrent mode TX hang issue (bsc#1227149).
- wifi: rtw89: fix misbehavior of TX beacon in concurrent mode (bsc#1227149).
- wifi: rtw89: fix not entering PS mode after AP stops (bsc#1227149).
- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).
- wifi: rtw89: fix spelling typo of IQK debug messages (bsc#1227149).
- wifi: rtw89: fix typo of rtw89_fw_h2c_mcc_macid_bitmap() (bsc#1227149).
- wifi: rtw89: fw: add H2C command to reset CMAC table for WiFi 7 (bsc#1227149).
- wifi: rtw89: fw: add H2C command to reset DMAC table for WiFi 7 (bsc#1227149).
- wifi: rtw89: fw: add H2C command to update security CAM v2 (bsc#1227149).
- wifi: rtw89: fw: add checking type for variant type of firmware (bsc#1227149).
- wifi: rtw89: fw: add chip_ops to update CMAC table to associated station (bsc#1227149).
- wifi: rtw89: fw: add definition of H2C command and C2H event for MRC series (bsc#1227149).
- wifi: rtw89: fw: add version field to BB MCU firmware element (bsc#1227149).
- wifi: rtw89: fw: consider checksum length of security data (bsc#1227149).
- wifi: rtw89: fw: download firmware with key data for secure boot (bsc#1227149).
- wifi: rtw89: fw: extend JOIN H2C command to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: extend program counter dump for Wi-Fi 7 chip (bsc#1227149).
- wifi: rtw89: fw: fill CMAC table to associated station for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: generalize download firmware flow by mac_gen pointers (bsc#1227149).
- wifi: rtw89: fw: implement MRC H2C command functions (bsc#1227149).
- wifi: rtw89: fw: implement supported functions of download firmware for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: fw: load TX power track tables from fw_element (bsc#1227149).
- wifi: rtw89: fw: move polling function of firmware path ready to an individual function (bsc#1227149).
- wifi: rtw89: fw: parse secure section from firmware file (bsc#1227149).
- wifi: rtw89: fw: propagate an argument include_bb for BB MCU firmware (bsc#1227149).
- wifi: rtw89: fw: read firmware secure information from efuse (bsc#1227149).
- wifi: rtw89: fw: refine download flow to support variant firmware suits (bsc#1227149).
- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (bsc#1227149).
- wifi: rtw89: fw: update TX AMPDU parameter to CMAC table (bsc#1227149).
- wifi: rtw89: fw: use struct to fill BA CAM H2C commands (bsc#1227149).
- wifi: rtw89: fw: use struct to fill JOIN H2C command (bsc#1227149).
- wifi: rtw89: get data rate mode/NSS/MCS v1 from RX descriptor (bsc#1227149).
- wifi: rtw89: indicate TX power by rate table inside RFE parameter (bsc#1227149).
- wifi: rtw89: indicate TX shape table inside RFE parameter (bsc#1227149).
- wifi: rtw89: initialize antenna for antenna diversity (bsc#1227149).
- wifi: rtw89: initialize multi-channel handling (bsc#1227149).
- wifi: rtw89: introduce infrastructure of firmware elements (bsc#1227149).
- wifi: rtw89: introduce realtek ACPI DSM method (bsc#1227149).
- wifi: rtw89: introduce v1 format of firmware header (bsc#1227149).
- wifi: rtw89: load BB parameters to PHY-1 (bsc#1227149).
- wifi: rtw89: load RFK log format string from firmware file (bsc#1227149).
- wifi: rtw89: load TX power by rate when RFE parms setup (bsc#1227149).
- wifi: rtw89: load TX power related tables from FW elements (bsc#1227149).
- wifi: rtw89: mac: Fix spelling mistakes "notfify" -> "notify" (bsc#1227149).
- wifi: rtw89: mac: add coexistence helpers {cfg/get}_plt (bsc#1227149).
- wifi: rtw89: mac: add feature_init to initialize BA CAM V1 (bsc#1227149).
- wifi: rtw89: mac: add flags to check if CMAC and DMAC are enabled (bsc#1227149).
- wifi: rtw89: mac: add mac_gen_def::band1_offset to map MAC band1 register address (bsc#1227149).
- wifi: rtw89: mac: add registers of MU-EDCA parameters for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add suffix _ax to MAC functions (bsc#1227149).
- wifi: rtw89: mac: add sys_init and filter option for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add to access efuse for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: add to get DLE reserved quota (bsc#1227149).
- wifi: rtw89: mac: check queue empty according to chip gen (bsc#1227149).
- wifi: rtw89: mac: correct MUEDCA setting for MAC-1 (bsc#1227149).
- wifi: rtw89: mac: define internal memory address for WiFi 7 chip (bsc#1227149).
- wifi: rtw89: mac: define register address of rx_filter to generalize code (bsc#1227149).
- wifi: rtw89: mac: do bf_monitor only if WiFi 6 chips (bsc#1227149).
- wifi: rtw89: mac: functions to configure hardware engine and quota for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: generalize code to indirectly access WiFi internal memory (bsc#1227149).
- wifi: rtw89: mac: generalize register of MU-EDCA switch according to chip gen (bsc#1227149).
- wifi: rtw89: mac: get TX power control register according to chip gen (bsc#1227149).
- wifi: rtw89: mac: handle C2H receive/done ACK in interrupt context (bsc#1227149).
- wifi: rtw89: mac: implement MRC C2H event handling (bsc#1227149).
- wifi: rtw89: mac: implement to configure TX/RX engines for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: mac: move code related to hardware engine to individual functions (bsc#1227149).
- wifi: rtw89: mac: refine SER setting during WiFi CPU power on (bsc#1227149).
- wifi: rtw89: mac: reset PHY-1 hardware when going to enable/disable (bsc#1227149).
- wifi: rtw89: mac: return held quota of DLE when changing MAC-1 (bsc#1227149).
- wifi: rtw89: mac: set bf_assoc capabilities according to chip gen (bsc#1227149).
- wifi: rtw89: mac: set bfee_ctrl() according to chip gen (bsc#1227149).
- wifi: rtw89: mac: update RTS threshold according to chip gen (bsc#1227149).
- wifi: rtw89: mac: use mac_gen pointer to access about efuse (bsc#1227149).
- wifi: rtw89: mac: use pointer to access functions of hardware engine and quota (bsc#1227149).
- wifi: rtw89: mcc: consider and determine BT duration (bsc#1227149).
- wifi: rtw89: mcc: deal with BT slot change (bsc#1227149).
- wifi: rtw89: mcc: deal with P2P PS change (bsc#1227149).
- wifi: rtw89: mcc: deal with beacon NoA if GO exists (bsc#1227149).
- wifi: rtw89: mcc: decide pattern and calculate parameters (bsc#1227149).
- wifi: rtw89: mcc: fill fundamental configurations (bsc#1227149).
- wifi: rtw89: mcc: fix NoA start time when GO is auxiliary (bsc#1227149).
- wifi: rtw89: mcc: initialize start flow (bsc#1227149).
- wifi: rtw89: mcc: track beacon offset and update when needed (bsc#1227149).
- wifi: rtw89: mcc: trigger FW to start/stop MCC (bsc#1227149).
- wifi: rtw89: mcc: update role bitmap when changed (bsc#1227149).
- wifi: rtw89: modify the register setting and the flow of CFO tracking (bsc#1227149).
- wifi: rtw89: move software DCFO compensation setting to proper position (bsc#1227149).
- wifi: rtw89: only reset BB/RF for existing WiFi 6 chips while starting up (bsc#1227149).
- wifi: rtw89: packet offload wait for FW response (bsc#1227149).
- wifi: rtw89: parse EHT information from RX descriptor and PPDU status packet (bsc#1227149).
- wifi: rtw89: parse TX EHT rate selected by firmware from RA C2H report (bsc#1227149).
- wifi: rtw89: parse and print out RFK log from C2H events (bsc#1227149).
- wifi: rtw89: pause/proceed MCC for ROC and HW scan (bsc#1227149).
- wifi: rtw89: pci: add LTR v2 for WiFi 7 chip (bsc#1227149).
- wifi: rtw89: pci: add PCI generation information to pci_info for each chip (bsc#1227149).
- wifi: rtw89: pci: add new RX ring design to determine full RX ring efficiently (bsc#1227149).
- wifi: rtw89: pci: add pre_deinit to be called after probe complete (bsc#1227149).
- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).
- wifi: rtw89: pci: correct interrupt mitigation register for 8852CE (bsc#1227149).
- wifi: rtw89: pci: define PCI ring address for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).
- wifi: rtw89: pci: fix interrupt enable mask for HALT C2H of RTL8851B (bsc#1227149).
- wifi: rtw89: pci: generalize code of PCI control DMA IO for WiFi 7 (bsc#1227149).
- wifi: rtw89: pci: generalize interrupt status bits of interrupt handlers (bsc#1227149).
- wifi: rtw89: pci: implement PCI CLK/ASPM/L1SS for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: implement PCI mac_post_init for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: implement PCI mac_pre_init for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: pci: interrupt v2 refine IMR for SER (bsc#1227149).
- wifi: rtw89: pci: reset BDRAM according to chip gen (bsc#1227149).
- wifi: rtw89: pci: stop/start DMA for level 1 recovery according to chip gen (bsc#1227149).
- wifi: rtw89: pci: update SER timer unit and timeout time (bsc#1227149).
- wifi: rtw89: pci: update interrupt mitigation register for 8922AE (bsc#1227149).
- wifi: rtw89: pci: use DBI function for 8852AE/8852BE/8851BE (bsc#1227149).
- wifi: rtw89: pci: use gen_def pointer to configure mac_{pre,post}_init and clear PCI ring index (bsc#1227149).
- wifi: rtw89: pci: validate RX tag for RXQ and RPQ (bsc#1227149).
- wifi: rtw89: phy: add BB wrapper of TX power for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: add parser to support RX gain dynamic setting flow (bsc#1227149).
- wifi: rtw89: phy: add phy_gen_def::cr_base to support WiFi 7 chips (bsc#1227149).
- wifi: rtw89: phy: change naming related BT coexistence functions (bsc#1227149).
- wifi: rtw89: phy: dynamically adjust EDCCA threshold (bsc#1227149).
- wifi: rtw89: phy: extend TX power common stuffs for Wi-Fi 7 chips (bsc#1227149).
- wifi: rtw89: phy: generalize valid bit of BSS color (bsc#1227149).
- wifi: rtw89: phy: ignore special data from BB parameter file (bsc#1227149).
- wifi: rtw89: phy: modify register setting of ENV_MNTR, PHYSTS and DIG (bsc#1227149).
- wifi: rtw89: phy: move bb_gain_info used by WiFi 6 chips to union (bsc#1227149).
- wifi: rtw89: phy: print out RFK log with formatted string (bsc#1227149).
- wifi: rtw89: phy: rate pattern handles HW rate by chip gen (bsc#1227149).
- wifi: rtw89: phy: refine helpers used for raw TX power (bsc#1227149).
- wifi: rtw89: phy: set TX power RU limit according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power by rate according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power limit according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set TX power offset according to chip gen (bsc#1227149).
- wifi: rtw89: phy: set channel_info for WiFi 7 chips (bsc#1227149).
- wifi: rtw89: prepare scan leaf functions for wifi 7 ICs (bsc#1227149).
- wifi: rtw89: process regulatory for 6 GHz power type (bsc#1227149).
- wifi: rtw89: provide functions to configure NoA for beacon update (bsc#1227149).
- wifi: rtw89: recognize log format from firmware file (bsc#1227149).
- wifi: rtw89: reference quota mode when setting Tx power (bsc#1227149).
- wifi: rtw89: refine H2C command that pause transmitting by MAC ID (bsc#1227149).
- wifi: rtw89: refine add_chan H2C command to encode_bits (bsc#1227149).
- wifi: rtw89: refine bandwidth 160MHz uplink OFDMA performance (bsc#1227149).
- wifi: rtw89: refine clearing supported bands to check 2/5 GHz first (bsc#1227149).
- wifi: rtw89: refine element naming used by queue empty check (bsc#1227149).
- wifi: rtw89: refine hardware scan C2H events (bsc#1227149).
- wifi: rtw89: refine packet offload delete flow of 6 GHz probe (bsc#1227149).
- wifi: rtw89: refine packet offload handling under SER (bsc#1227149).
- wifi: rtw89: refine remain on channel flow to improve P2P connection (bsc#1227149).
- wifi: rtw89: refine rtw89_correct_cck_chan() by rtw89_hw_to_nl80211_band() (bsc#1227149).
- wifi: rtw89: refine uplink trigger based control mechanism (bsc#1227149).
- wifi: rtw89: regd: configure Thailand in regulation type (bsc#1227149).
- wifi: rtw89: regd: handle policy of 6 GHz according to BIOS (bsc#1227149).
- wifi: rtw89: regd: judge 6 GHz according to chip and BIOS (bsc#1227149).
- wifi: rtw89: regd: judge UNII-4 according to BIOS and chip (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R64-R40 (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R64-R43 (bsc#1227149).
- wifi: rtw89: regd: update regulatory map to R65-R44 (bsc#1227149).
- wifi: rtw89: release bit in rtw89_fw_h2c_del_pkt_offload() (bsc#1227149).
- wifi: rtw89: return failure if needed firmware elements are not recognized (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger DACK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger DPK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger IQK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger RX DCK (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger TSSI (bsc#1227149).
- wifi: rtw89: rfk: add H2C command to trigger TXGAPK (bsc#1227149).
- wifi: rtw89: rfk: add a completion to wait RF calibration report from C2H event (bsc#1227149).
- wifi: rtw89: rfk: disable driver tracking during MCC (bsc#1227149).
- wifi: rtw89: rfk: send channel information to firmware for RF calibrations (bsc#1227149).
- wifi: rtw89: sar: let caller decide the center frequency to query (bsc#1227149).
- wifi: rtw89: scan offload wait for FW done ACK (bsc#1227149).
- wifi: rtw89: ser: L1 add pre-M0 and post-M0 states (bsc#1227149).
- wifi: rtw89: ser: reset total_sta_assoc and tdls_peer when L2 (bsc#1227149).
- wifi: rtw89: set TX power without precondition during setting channel (bsc#1227149).
- wifi: rtw89: set capability of TX antenna diversity (bsc#1227149).
- wifi: rtw89: set entry size of address CAM to H2C field by chip (bsc#1227149).
- wifi: rtw89: show EHT rate in debugfs (bsc#1227149).
- wifi: rtw89: support U-NII-4 channels on 5GHz band (bsc#1227149).
- wifi: rtw89: support firmware log with formatted text (bsc#1227149).
- wifi: rtw89: suppress the log for specific SER called CMDPSR_FRZTO (bsc#1227149).
- wifi: rtw89: tweak H2C TX waiting function for SER (bsc#1227149).
- wifi: rtw89: update DMA function with different generation (bsc#1227149).
- wifi: rtw89: update ps_state register for chips with different generation (bsc#1227149).
- wifi: rtw89: update scan C2H messages for wifi 7 IC (bsc#1227149).
- wifi: rtw89: update suspend/resume for different generation (bsc#1227149).
- wifi: rtw89: use PLCP information to match BSS_COLOR and AID (bsc#1227149).
- wifi: rtw89: use chip_info::small_fifo_size to choose debug_mask (bsc#1227149).
- wifi: rtw89: use flexible array member in rtw89_btc_btf_tlv (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits to access RX info (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits() to access RX descriptor (bsc#1227149).
- wifi: rtw89: use struct and le32_get_bits() to access received PHY status IEs (bsc#1227149).
- wifi: rtw89: use struct rtw89_phy_sts_ie0 instead of macro to access PHY IE0 status (bsc#1227149).
- wifi: rtw89: use struct to access RA report (bsc#1227149).
- wifi: rtw89: use struct to access firmware C2H event header (bsc#1227149).
- wifi: rtw89: use struct to access register-based H2C/C2H (bsc#1227149).
- wifi: rtw89: use struct to fill H2C command to download beacon frame (bsc#1227149).
- wifi: rtw89: use struct to parse firmware header (bsc#1227149).
- wifi: rtw89: use struct to set RA H2C command (bsc#1227149).
- wifi: rtw89: wow: move release offload packet earlier for WoWLAN mode (bsc#1227149).
- wifi: rtw89: wow: refine WoWLAN flows of HCI interrupts and low power mode (bsc#1227149).
- wifi: rtw89: wow: set security engine options for 802.11ax chips only (bsc#1227149).
- wifi: rtw89: wow: update WoWLAN reason register for different chips (bsc#1227149).
- wifi: rtw89: wow: update WoWLAN status register for different generation (bsc#1227149).
- wifi: rtw89: wow: update config mac function with different generation (bsc#1227149).
- wifi: ti: wlcore: sdio: Drop unused include (bsc#1227149).
- wifi: virt_wifi: avoid reporting connection success with wrong SSID (git-fixes).
- wifi: virt_wifi: do not use strlen() in const context (git-fixes).
- wifi: wcn36xx: Annotate struct wcn36xx_hal_ind_msg with __counted_by (bsc#1227149).
- wifi: wcn36xx: Convert to platform remove callback returning void (bsc#1227149).
- wifi: wcn36xx: remove unnecessary (void*) conversions (bsc#1227149).
- wifi: wext: avoid extra calls to strlen() in ieee80211_bss() (bsc#1227149).
- wifi: wfx: Use devm_kmemdup to replace devm_kmalloc + memcpy (bsc#1227149).
- wifi: wfx: allow to send frames during ROC (bsc#1227149).
- wifi: wfx: fix power_save setting when AP is stopped (bsc#1227149).
- wifi: wfx: implement wfx_remain_on_channel() (bsc#1227149).
- wifi: wfx: introduce hif_scan_uniq() (bsc#1227149).
- wifi: wfx: move wfx_skb_*() out of the header file (bsc#1227149).
- wifi: wfx: relocate wfx_rate_mask_to_hw() (bsc#1227149).
- wifi: wfx: scan_lock is global to the device (bsc#1227149).
- wifi: wfx: simplify exclusion between scan and Rx filters (bsc#1227149).
- wifi: wil6210: fw: Replace zero-length arrays with DECLARE_FLEX_ARRAY() helper (bsc#1227149).
- wifi: wil6210: wmi: Replace zero-length array with DECLARE_FLEX_ARRAY() helper (bsc#1227149).
- wifi: wilc1000: Increase ASSOC response buffer (bsc#1227149).
- wifi: wilc1000: Remove unused declarations (bsc#1227149).
- wifi: wilc1000: add SPI commands retry mechanism (bsc#1227149).
- wifi: wilc1000: add back-off algorithm to balance tx queue packets (bsc#1227149).
- wifi: wilc1000: add missing read critical sections around vif list traversal (bsc#1227149).
- wifi: wilc1000: always release SDIO host in wilc_sdio_cmd53() (bsc#1227149).
- wifi: wilc1000: cleanup struct wilc_conn_info (bsc#1227149).
- wifi: wilc1000: correct CRC7 calculation (bsc#1227149).
- wifi: wilc1000: fix declarations ordering (bsc#1227149).
- wifi: wilc1000: fix driver_handler when committing initial configuration (bsc#1227149).
- wifi: wilc1000: fix ies_len type in connect path (git-fixes).
- wifi: wilc1000: fix incorrect power down sequence (bsc#1227149).
- wifi: wilc1000: remove AKM suite be32 conversion for external auth request (bsc#1227149).
- wifi: wilc1000: remove setting msg.spi (bsc#1227149).
- wifi: wilc1000: remove use of has_thrpt_enh3 flag (bsc#1227149).
- wifi: wilc1000: set preamble size to auto as default in wilc_init_fw_config() (bsc#1227149).
- wifi: wilc1000: simplify remain on channel support (bsc#1227149).
- wifi: wilc1000: simplify wilc_scan() (bsc#1227149).
- wifi: wilc1000: split deeply nested RCU list traversal in dedicated helper (bsc#1227149).
- wifi: wilc1000: use SRCU instead of RCU for vif list traversal (bsc#1227149).
- wifi: wilc1000: validate chip id during bus probe (bsc#1227149).
- wifi: wl1251: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wl18xx: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: boot: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: main: replace deprecated strncpy with strscpy (bsc#1227149).
- wifi: wlcore: sdio: Rate limit wl12xx_sdio_raw_{read,write}() failures warns (bsc#1227149).
- wifi: wlcore: sdio: Use module_sdio_driver macro to simplify the code (bsc#1227149).
- wifi: zd1211rw: fix typo "tranmits" (bsc#1227149).
- wifi: zd1211rw: remove __nocast from zd_addr_t (bsc#1227149).
- wifi: zd1211rw: silence sparse warnings (bsc#1227149).
- wireguard: netlink: access device through ctx instead of peer (git-fixes).
- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).
- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).
- wlcore: spi: Remove redundant of_match_ptr() (bsc#1227149).
- work around gcc bugs with 'asm goto' with outputs (git-fixes).
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).
- x86/amd_nb: Check for invalid SMN reads (git-fixes).
- x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).
- x86/asm: Fix build of UML with KASAN (git-fixes).
- x86/asm: Remove the __iomem annotation of movdir64b()'s dst argument (git-fixes).
- x86/bhi: Avoid warning in #DB handler due to BHI mitigation :(git-fixes).
- x86/boot: Ignore NMIs during very early boot (git-fixes).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- x86/bugs: Remove default case for fully switched enums (git-fixes).
- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).
- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).
- x86/cpu: Provide default cache line size if not enumerated (git-fixes).
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- x86/csum: Fix clang -Wuninitialized in csum_partial() (git-fixes).
- x86/csum: Improve performance of `csum_partial` (git-fixes).
- x86/csum: Remove unnecessary odd handling (git-fixes).
- x86/csum: clean up `csum_partial' further (git-fixes).
- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).
- x86/efistub: Call mixed mode boot services on the firmware's stack (git-fixes).
- x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- x86/head/64: Move the __head definition to <asm/init.h> (git-fixes).
- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).
- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).
- x86/insn: Add VEX versions of VPDPBUSD, VPDPBUSDS, VPDPWSSD and VPDPWSSDS (git-fixes).
- x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).
- x86/kconfig: Add as-instr64 macro to properly evaluate AS_WRUSS (git-fixes).
- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).
- x86/kexec: Fix bug with call depth tracking (git-fixes).
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).
- x86/mce: Dynamically size space for machine check records (bsc#1222241).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- x86/mce: Mark fatal MCE's page as poison to avoid panic in the kdump kernel (git-fixes).
- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).
- x86/nmi: Fix the inverse "in NMI handler" check (git-fixes).
- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).
- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/resctrl: Read supported bandwidth sources from CPUID (git-fixes).
- x86/resctrl: Remove redundant variable in mbm_config_write_domain() (git-fixes).
- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).
- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- x86/sev: Fix position dependent variable references in startup code (git-fixes).
- x86/shstk: Make return uprobe work with shadow stack (git-fixes).
- x86/speculation, objtool: Use absolute relocations for annotations (git-fixes).
- x86/srso: Disentangle rethunk-dependent options (git-fixes).
- x86/srso: Fix unret validation dependencies (git-fixes).
- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).
- x86/srso: Print actual mitigation if requested mitigation isn't possible (git-fixes).
- x86/srso: Remove 'pred_cmd' label (git-fixes).
- x86/srso: Unexport untraining functions (git-fixes).
- x86/tdx: Preserve shared bit on mprotect() (git-fixes).
- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).
- x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking (git-fixes).
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).
- x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)
- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).
- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).
- xen/events: increment refcnt only if event channel is refcounted (git-fixes).
- xen/events: modify internal [un]bind interfaces (git-fixes).
- xen/events: reduce externally visible helper functions (git-fixes).
- xen/events: remove some simple helpers from events_base.c (git-fixes).
- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).
- xen/x86: add extra pages to unpopulated-alloc if available (git-fixes).
- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).
- xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228211).
- xfs: add lock protection when remove perag from radix tree (git-fixes).
- xfs: allow extent free intents to be retried (git-fixes).
- xfs: fix perag leak when growfs fails (git-fixes).
- xfs: force all buffers to be written during btree bulk load (git-fixes).
- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).
- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).
- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).
- xfs: transfer recovered intent item ownership in ->iop_recover (git-fixes).
- xfs: use roundup_pow_of_two instead of ffs during xlog_find_tail (git-fixes).
- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).
- xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).
- xhci: Handle TD clearing for multiple streams case (git-fixes).
- xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).
- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
- xhci: add helper that checks for unhandled events on a event ring (git-fixes).
- xhci: always resume roothubs if xHC was reset during resume (stable-fixes).
- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
Patchnames
SUSE-SLE-Micro-6.0-14
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise Micro 6.0 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2024-41014: xfs: add bounds checking to xlog_recover_process_data (bsc#1228408).\n- CVE-2024-41013: xfs: do not walk off the end of a directory data block (bsc#1228405).\n- CVE-2024-41017: jfs: do not walk off the end of ealist (bsc#1228403).\n- CVE-2024-40972: ext4: fold quota accounting into ext4_xattr_inode_lookup_create() (bsc#1227910).\n- CVE-2024-39276: ext4: fix mb_cache_entry\u0027s e_refcnt leak in ext4_xattr_block_cache_find() (bsc#1226993).\n- CVE-2024-40925: block: fix request.queuelist usage in flush (bsc#1227789).\n- CVE-2024-40998: ext4: fix uninitialized ratelimit_state-\u003elock access in __ext4_fill_super() (bsc#1227866).\n- CVE-2024-39494: ima: Fix use-after-free on a dentry\u0027s dname.name (bsc#1227716).\n- CVE-2024-39496: btrfs: zoned: fix use-after-free due to race with dev replace (bsc#1227719).\n- CVE-2024-41091: tun: add missing verification for short frame (bsc#1228327).\n- CVE-2024-41090: tap: add missing verification for short frame (bsc#1228328).\n- CVE-2024-40999: net: ena: Add validation for completion descriptors consistency (bsc#1227913).\n- CVE-2024-40966: kABI: tty: add the option to have a tty reject a new ldisc (bsc#1227886).\n- CVE-2024-40975: platform/x86: x86-android-tablets: Unregister devices in reverse order (bsc#1227926).\n- CVE-2024-40970: Avoid hw_desc array overrun in dw-axi-dmac (bsc#1227899).\n- CVE-2024-40947: ima: Avoid blocking in RCU read-side critical section (bsc#1227803).\n- CVE-2024-40908: bpf: Set run context for rawtp test_run callback (bsc#1227783).\n- CVE-2024-40960: ipv6: prevent possible NULL dereference in rt6_probe() (bsc#1227813).\n- CVE-2024-40935: cachefiles: flush all requests after setting CACHEFILES_DEAD (bsc#1227797).\n- CVE-2024-40961: ipv6: prevent possible NULL deref in fib6_nh_init() (bsc#1227814).\n- CVE-2024-39504: netfilter: nft_inner: validate mandatory meta and payload (bsc#1227757).\n- CVE-2024-41006: netrom: Fix a memory leak in nr_heartbeat_expiry() (bsc#1227862).\n- CVE-2024-40937: gve: Clear napi-\u003eskb before dev_kfree_skb_any() (bsc#1227836).\n- CVE-2024-39507: net: hns3: fix kernel crash problem in concurrent scenario (bsc#1227730).\n- CVE-2024-40940: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail (bsc#1227800).\n- CVE-2024-40928: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() (bsc#1227788).\n- CVE-2024-26944: btrfs: zoned: fix lock ordering in btrfs_zone_activate() (bsc#1223731).\n- CVE-2024-40923: vmxnet3: disable rx data ring on dma allocation failure (bsc#1227786).\n- CVE-2024-40931: mptcp: ensure snd_una is properly initialized on connect (bsc#1227780).\n- CVE-2024-40919: bnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send() (bsc#1227779).\n- CVE-2024-39487: bonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set() (bsc#1227573)\n- CVE-2024-35908: tls: get psock ref after taking rxlock to avoid leak (bsc#1224490)\n- CVE-2024-35899: netfilter: nf_tables: flush pending destroy work before exit_net release (bsc#1224499)\n- CVE-2024-35934: net/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list() (bsc#1224641)\n- CVE-2024-35893: net/sched: act_skbmod: prevent kernel-infoleak (bsc#1224512)\n- CVE-2024-40901: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory (bsc#1227762).\n- CVE-2024-39472: xfs: fix log recovery buffer allocation for the legacy h_size fixup (bsc#1227432).\n- CVE-2024-40953: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() (bsc#1227806).\n- CVE-2024-27404: mptcp: fix data races on remote_id (bsc#1224422)\n- CVE-2024-27020: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() (bsc#1223815)\n- CVE-2024-27019: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() (bsc#1223813)\n- CVE-2024-40948: mm/page_table_check: fix crash on ZONE_DEVICE (bsc#1227801).\n- CVE-2024-35890: gro: fix ownership transfer (bsc#1224516).\n- CVE-2024-36902: ipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action() (bsc#1225719).\n- CVE-2024-36946: phonet: fix rtm_phonet_notify() skb allocation (bsc#1225851).\n- CVE-2024-38586: r8169: Fix possible ring buffer corruption on fragmented Tx packets (bsc#1226750).\n- CVE-2024-39468: smb: client: fix deadlock in smb2_find_smb_tcon() (bsc#1227103.\n- CVE-2024-40906: net/mlx5: Always stop health timer during driver removal (bsc#1227763).\n- CVE-2024-27012: netfilter: nf_tables: restore set elements when delete set fails (bsc#1223804).\n- CVE-2024-39498: drm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2 (bsc#1227723)\n- CVE-2024-39502: ionic: fix use after netif_napi_del() (bsc#1227755).\n- CVE-2024-27016: netfilter: flowtable: validate pppoe header (bsc#1223807).\n- CVE-2024-36901: ipv6: prevent NULL dereference in ip6_output() (bsc#1225711)\n- CVE-2024-36004: i40e: Do not use WQ_MEM_RECLAIM flag for workqueue (bsc#1224545)\n- CVE-2024-27025: nbd: null check for nla_nest_start (bsc#1223778)\n- CVE-2024-35853: mlxsw: spectrum_acl_tcam: Fix memory leak during rehash (bsc#1224604).\n- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).\n- CVE-2024-27402: phonet/pep: fix racy skb_queue_empty() use (bsc#1224414).\n- CVE-2023-52435: net: prevent mss overflow in skb_segment() (bsc#1220138).\n- CVE-2024-27065: netfilter: nf_tables: do not compare internal table flags on updates (bsc#1223836).\n- CVE-2024-27015: netfilter: flowtable: incorrect pppoe tuple (bsc#1223806).\n- CVE-2024-27064: netfilter: nf_tables: Fix a memory leak in nf_tables_updchain (bsc#1223740).\n- CVE-2024-26663: tipc: Check the bearer type before calling tipc_udp_nl_bearer_add() (bsc#1222326).\n- CVE-2023-47210: wifi: iwlwifi: bump FW API to 90 for BZ/SC devices (bsc#1225601, bsc#1225600).\n- CVE-2023-52775: net/smc: avoid data corruption caused by decline (bsc#1225088).\n- CVE-2024-38558: net: openvswitch: fix overwriting ct original tuple for ICMPv6 (bsc#1226783).\n- CVE-2024-39490: ipv6: sr: fix missing sk_buff release in seg6_input_core (bsc#1227626).\n- CVE-2024-26826: mptcp: fix data re-injection from stale subflow (bsc#1223010).\n- CVE-2024-26615: net/smc: fix illegal rmb_desc access in SMC-D connection dump (bsc#1220942).\n- CVE-2024-35942: pmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain (bsc#1224589).\n- CVE-2024-26691: KVM: arm64: Fix circular locking dependency (bsc#1222463).\n- CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn\u0027t be re-encrypted (bsc#1225744).\n- CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717).\n- CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745).\n- CVE-2024-36912: Drivers: hv: vmbus: Track decrypted status in vmbus_gpadl (bsc#1225752).\n- CVE-2024-36913: Drivers: hv: vmbus: Leak pages if set_memory_encrypted() fails (bsc#1225753).\n- CVE-2024-26665: tunnels: fix out of bounds access when building IPv6 PMTU error (bsc#1222328).\n- CVE-2024-38659: enic: Validate length of nl attributes in enic_set_vf_port (bsc#1226883).\n- CVE-2023-52751: smb: client: fix use-after-free in smb2_query_info_compound() (bsc#1225489).\n- CVE-2024-39482: bcache: fix variable length array abuse in btree_iter (bsc#1227447).\n- CVE-2024-39474: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL (bsc#1227434).\n- CVE-2024-26636: llc: make llc_ui_sendmsg() more robust against bonding changes (bsc#1221659).\n- CVE-2024-26635: llc: Drop support for ETH_P_TR_802_2 (bsc#1221656).\n- CVE-2024-38598: md: fix resync softlockup when bitmap size is less than array size (bsc#1226757).\n- CVE-2024-36003: ice: fix LAG and VF lock dependency in ice_reset_vf() (bsc#1224544).\n- CVE-2024-38604: block: refine the EOF check in blkdev_iomap_begin (bsc#1226866).\n- CVE-2024-26641: ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv() (bsc#1221654).\n- CVE-2024-26863: hsr: Fix uninit-value access in hsr_get_node() (bsc#1223021).\n- CVE-2024-26633: ip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim() (bsc#1221647).\n- CVE-2024-26623: pds_core: Prevent race issues involving the adminq (bsc#1221057).\n- CVE-2024-26785: iommufd: Fix protection fault in iommufd_test_syz_conv_iova (bsc#1222779).\n- CVE-2024-26734: devlink: fix possible use-after-free and memory leaks in devlink_init() (bsc#1222438).\n- CVE-2024-35805: dm snapshot: fix lockup in dm_exception_table_exit (bsc#1224743).\n- CVE-2024-39371: io_uring: check for non-NULL file pointer in io_file_can_poll() (bsc#1226990).\n- CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225098).\n- CVE-2024-38610: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() (bsc#1226758).\n- CVE-2024-37354: btrfs: fix crash on racing fsync and size-extending write into prealloc (bsc#1227101).\n- CVE-2024-36919: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload (bsc#1225767).\n- CVE-2024-38559: scsi: qedf: Ensure the copied buf is NUL terminated (bsc#1226785).\n- CVE-2024-38570: gfs2: Fix potential glock use-after-free on unmount (bsc#1226775).\n- CVE-2024-36904: tcp: Use refcount_inc_not_zero() in tcp_twsk_unique() (bsc#1225732).\n- CVE-2023-52881: tcp: do not accept ACK of bytes we never sent (bsc#1225611).\n- CVE-2024-37353: virtio: fixed a double free in vp_del_vqs() (bsc#1226875).\n- CVE-2024-39301: net/9p: fix uninit-value in p9_client_rpc() (bsc#1226994).\n- CVE-2024-35843: iommu/vt-d: Use device rbtree in iopf reporting path (bsc#1224751).\n- CVE-2024-37078: nilfs2: fix potential kernel bug due to lack of writeback flag waiting (bsc#1227066).\n- CVE-2024-35247: fpga: region: add owner module and take its refcount (bsc#1226948).\n- CVE-2024-36479: fpga: bridge: add owner module and take its refcount (bsc#1226949).\n- CVE-2024-37021: fpga: manager: add owner module and take its refcount (bsc#1226950).\n- CVE-2024-36281: net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules (bsc#1226799).\n- CVE-2024-38580: epoll: be better about file lifetimes (bsc#1226610).\n- CVE-2024-36478: null_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027 (bsc#1226841).\n- CVE-2024-38636: f2fs: multidev: fix to recognize valid zero block address (bsc#1226879).\n- CVE-2024-38661: s390/ap: Fix crash in AP internal function modify_bitmap() (bsc#1226996).\n- CVE-2024-38564: bpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE (bsc#1226789).\n- CVE-2024-38566: bpf: Fix verifier assumptions about socket-\u003esk (bsc#1226790).\n- CVE-2024-38560: scsi: bfa: Ensure the copied buf is NUL terminated (bsc#1226786).\n- CVE-2024-36978: net: sched: sch_multiq: fix possible OOB write in multiq_tune() (bsc#1226514).\n- CVE-2024-36917: block: fix overflow in blk_ioctl_discard() (bsc#1225770).\n- CVE-2024-36974: net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP (bsc#1226519).\n- CVE-2024-38627: stm class: Fix a double free in stm_register_device() (bsc#1226857).\n- CVE-2024-38603: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() (bsc#1226842).\n- CVE-2024-38553: net: fec: remove .ndo_poll_controller to avoid deadlock (bsc#1226744).\n- CVE-2024-38555: net/mlx5: Discard command completions in internal error (bsc#1226607).\n- CVE-2024-38556: net/mlx5: Add a timeout to acquire the command queue semaphore (bsc#1226774).\n- CVE-2024-38557: net/mlx5: Reload only IB representors upon lag disable/enable (bsc#1226781).\n- CVE-2024-38608: net/mlx5e: Fix netif state handling (bsc#1226746).\n- CVE-2024-38597: eth: sungem: remove .ndo_poll_controller to avoid deadlocks (bsc#1226749).\n- CVE-2024-38594: net: stmmac: move the EST lock to struct stmmac_priv (bsc#1226734).\n- CVE-2024-38569: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group (bsc#1226772).\n- CVE-2024-38568: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group (bsc#1226771).\n- CVE-2024-26814: vfio/fsl-mc: Block calling interrupt handler without trigger (bsc#1222810).\n- CVE-2024-26813: vfio/platform: Create persistent IRQ handlers (bsc#1222809).\n- CVE-2024-36945: net/smc: fix neighbour and rtable leak in smc_ib_find_route() (bsc#1225823).\n- CVE-2024-36923: fs/9p: fix uninitialized values during inode evict (bsc#1225815).\n- CVE-2024-36971: net: fix __dst_negative_advice() race (bsc#1226145).\n- CVE-2024-27414: rtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back (bsc#1224439).\n- CVE-2024-35900: netfilter: nf_tables: reject new basechain after table flag update (bsc#1224497).\n- CVE-2024-35886: ipv6: Fix infinite recursion in fib6_dump_done() (bsc#1224670).\n- CVE-2024-36024: drm/amd/display: Disable idle reallow as part of command/gpint execution (bsc#1225702).\n- CVE-2024-36903: ipv6: Fix potential uninit-value access in __ip6_make_skb() (bsc#1225741).\n- CVE-2024-36914: drm/amd/display: Skip on writeback when it\u0027s not applicable (bsc#1225757).\n- CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225737).\n- CVE-2024-35979: raid1: fix use-after-free for original bio in raid1_write_request() (bsc#1224572).\n- CVE-2024-35807: ext4: fix corruption during on-line resize (bsc#1224735).\n- CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg (bsc#1222080).\n- CVE-2023-52843: llc: verify mac len before reading mac header (bsc#1224951).\n- CVE-2024-35898: netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get() (bsc#1224498).\n- CVE-2024-36915: nfc: llcp: fix nfc_llcp_setsockopt() unsafe copies (bsc#1225758).\n- CVE-2024-36017: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation (bsc#1225681).\n- CVE-2024-36882: mm: use memalloc_nofs_save() in page_cache_ra_order() (bsc#1225723).\n- CVE-2024-36916: blk-iocost: avoid out of bounds shift (bsc#1225759).\n- CVE-2024-36900: net: hns3: fix kernel crash when devlink reload during initialization (bsc#1225726).\n- CVE-2023-52787: blk-mq: make sure active queue usage is held for bio_integrity_prep() (bsc#1225105).\n- CVE-2024-35925: block: prevent division by zero in blk_rq_stat_sum() (bsc#1224661).\n- CVE-2023-52837: nbd: fix uaf in nbd_open (bsc#1224935).\n- CVE-2023-52786: ext4: fix racy may inline data check in dio write (bsc#1224939).\n- CVE-2024-36934: bna: ensure the copied buf is NUL terminated (bsc#1225760).\n- CVE-2024-36935: ice: ensure the copied buf is NUL terminated (bsc#1225763).\n- CVE-2024-36937: xdp: use flags field to disambiguate broadcast redirect (bsc#1225834).\n- CVE-2023-52672: pipe: wakeup wr_wait after setting max_usage (bsc#1224614).\n- CVE-2023-52845: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING (bsc#1225585).\n- CVE-2024-36005: netfilter: nf_tables: honor table dormant flag from netdev release event path (bsc#1224539).\n- CVE-2024-26845: scsi: target: core: Add TMF to tmr_list handling (bsc#1223018).\n- CVE-2024-35892: net/sched: fix lockdep splat in qdisc_tree_reduce_backlog() (bsc#1224515).\n- CVE-2024-35848: eeprom: at24: fix memory corruption race condition (bsc#1224612).\n- CVE-2024-35884: udp: do not accept non-tunnel GSO skbs landing in a tunnel (bsc#1224520).\n- CVE-2024-35857: icmp: prevent possible NULL dereferences from icmp_build_probe() (bsc#1224619).\n- CVE-2023-52735: bpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself (bsc#1225475).\n- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).\n- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)\n- CVE-2024-35926: crypto: iaa - Fix async_disable descriptor leak (bsc#1224655).\n- CVE-2024-35976: Validate user input for XDP_{UMEM|COMPLETION}_FILL_RING (bsc#1224575).\n- CVE-2024-36938: Fixed NULL pointer dereference in sk_psock_skb_ingress_enqueue (bsc#1225761).\n- CVE-2024-36008: ipv4: check for NULL idev in ip_route_use_hint() (bsc#1224540).\n- CVE-2024-35998: Fixed lock ordering potential deadlock in cifs_sync_mid_result (bsc#1224549).\n- CVE-2023-52757: Fixed potential deadlock when releasing mids (bsc#1225548).\n- CVE-2024-27419: Fixed data-races around sysctl_net_busy_read (bsc#1224759)\n- CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762).\n- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).\n- CVE-2024-26625: Call sock_orphan() at release time (bsc#1221086)\n- CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)\n- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621)\n- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).\n- CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).\n- CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).\n- CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224989).\n- CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).\n- CVE-2024-35860: Struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).\n- CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).\n- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).\n- CVE-2024-35895: Fixed lock inversion deadlock in map delete elem (bsc#1224511).\n- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).\n- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).\n- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).\n- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).\n- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).\n- CVE-2024-35869: smb: client: guarantee refcounted children from parent session (bsc#1224679).\n- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).\n- CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).\n- CVE-2024-27036: Fixed writeback data corruption (bsc#1223810).\n- CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).\n- CVE-2024-35931: Fixed PCI error slot reset during RAS recovery (bsc#1224652).\n- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).\n- CVE-2024-35880: io_uring/kbuf: hold io_buffer_list reference over mmap (bsc#1224523).\n- CVE-2024-35831: io_uring: Fix release of pinned pages when __io_uaddr_map fails (bsc#1224698).\n- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).\n- CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).\n- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).\n- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).\n- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).\n- CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race (bsc#1225007).\n- CVE-2024-35827: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() (bsc#1224606).\n- CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).\n- CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).\n- CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).\n- CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).\n- CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).\n- CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)\n- CVE-2024-27417: Fixed potential \"struct net\" leak in inet6_rtm_getaddr() (bsc#1224721)\n- CVE-2023-52656: Dropped any code related to SCM_RIGHTS (bsc#1224187).\n- CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).\n- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).\n- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).\n- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).\n- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).\n- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).\n- CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type (bsc#1224442).\n- CVE-2023-52699: sysv: don\u0027t call sb_bread() with pointers_lock held (bsc#1224659).\n- CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).\n- CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223084).\n- CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).\n- CVE-2023-52483: mctp: perform route lookups under a RCU read-side lock (bsc#1220738).\n- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).\n- CVE-2024-26632: Fixed iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).\n- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).\n- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).\n- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).\n- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).\n- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).\n- CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).\n- CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address (bsc#1223669).\n- CVE-2024-26945: Fixed nr_cpus \u0026lt; nr_iaa case (bsc#1223732).\n- CVE-2024-26679: Fixed read sk-\u003esk_family once in inet_recv_error() (bsc#1222385).\n- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)\n- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)\n- CVE-2024-26939: Fixed UAF on destroy against retire race (bsc#1223679).\n- CVE-2024-26865: rds: tcp: Fix use-after-free of net in reqsk_timer_handler() (bsc#1223062).\n- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).\n- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).\n- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).\n- CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write error (bsc#1222532)\n- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).\n- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).\n- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).\n- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).\n- CVE-2024-26991: Fixed overflow lpage_info when checking attributes (bsc#1223695).\n- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).\n- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).\n- CVE-2024-27022: Fixed linking file vma until vma is fully initialized (bsc#1223774).\n- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).\n- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).\n- CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition scan (bsc#1223045).\n- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).\n- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).\n- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).\n- CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649 CVE-2024-26638).\n- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).\n- CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).\n- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).\n- CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).\n- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).\n- CVE-2024-26832: Fixed missing folio cleanup in writeback race path (bsc#1223007).\n- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).\n- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).\n- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).\n- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).\n- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).\n- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).\n- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).\n- CVE-2024-26844: Fixed WARNING in _copy_from_iter (bsc#1223015).\n- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).\n- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).\n- CVE-2024-26774: Fixed dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (bsc#1222622).\n- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).\n- CVE-2024-26815: Fixed improper TCA_TAPRIO_TC_ENTRY_INDEX check (bsc#1222635).\n- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).\n- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).\n- CVE-2024-26731: Fixed NULL pointer dereference in sk_psock_verdict_data_ready() (bsc#1222371).\n- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).\n- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).\n- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).\n- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).\n- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).\n- CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).\n- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).\n- CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).\n- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).\n- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).\n- CVE-2024-26614: Fixed the initialization of accept_queue\u0027s spinlocks (bsc#1221293).\n- CVE-2023-52458: Fixed check that partition length needs to be aligned with block size (bsc#1220428).\n- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).\n- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).\n- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).\n\nThe following non-security bugs were fixed:\n\n- 9p: add missing locking around taking dentry fid list (git-fixes)\n- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).\n- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).\n- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).\n- ACPI: EC: Abort address space access upon error (stable-fixes).\n- ACPI: EC: Avoid returning AE_OK on errors in address space handler (stable-fixes).\n- ACPI: EC: Evaluate orphan _REG under EC device (git-fixes).\n- ACPI: EC: Install address space handler at the namespace root (stable-fixes).\n- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).\n- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).\n- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).\n- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).\n- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).\n- ACPI: disable -Wstringop-truncation (git-fixes).\n- ACPI: processor_idle: Fix invalid comparison with insertion sort for latency (git-fixes).\n- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).\n- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).\n- ACPI: resource: Do IRQ override on TongFang GXxHRXx and GMxHGxx (stable-fixes).\n- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).\n- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).\n- ACPI: x86: Add PNP_UART1_SKIP quirk for Lenovo Blade2 tablets (stable-fixes).\n- ACPI: x86: Force StorageD3Enable on more products (stable-fixes).\n- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).\n- ACPICA: Revert \"ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine.\" (git-fixes).\n- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).\n- ALSA/hda: intel-dsp-config: Document AVS as dsp_driver option (git-fixes).\n- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).\n- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).\n- ALSA: PCM: Allow resume only for suspended streams (stable-fixes).\n- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).\n- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).\n- ALSA: core: Remove debugfs at disconnection (git-fixes).\n- ALSA: dmaengine: Synchronize dma channel after drop() (stable-fixes).\n- ALSA: dmaengine_pcm: terminate dmaengine before synchronize (stable-fixes).\n- ALSA: emux: improve patch ioctl data validation (stable-fixes).\n- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).\n- ALSA: hda/conexant: Mute speakers at suspend / shutdown (bsc#1228269).\n- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).\n- ALSA: hda/generic: Add a helper to mute speakers at suspend/shutdown (bsc#1228269).\n- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).\n- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).\n- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).\n- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).\n- ALSA: hda/realtek: Add more codec ID to no shutup pins list (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14AHP9 (stable-fixes).\n- ALSA: hda/realtek: Add quirk for Lenovo Yoga Pro 7 14ARP8 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).\n- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).\n- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).\n- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).\n- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).\n- ALSA: hda/realtek: Enable Mute LED on HP 250 G7 (stable-fixes).\n- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).\n- ALSA: hda/realtek: Enable headset mic on IdeaPad 330-17IKB 81DM (git-fixes).\n- ALSA: hda/realtek: Enable headset mic on Positivo SU C1400 (stable-fixes).\n- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).\n- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).\n- ALSA: hda/realtek: Fix conflicting quirk for PCI SSID 17aa:3820 (git-fixes).\n- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).\n- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).\n- ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book Pro 360 (stable-fixes).\n- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).\n- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).\n- ALSA: hda/realtek: Limit mic boost on N14AP7 (stable-fixes).\n- ALSA: hda/realtek: Limit mic boost on VAIO PRO PX (stable-fixes).\n- ALSA: hda/realtek: Remove Framework Laptop 16 from quirks (git-fixes).\n- ALSA: hda/realtek: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).\n- ALSA: hda/realtek: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).\n- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).\n- ALSA: hda/realtek: add quirk for Clevo V5[46]0TU (stable-fixes).\n- ALSA: hda/realtek: cs35l41: Fixup remaining asus strix models (git-fixes).\n- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for EliteBook 645/665 G11 (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 445/465 G11 (stable-fixes).\n- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).\n- ALSA: hda/relatek: Enable Mute LED on HP Laptop 15-gw0xxx (stable-fixes).\n- ALSA: hda/tas2781: Add new quirk for Lenovo Hera2 Laptop (stable-fixes).\n- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).\n- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).\n- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).\n- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).\n- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).\n- ALSA: hda: clarify Copyright information (stable-fixes).\n- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).\n- ALSA: hda: cs35l41: Component should be unbound before deconstruction (git-fixes).\n- ALSA: hda: cs35l41: Fix swapped l/r audio channels for Lenovo ThinBook 13x Gen4 (git-fixes).\n- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).\n- ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() (git-fixes).\n- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).\n- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).\n- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).\n- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).\n- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).\n- ALSA: hda: cs35l41: Support Lenovo Thinkbook 13x Gen 4 (stable-fixes).\n- ALSA: hda: cs35l41: Support Lenovo Thinkbook 16P Gen 5 (stable-fixes).\n- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).\n- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).\n- ALSA: hda: cs35l56: Component should be unbound before deconstruction (git-fixes).\n- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).\n- ALSA: hda: cs35l56: Fix lifecycle of codec pointer (stable-fixes).\n- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).\n- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).\n- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).\n- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).\n- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).\n- ALSA: hda: tas2781: Component should be unbound before deconstruction (git-fixes).\n- ALSA: line6: Zero-initialize message buffers (stable-fixes).\n- ALSA: pcm_dmaengine: Do not synchronize DMA channel when DMA is paused (git-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).\n- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).\n- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).\n- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).\n- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).\n- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).\n- ALSA: seq: Do not clear bank selection at event -\u003e UMP MIDI2 conversion (git-fixes).\n- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).\n- ALSA: seq: Fix missing MSB in MIDI2 SPP conversion (git-fixes).\n- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).\n- ALSA: seq: Fix missing channel at encoding RPN/NRPN MIDI2 messages (git-fixes).\n- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).\n- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).\n- ALSA: seq: ump: Fix missing System Reset message handling (git-fixes).\n- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).\n- ALSA: seq: ump: Skip useless ports for static blocks (git-fixes).\n- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).\n- ALSA: timer: Set lower bound of start tick time (stable-fixes).\n- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).\n- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).\n- ALSA: ump: Do not update FB name for static blocks (git-fixes).\n- ALSA: ump: Force 1 Group for MIDI1 FBs (git-fixes).\n- ALSA: ump: Set default protocol when not given explicitly (git-fixes).\n- ALSA: usb-audio: Add a quirk for Sonix HD USB Camera (stable-fixes).\n- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).\n- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).\n- ALSA: usb-audio: Fix microphone sound on HD webcam (stable-fixes).\n- ALSA: usb-audio: Move HD Webcam quirk to the right place (git-fixes).\n- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).\n- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).\n- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).\n- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).\n- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).\n- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).\n- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).\n- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).\n- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).\n- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).\n- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).\n- ASoC: Intel: avs: Set name of control as in topology (git-fixes).\n- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).\n- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).\n- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).\n- ASoC: Intel: common: add ACPI matching tables for Arrow Lake (stable-fixes).\n- ASoC: Intel: sof-sdw: really remove FOUR_SPEAKER quirk (git-fixes).\n- ASoC: Intel: sof_sdw: add JD2 quirk for HP Omen 14 (stable-fixes).\n- ASoC: Intel: sof_sdw: add quirk for Dell SKU 0C0F (stable-fixes).\n- ASoC: Intel: use soc_intel_is_byt_cr() only when IOSF_MBI is reachable (git-fixes).\n- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).\n- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).\n- ASoC: SOF: Intel: hda-pcm: Limit the maximum number of periods by MAX_BDL_ENTRIES (stable-fixes).\n- ASoC: SOF: Intel: hda: fix null deref on system suspend entry (git-fixes).\n- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).\n- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).\n- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).\n- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).\n- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).\n- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).\n- ASoC: SOF: imx8m: Fix DSP control regmap retrieval (git-fixes).\n- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).\n- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).\n- ASoC: SOF: ipc4-topology: Preserve the DMA Link ID for ChainDMA on unprepare (git-fixes).\n- ASoC: SOF: ipc4-topology: Use correct queue_id for requesting input pin format (stable-fixes).\n- ASoC: SOF: pcm: Restrict DSP D0i3 during S0ix to IPC3 (stable-fixes).\n- ASoC: SOF: sof-audio: Skip unprepare for in-use widgets on error rollback (stable-fixes).\n- ASoC: TAS2781: Fix tasdev_load_calibrated_data() (git-fixes).\n- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).\n- ASoC: amd: Adjust error handling in case of absent codec device (git-fixes).\n- ASoC: amd: acp: add a null check for chip_pdev structure (git-fixes).\n- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).\n- ASoC: amd: acp: remove i2s configuration check in acp_i2s_probe() (git-fixes).\n- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on ASUS M5602RA (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).\n- ASoC: amd: yc: Revert \"Fix non-functional mic on Lenovo 21J2\" (stable-fixes).\n- ASoC: amd: yc: Support mic on Lenovo Thinkpad E16 Gen 2 (bsc#1228269).\n- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).\n- ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config (git-fixes).\n- ASoC: cs35l56: Accept values greater than 0 as IRQ numbers (git-fixes).\n- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).\n- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).\n- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).\n- ASoC: fsl-asoc-card: set priv-\u003epdev before using it (git-fixes).\n- ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value (git-fixes).\n- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).\n- ASoC: max98088: Check for clk_prepare_enable() error (git-fixes).\n- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).\n- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).\n- ASoC: meson: axg-card: make links nonatomic (git-fixes).\n- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).\n- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).\n- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).\n- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).\n- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).\n- ASoC: q6apm-lpass-dai: close graph on prepare errors (git-fixes).\n- ASoC: qcom: Adjust issues in case of DT error in asoc_qcom_lpass_cpu_platform_probe() (git-fixes).\n- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).\n- ASoC: rockchip: i2s-tdm: Fix trcm mode by setting clock on right mclk (git-fixes).\n- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).\n- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).\n- ASoC: rt5682-sdw: fix locking sequence (git-fixes).\n- ASoC: rt711-sdca: fix locking sequence (git-fixes).\n- ASoC: rt711-sdw: add missing readable registers (stable-fixes).\n- ASoC: rt711-sdw: fix locking sequence (git-fixes).\n- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).\n- ASoC: rt715-sdca: volume step modification (git-fixes).\n- ASoC: rt715: add vendor clear control register (git-fixes).\n- ASoC: rt722-sdca-sdw: add debounce time for type detection (stable-fixes).\n- ASoC: rt722-sdca-sdw: add silence detection register as volatile (stable-fixes).\n- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).\n- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).\n- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).\n- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).\n- ASoC: sof: amd: fix for firmware reload failure in Vangogh platform (git-fixes).\n- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).\n- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).\n- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).\n- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).\n- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).\n- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).\n- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).\n- ASoC: ti: davinci-mcasp: Set min period size using FIFO config (stable-fixes).\n- ASoC: ti: omap-hdmi: Fix too long driver name (stable-fixes).\n- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).\n- ASoC: topology: Do not assign fields that are already set (stable-fixes).\n- ASoC: topology: Fix references to freed memory (stable-fixes).\n- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).\n- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).\n- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).\n- ASoc: tas2781: Enable RCA-based playback without DSP firmware download (git-fixes).\n- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).\n- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).\n- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).\n- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).\n- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).\n- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).\n- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).\n- Bluetooth: ISO: Check socket flag instead of hcon (git-fixes).\n- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).\n- Bluetooth: ISO: Fix BIS cleanup (stable-fixes).\n- Bluetooth: Ignore too large handle values in BIG (git-fixes).\n- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: L2CAP: Fix rejecting L2CAP_CONN_PARAM_UPDATE_REQ (git-fixes).\n- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).\n- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).\n- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).\n- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: add quirk for broken address properties (git-fixes).\n- Bluetooth: ath3k: Fix multiple issues reported by checkpatch.pl (stable-fixes).\n- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).\n- Bluetooth: btintel: Fixe build regression (git-fixes).\n- Bluetooth: btintel: Refactor btintel_set_ppag() (git-fixes).\n- Bluetooth: btnxpuart: Add handling for boot-signature timeout errors (git-fixes).\n- Bluetooth: btnxpuart: Enable Power Save feature on startup (stable-fixes).\n- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).\n- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).\n- Bluetooth: hci_bcm4377: Fix msgid release (git-fixes).\n- Bluetooth: hci_bcm4377: Use correct unit for timeouts (git-fixes).\n- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).\n- Bluetooth: hci_core: cancel all works upon hci_unregister_dev() (stable-fixes).\n- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).\n- Bluetooth: hci_event: Fix setting of unicast qos interval (git-fixes).\n- Bluetooth: hci_event: Remove code to removed CONFIG_BT_HS (stable-fixes).\n- Bluetooth: hci_event: Set QoS encryption from BIGInfo report (git-fixes).\n- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).\n- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).\n- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).\n- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).\n- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).\n- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).\n- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).\n- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).\n- Bluetooth: qca: Fix BT enable failure again for QCA6390 after warm reboot (git-fixes).\n- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).\n- Bluetooth: qca: add missing firmware sanity checks (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).\n- Bluetooth: qca: fix NVM configuration parsing (git-fixes).\n- Bluetooth: qca: fix device-address endianness (git-fixes).\n- Bluetooth: qca: fix firmware check error path (git-fixes).\n- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).\n- Bluetooth: qca: set power_ctrl_enabled on NULL returned by gpiod_get_optional() (git-fixes).\n- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).\n- Edit \"amdkfd: use calloc instead of kzalloc to avoid integer overflow\" Reference CVE and bug numbers.\n- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)\n- Enable CONFIG_SCHED_CLUSTER=y on arm64 (jsc#PED-8701).\n- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_ECDSA.\n- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_RSA.\n- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).\n- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).\n- HID: Add quirk for Logitech Casa touchpad (stable-fixes).\n- HID: Ignore battery for ELAN touchscreens 2F2C and 4116 (stable-fixes).\n- HID: amd_sfh: Handle \"no sensors\" in PM operations (git-fixes).\n- HID: core: remove unnecessary WARN_ON() in implement() (git-fixes).\n- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).\n- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).\n- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).\n- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev-\u003edevc (git-fixes).\n- HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() (git-fixes).\n- HID: logitech-dj: allow mice to use all types of reports (git-fixes).\n- HID: mcp-2221: cancel delayed_work only when CONFIG_IIO is enabled (stable-fixes).\n- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).\n- HID: wacom: Modify pen IDs (git-fixes).\n- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)\n- Input: ads7846 - use spi_device_id table (stable-fixes).\n- Input: allocate keycode for Display refresh rate toggle (stable-fixes).\n- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).\n- Input: elan_i2c - do not leave interrupt disabled on suspend failure (git-fixes).\n- Input: elantech - fix touchpad state on resume for Lenovo N24 (stable-fixes).\n- Input: ff-core - prefer struct_size over open coded arithmetic (stable-fixes).\n- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).\n- Input: i8042 - add Ayaneo Kun to i8042 quirk table (stable-fixes).\n- Input: ili210x - fix ili251x_read_touch_data() return value (git-fixes).\n- Input: imagis - use FIELD_GET where applicable (stable-fixes).\n- Input: ims-pcu - fix printf string overflow (git-fixes).\n- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).\n- Input: qt1050 - handle CHIP_ID reading error (git-fixes).\n- Input: silead - Always support 10 fingers (stable-fixes).\n- Input: synaptics-rmi4 - fail probing if memory allocation for \"phys\" fails (stable-fixes).\n- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).\n- Input: xpad - add support for ASUS ROG RAIKIRI (git-fixes).\n- Input: xpad - add support for ASUS ROG RAIKIRI PRO (stable-fixes).\n- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).\n- KEYS: trusted: Do not use WARN when encode fails (git-fixes).\n- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).\n- KVM: SEV-ES: Delegate LBR virtualization to the processor (git-fixes).\n- KVM: SEV-ES: Disallow SEV-ES guests when X86_FEATURE_LBRV is absent (git-fixes).\n- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).\n- KVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region() (git-fixes).\n- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).\n- KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked (git-fixes).\n- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).\n- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).\n- KVM: arm64: Use local TLBI on permission relaxation (bsc#1219478).\n- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).\n- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).\n- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).\n- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).\n- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).\n- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).\n- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).\n- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).\n- KVM: x86/pmu: Apply \"fast\" RDPMC only to Intel PMUs (git-fixes).\n- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).\n- KVM: x86/pmu: Disallow \"fast\" RDPMC for architectural Intel PMUs (git-fixes).\n- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).\n- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).\n- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).\n- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (bsc#1226158).\n- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).\n- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at \"RESET\" (git-fixes).\n- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).\n- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).\n- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).\n- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).\n- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).\n- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).\n- KVM: x86: Always sync PIR to IRR prior to scanning I/O APIC routes (git-fixes).\n- KVM: x86: Do not advertise guest.MAXPHYADDR as host.MAXPHYADDR in CPUID (git-fixes).\n- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).\n- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).\n- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).\n- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).\n- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).\n- KVM: x86: Snapshot if a vCPU\u0027s vendor model is AMD vs. Intel compatible (git-fixes).\n- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they\u0027re a WIP (git-fixes).\n- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).\n- NFC: trf7970a: disable all regulators on removal (git-fixes).\n- NFS: Fix READ_PLUS when server does not support OP_READ_PLUS (git-fixes).\n- NFS: Fix an off by one in root_nfs_cat() (git-fixes).\n- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).\n- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).\n- NFS: abort nfs_atomic_open_v23 if name is too long (bsc#1219847).\n- NFS: add atomic_open for NFSv3 to handle O_TRUNC correctly (bsc#1219847).\n- NFS: add barriers when testing for NFS_FSDATA_BLOCKED (git-fixes).\n- NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633 bsc#1226226).\n- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).\n- NFSD: Fix checksum mismatches in the duplicate reply cache (git-fixes).\n- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).\n- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).\n- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).\n- NFSD: Retransmit callbacks after client reconnects (git-fixes).\n- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).\n- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).\n- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).\n- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).\n- NFSv4.1 enforce rootpath check in fs_location query (git-fixes).\n- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).\n- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).\n- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).\n- NFSv4.x: by default serialize open/close operations (bsc#1223863 bsc#1227362).\n- NFSv4: Fixup smatch warning for ambiguous return (git-fixes).\n- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).\n- PCI/AER: Block runtime suspend when handling errors (stable-fixes).\n- PCI/ASPM: Update save_state when configuration changes (bsc#1226915)\n- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).\n- PCI/DPC: Fix use-after-free on concurrent DPC and hot-removal (git-fixes).\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).\n- PCI/DPC: Use FIELD_GET() (stable-fixes).\n- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).\n- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).\n- PCI/MSI: Fix UAF in msi_capability_init (git-fixes).\n- PCI/PM: Avoid D3cold for HP Pavilion 17 PC/1972 PCIe Ports (stable-fixes).\n- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).\n- PCI: Clear Secondary Status errors after enumeration (bsc#1226928)\n- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).\n- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).\n- PCI: Do not wait for disconnected devices when resuming (git-fixes).\n- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).\n- PCI: Extend ACS configurability (bsc#1228090).\n- PCI: Fix resource double counting on remove \u0026 rescan (git-fixes).\n- PCI: Fix typos in docs and comments (stable-fixes).\n- PCI: Introduce cleanup helpers for device reference counts and locks (stable-fixes).\n- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).\n- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).\n- PCI: dw-rockchip: Fix initial PERST# GPIO value (git-fixes).\n- PCI: dwc: Fix index 0 incorrectly being interpreted as a free ATU slot (git-fixes).\n- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).\n- PCI: endpoint: Clean up error handling in vpci_scan_bus() (git-fixes).\n- PCI: endpoint: Fix error handling in epf_ntb_epc_cleanup() (git-fixes).\n- PCI: endpoint: pci-epf-test: Make use of cached \u0027epc_features\u0027 in pci_epf_test_core_init() (git-fixes).\n- PCI: hv: Fix ring buffer size calculation (git-fixes).\n- PCI: keystone: Do not enable BAR 0 for AM654x (git-fixes).\n- PCI: keystone: Fix NULL pointer dereference in case of DT error in ks_pcie_setup_rc_app_regs() (git-fixes).\n- PCI: keystone: Relocate ks_pcie_set/clear_dbi_mode() (git-fixes).\n- PCI: qcom-ep: Disable resources unconditionally during PERST# assert (git-fixes).\n- PCI: qcom: Add support for sa8775p SoC (git-fixes).\n- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).\n- PCI: rcar: Demote WARN() to dev_warn_ratelimited() in rcar_pcie_wakeup() (git-fixes).\n- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).\n- PCI: rockchip: Use GPIOD_OUT_LOW flag while requesting ep_gpio (git-fixes).\n- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).\n- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).\n- PCI: switchtec: Use normal comment style (stable-fixes).\n- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).\n- PCI: tegra194: Set EP alignment restriction for inbound ATU (git-fixes).\n- PCI: vmd: Create domain symlink before pci_bus_add_devices() (bsc#1227363).\n- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).\n- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).\n- Port \"certs: Add ECDSA signature verification self-test\".\n- Port \"certs: Move RSA self-test data to separate file\".\n- RAS/AMD/ATL: Fix MI300 bank hash (bsc#1225300).\n- RAS/AMD/ATL: Use system settings for MI300 DRAM to normalized address translation (bsc#1225300).\n- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).\n- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).\n- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).\n- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)\n- RDMA/bnxt_re: Fix the max msix vectors macro (git-fixes)\n- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)\n- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)\n- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)\n- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)\n- RDMA/hns: Fix GMV table pagesize (git-fixes)\n- RDMA/hns: Fix UAF for cq async event (git-fixes)\n- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)\n- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)\n- RDMA/hns: Modify the print level of CQE error (git-fixes)\n- RDMA/hns: Use complete parentheses in macros (git-fixes)\n- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).\n- RDMA/mana_ib: Ignore optional access flags for MRs (git-fixes).\n- RDMA/mlx5: Add check for srq max_sge attribute (git-fixes)\n- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)\n- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)\n- RDMA/mlx5: Ensure created mkeys always have a populated rb_key (git-fixes)\n- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)\n- RDMA/mlx5: Fix unwind flow as part of mlx5_ib_stage_init_init (git-fixes)\n- RDMA/mlx5: Follow rb_key.ats when creating new mkeys (git-fixes)\n- RDMA/mlx5: Remove extra unlock on error path (git-fixes)\n- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)\n- RDMA/restrack: Fix potential invalid address access (git-fixes)\n- RDMA/rxe: Allow good work requests to be executed (git-fixes)\n- RDMA/rxe: Fix data copy for IB_SEND_INLINE (git-fixes)\n- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)\n- RDMA/rxe: Fix responder length checking for UD request packets (git-fixes)\n- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)\n- RDMA/rxe: Fix the problem \"mutex_destroy missing\" (git-fixes)\n- Reapply \"drm/qxl: simplify qxl_fence_wait\" (stable-fixes).\n- Refresh kabi workaround ath updates (bsc#1227149#)\n- Refresh the previous ASoC patch, landed in subsystem tree (bsc#1228269)\n- Remove NTFSv3 from configs (bsc#1224429)\n- SEV: disable SEV-ES DebugSwap by default (git-fixes).\n- SUNRPC: Fix gss_free_in_token_pages() (git-fixes).\n- SUNRPC: Fix loop termination condition in gss_free_in_token_pages() (git-fixes).\n- SUNRPC: avoid soft lockup when transmitting UDP to reachable server (bsc#1225272).\n- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).\n- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).\n- SUNRPC: return proper error from gss_wrap_req_priv (git-fixes).\n- Temporarily drop KVM patch that caused a regression (bsc#1226158)\n- USB: Add USB_QUIRK_NO_SET_INTF quirk for START BP-850k (stable-fixes).\n- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).\n- USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages (git-fixes).\n- USB: core: Add hub_get() and hub_put() routines (stable-fixes).\n- USB: core: Fix access violation during port device removal (git-fixes).\n- USB: core: Fix deadlock in port \"disable\" sysfs attribute (stable-fixes).\n- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).\n- USB: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (git-fixes).\n- USB: serial: add device ID for VeriFone adapter (stable-fixes).\n- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).\n- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).\n- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).\n- USB: serial: mos7840: fix crash on resume (git-fixes).\n- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).\n- USB: serial: option: add Fibocom FM350-GL (stable-fixes).\n- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).\n- USB: serial: option: add Netprisma LCUK54 series modules (stable-fixes).\n- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).\n- USB: serial: option: add Rolling RW350-GL variants (stable-fixes).\n- USB: serial: option: add Telit FN912 rmnet compositions (stable-fixes).\n- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).\n- USB: serial: option: add Telit generic core-dump composition (stable-fixes).\n- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).\n- USB: serial: option: add support for Foxconn T99W651 (stable-fixes).\n- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).\n- USB: xen-hcd: Traverse host/ when CONFIG_USB_XEN_HCD is selected (git-fixes).\n- Update ath11k suspend patches from the latest subsystem tree (bsc#1207948).\n- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).\n- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).\n- Workaround broken chacha crypto fallback (bsc#1218205).\n- X.509: Fix the parser of extended key usage for length (bsc#1218820).\n- accel/ivpu: Fix deadlock in context_xa (git-fixes).\n- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).\n- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).\n- ahci: asm1064: correct count of reported ports (stable-fixes).\n- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).\n- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).\n- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).\n- arm64/io: Provide a WC friendly __iowriteXX_copy() (bsc#1226502)\n- arm64/io: add constant-argument check (bsc#1226502 git-fixes)\n- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)\n- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)\n- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184).\n- arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY (git-fixes).\n- arm64: bpf: fix 32bit unconditional bswap (git-fixes).\n- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)\n- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)\n- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)\n- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)\n- arm64: dts: freescale: imx8mm-verdin: enable hysteresis on slow input (git-fixes)\n- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)\n- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)\n- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)\n- arm64: dts: imx8qm-mek: fix gpio number for reg_usdhc2_vmmc (git-fixes)\n- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)\n- arm64: dts: imx93-11x11-evk: Remove the \u0027no-sdio\u0027 property (git-fixes)\n- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)\n- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)\n- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)\n- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)\n- arm64: dts: rockchip: Add mdio and ethernet-phy nodes to (git-fixes)\n- arm64: dts: rockchip: Add missing power-domains for rk356x vop_mmu (git-fixes)\n- arm64: dts: rockchip: Add pinctrl for UART0 to rk3308-rock-pi-s (git-fixes)\n- arm64: dts: rockchip: Add sdmmc related properties on (git-fixes)\n- arm64: dts: rockchip: Add sound-dai-cells for RK3368 (git-fixes)\n- arm64: dts: rockchip: Drop invalid mic-in-differential on (git-fixes)\n- arm64: dts: rockchip: Fix SD NAND and eMMC init on rk3308-rock-pi-s (git-fixes)\n- arm64: dts: rockchip: Fix mic-in-differential usage on (git-fixes)\n- arm64: dts: rockchip: Fix mic-in-differential usage on rk3566-roc-pc (git-fixes)\n- arm64: dts: rockchip: Fix the DCDC_REG2 minimum voltage on Quartz64 (git-fixes)\n- arm64: dts: rockchip: Fix the value of `dlg,jack-det-rate` mismatch (git-fixes)\n- arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes)\n- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)\n- arm64: dts: rockchip: Rename LED related pinctrl nodes on (git-fixes)\n- arm64: dts: rockchip: Update WIFi/BT related nodes on (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)\n- arm64: dts: rockchip: fix PMIC interrupt pin on ROCK Pi E (git-fixes)\n- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)\n- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)\n- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).\n- arm64: mm: Batch dsb and isb when populating pgtables (jsc#PED-8688).\n- arm64: mm: Do not remap pgtables for allocate vs populate (jsc#PED-8688).\n- arm64: mm: Do not remap pgtables per-cont(pte|pmd) block (jsc#PED-8688).\n- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)\n- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)\n- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)\n- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)\n- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).\n- ata,scsi: libata-core: Do not leak memory for ata_port struct members (git-fixes).\n- ata: ahci: Clean up sysfs file on error (git-fixes).\n- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).\n- ata: libata-core: Fix double free on error (git-fixes).\n- ata: libata-core: Fix null pointer dereference on error (git-fixes).\n- ata: libata-scsi: Fix offsets for the fixed format sense data (git-fixes).\n- ata: pata_legacy: make legacy_exit() work again (git-fixes).\n- ata: sata_gemini: Check clk_enable() result (stable-fixes).\n- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).\n- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).\n- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).\n- auxdisplay: ht16k33: Drop reference after LED registration (git-fixes).\n- ax25: Fix netdev refcount issue (git-fixes).\n- ax25: Fix refcount imbalance on inbound connections (git-fixes).\n- ax25: Fix reference count leak issue of net_device (git-fixes).\n- ax25: Fix reference count leak issues of ax25_dev (git-fixes).\n- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).\n- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).\n- batman-adv: Do not accept TT entries for out-of-spec VIDs (git-fixes).\n- batman-adv: bypass empty buckets in batadv_purge_orig_ref() (stable-fixes).\n- bitops: add missing prototype check (git-fixes).\n- blk-cgroup: fix list corruption from reorder of WRITE -\u003elqueued (bsc#1225605).\n- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).\n- block: Move checking GENHD_FL_NO_PART to bdev_add_partition() (bsc#1226213).\n- block: fix q-\u003eblkg_list corruption during disk rebind (bsc#1223591).\n- bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX (git-fixes).\n- bnx2x: Fix firmware version string character counts (git-fixes).\n- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).\n- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).\n- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).\n- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)\n- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).\n- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).\n- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).\n- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).\n- bpf, arm64: Fix incorrect runtime stats (git-fixes)\n- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)\n- bpf, scripts: Correct GPL license name (git-fixes).\n- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).\n- bpf: check bpf_func_state-\u003ecallback_depth when pruning states (bsc#1225903).\n- bpf: correct loop detection for iterators convergence (bsc#1225903).\n- bpf: exact states comparison for iterator convergence checks (bsc#1225903).\n- bpf: extract __check_reg_arg() utility function (bsc#1225903).\n- bpf: extract same_callsites() as utility function (bsc#1225903).\n- bpf: extract setup_func_entry() utility function (bsc#1225903).\n- bpf: fix precision backtracking instruction iteration (bsc#1225756).\n- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).\n- bpf: keep track of max number of bpf_loop callback iterations (bsc#1225903).\n- bpf: move explored_state() closer to the beginning of verifier.c (bsc#1225903).\n- bpf: print full verifier states on infinite loop detection (bsc#1225903).\n- bpf: verify callbacks as if they are called unknown number of times (bsc#1225903).\n- bpf: widening for callback iterators (bsc#1225903).\n- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)\n- btrfs: add and use helper to check if block group is used (bsc#1220120).\n- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)\n- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).\n- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).\n- btrfs: always clear PERTRANS metadata during commit (git-fixes)\n- btrfs: always print transaction aborted messages with an error level (git-fixes)\n- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).\n- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).\n- btrfs: assert delayed node locked when removing delayed item (git-fixes)\n- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).\n- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).\n- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).\n- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).\n- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)\n- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)\n- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)\n- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)\n- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)\n- btrfs: do not arbitrarily slow down delalloc if we\u0027re committing (git-fixes)\n- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).\n- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).\n- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)\n- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).\n- btrfs: do not warn if discard range is not aligned to sector (git-fixes)\n- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).\n- btrfs: error out when COWing block using a stale transaction (git-fixes)\n- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)\n- btrfs: error when COWing block from a root that is being deleted (git-fixes)\n- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)\n- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).\n- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)\n- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)\n- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).\n- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)\n- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)\n- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)\n- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)\n- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)\n- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).\n- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).\n- btrfs: fix race when refilling delayed refs block reserve (git-fixes)\n- btrfs: fix start transaction qgroup rsv double free (git-fixes)\n- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).\n- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes)\n- btrfs: free qgroup rsv on io failure (git-fixes)\n- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)\n- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).\n- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)\n- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)\n- btrfs: initialize key where it\u0027s used when running delayed data ref (bsc#1220120).\n- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).\n- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).\n- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).\n- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).\n- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).\n- btrfs: make error messages more clear when getting a chunk map (git-fixes)\n- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).\n- btrfs: make find_free_dev_extent() static (bsc#1220120).\n- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).\n- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).\n- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).\n- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).\n- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)\n- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).\n- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)\n- btrfs: print available space across all block groups when dumping space info (bsc#1220120).\n- btrfs: print available space for a block group when dumping a space info (bsc#1220120).\n- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).\n- btrfs: print target number of bytes when dumping free space (bsc#1220120).\n- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).\n- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)\n- btrfs: record delayed inode root in transaction (git-fixes)\n- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)\n- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)\n- btrfs: remove pointless \u0027ref_root\u0027 variable from run_delayed_data_ref() (bsc#1220120).\n- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).\n- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).\n- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).\n- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).\n- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).\n- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).\n- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).\n- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).\n- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).\n- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).\n- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).\n- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).\n- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)\n- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)\n- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).\n- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).\n- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).\n- btrfs: send: ensure send_fd is writable (git-fixes)\n- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)\n- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)\n- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)\n- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).\n- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).\n- btrfs: store the error that turned the fs into error state (bsc#1220120).\n- btrfs: sysfs: validate scrub_speed_max value (git-fixes)\n- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)\n- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).\n- btrfs: update documentation for add_new_free_space() (bsc#1220120).\n- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).\n- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).\n- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).\n- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).\n- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).\n- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)\n- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)\n- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).\n- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).\n- bus: mhi: host: allow MHI client drivers to provide the firmware via a pointer (bsc#1227149).\n- bytcr_rt5640 : inverse jack detect for Archos 101 cesium (stable-fixes).\n- cachefiles: add output string to cachefiles_obj_[get|put]_ondemand_fd (git-fixes).\n- cachefiles: remove requests from xarray during flushing requests (bsc#1226588).\n- can: kvaser_usb: Explicitly initialize family in leafimx driver_info struct (git-fixes).\n- can: kvaser_usb: fix return value for hif_usb_send_regout (stable-fixes).\n- can: mcp251xfd: fix infinite loop when xmit fails (git-fixes).\n- cdrom: rearrange last_media_change check to avoid unintentional overflow (stable-fixes).\n- ceph: add ceph_cap_unlink_work to fire check_caps() immediately (bsc#1226022).\n- ceph: always check dir caps asynchronously (bsc#1226022).\n- ceph: always queue a writeback when revoking the Fb caps (bsc#1226022).\n- ceph: break the check delayed cap loop every 5s (bsc#1226022).\n- ceph: fix incorrect kmalloc size of pagevec mempool (bsc#1228417).\n- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).\n- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).\n- ceph: switch to use cap_delay_lock for the unlink delay list (bsc#1226022).\n- certs: Add ECDSA signature verification self-test (bsc#1222777).\n- certs: Move RSA self-test data to separate file (bsc#1222777).\n- char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git-fixes).\n- checkpatch: really skip LONG_LINE_* when LONG_LINE is ignored (git-fixes).\n- cifs: Add a laundromat thread for cached directories (git-fixes, bsc#1225172).\n- cifs: Do not use certain unnecessary folio_*() functions (bsc#1225172).\n- cifs: account for primary channel in the interface list (bsc#1225172).\n- cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1225172).\n- cifs: distribute channels across interfaces based on speed (bsc#1225172).\n- cifs: do not pass cifs_sb when trying to add channels (bsc#1225172).\n- cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1225172).\n- cifs: fix charset issue in reconnection (bsc#1225172).\n- cifs: fix leak of iface for primary channel (git-fixes, bsc#1225172).\n- cifs: handle cases where a channel is closed (bsc#1225172).\n- cifs: handle cases where multiple sessions share connection (bsc#1225172).\n- cifs: reconnect work should have reference on server struct (bsc#1225172).\n- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).\n- clk: Get runtime PM before walking tree during disable_unused (git-fixes).\n- clk: Get runtime PM before walking tree for clk_summary (git-fixes).\n- clk: Initialize struct clk_core kref earlier (stable-fixes).\n- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).\n- clk: Show active consumers of clocks in debugfs (stable-fixes).\n- clk: davinci: da8xx-cfgchip: Initialize clk_init_data before use (git-fixes).\n- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).\n- clk: mediatek: mt8183: Only enable runtime PM on mt8183-mfgcfg (git-fixes).\n- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).\n- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).\n- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).\n- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).\n- clk: qcom: clk-alpha-pll: set ALPHA_EN bit for Stromer Plus PLLs (git-fixes).\n- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).\n- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).\n- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).\n- clk: qcom: gcc-sm6350: Fix gpll6* \u0026 gpll7 parents (git-fixes).\n- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).\n- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).\n- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).\n- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).\n- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).\n- clk: rs9: fix wrong default value for clock amplitude (git-fixes).\n- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).\n- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).\n- clkdev: Update clkdev id usage to allow for longer names (stable-fixes).\n- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).\n- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).\n- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).\n- config/arm64: Enable CoreSight PMU drivers (bsc#1228289 jsc#PED-7859)\n- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)\n- coresight: trbe: Allocate platform data per device (bsc#1220587)\n- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)\n- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).\n- counter: ti-eqep: enable clock at probe (git-fixes).\n- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).\n- cpufreq/amd-pstate: Fix the scaling_max_freq setting on shared memory CPPC systems (git-fixes).\n- cpufreq: amd-pstate: Fix the inconsistency in max frequency units (git-fixes).\n- cpufreq: amd-pstate: fix memory leak on CPU EPP exit (stable-fixes).\n- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).\n- cpufreq: exit() callback is optional (git-fixes).\n- cpufreq: ti-cpufreq: Handle deferred probe with dev_err_probe() (git-fixes).\n- cpumask: Add for_each_cpu_from() (bsc#1225053).\n- crypto/ecdh: make ecdh_compute_value() to zeroize the public key (bsc#1222768).\n- crypto/ecdsa: make ecdsa_ecc_ctx_deinit() to zeroize the public key (bsc#1222768).\n- crypto: aead,cipher - zeroize key buffer after use (stable-fixes).\n- crypto: bcm - Fix pointer arithmetic (git-fixes).\n- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).\n- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).\n- crypto: ccp - Fix null pointer dereference in __sev_snp_shutdown_locked (git-fixes).\n- crypto: ccp - drop platform ifdef checks (git-fixes).\n- crypto: deflate - Add aliases to deflate (bsc#1227190).\n- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).\n- crypto: ecdh - explicitly zeroize private_key (stable-fixes).\n- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).\n- crypto: ecdsa - Fix the public key format description (git-fixes).\n- crypto: ecrdsa - Fix module auto-load on add_key (stable-fixes).\n- crypto: hisilicon/debugfs - Fix debugfs uninit process issue (stable-fixes).\n- crypto: hisilicon/qm - Add the err memory release process to qm uninit (stable-fixes).\n- crypto: hisilicon/sec - Fix memory leak for sec resource release (stable-fixes).\n- crypto: iaa - Account for cpu-less numa nodes (bsc#1227190).\n- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).\n- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).\n- crypto: qat - extend scope of lock in adf_cfg_add_key_value_param() (git-fixes).\n- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).\n- crypto: qat - improve error logging to be consistent across features (git-fixes).\n- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).\n- crypto: qat - specify firmware files for 402xx (git-fixes).\n- crypto: rsa - add a check for allocation failure (bsc#1222775).\n- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).\n- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).\n- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).\n- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).\n- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).\n- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).\n- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).\n- cxl/region: Fix cxlr_pmem leaks (git-fixes).\n- cxl/region: Fix memregion leaks in devm_cxl_add_region() (git-fixes).\n- cxl/test: Add missing vmalloc.h for tools/testing/cxl/test/mem.c (git-fixes).\n- cxl/trace: Correct DPA field masks for general_media \u0026 dram events (git-fixes).\n- cxl/trace: Properly initialize cxl_poison region name (git-fixes).\n- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).\n- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).\n- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).\n- decompress_bunzip2: fix rare decompression failure (git-fixes).\n- device-dax: make dax_bus_type const (jsc#PED-5853).\n- devres: Fix devm_krealloc() wasting memory (git-fixes).\n- devres: Fix memory leakage caused by driver API devm_free_percpu() (git-fixes).\n- dlm: fix user space lkb refcounting (git-fixes).\n- dlm: fix user space lock decision to copy lvb (git-fixes).\n- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).\n- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).\n- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).\n- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).\n- dm-multipath: dont\u0027t attempt SG_IO on non-SCSI-disks (bsc#1223575).\n- dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape (bsc#1219596)\n- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).\n- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).\n- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).\n- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).\n- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).\n- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).\n- dma-mapping: benchmark: fix node id validation (git-fixes).\n- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).\n- dma: fix call order in dmam_free_coherent (git-fixes).\n- dma: xilinx_dpdma: Fix locking (git-fixes).\n- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).\n- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).\n- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).\n- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).\n- dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (git-fixes).\n- dmaengine: ioatdma: Fix error path in ioat3_dma_probe() (git-fixes).\n- dmaengine: ioatdma: Fix kmemleak in ioat_pci_probe() (git-fixes).\n- dmaengine: ioatdma: Fix leaking on version mismatch (git-fixes).\n- dmaengine: ioatdma: Fix missing kmem_cache_destroy() (git-fixes).\n- dmaengine: owl: fix register access functions (git-fixes).\n- dmaengine: tegra186: Fix residual calculation (git-fixes).\n- dmaengine: ti: k3-udma: Fix BCHAN count with UHC and HC channels (git-fixes).\n- docs: Restore \"smart quotes\" for quotes (stable-fixes).\n- docs: crypto: async-tx-api: fix broken code example (git-fixes).\n- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).\n- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).\n- dpll: spec: use proper enum for pin capabilities attribute (git-fixes).\n- driver core: Introduce device_link_wait_removal() (stable-fixes).\n- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).\n- drivers/xen: Improve the late XenStore init protocol (git-fixes).\n- drivers: core: synchronize really_probe() and dev_uevent() (git-fixes).\n- drivers: soc: xilinx: check return status of get_api_version() (git-fixes).\n- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).\n- drm/amd/amdgpu: Fix uninitialized variable warnings (git-fixes).\n- drm/amd/display: ASSERT when failing to find index by plane/stream id (stable-fixes).\n- drm/amd/display: Account for cursor prefetch BW in DML1 mode support (stable-fixes).\n- drm/amd/display: Add VCO speed parameter for DCN31 FPU (stable-fixes).\n- drm/amd/display: Add dml2 copy functions (stable-fixes).\n- drm/amd/display: Add dtbclk access to dcn315 (stable-fixes).\n- drm/amd/display: Add refresh rate range check (stable-fixes).\n- drm/amd/display: Allocate zero bw after bw alloc enable (stable-fixes).\n- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).\n- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).\n- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).\n- drm/amd/display: Check index msg_id before read or write (stable-fixes).\n- drm/amd/display: Check pipe offset before setting vblank (stable-fixes).\n- drm/amd/display: Disable seamless boot on 128b/132b encoding (stable-fixes).\n- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).\n- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).\n- drm/amd/display: Exit idle optimizations before HDCP execution (stable-fixes).\n- drm/amd/display: Fix DC mode screen flickering on DCN321 (stable-fixes).\n- drm/amd/display: Fix array-index-out-of-bounds in dml2/FCLKChangeSupport (stable-fixes).\n- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).\n- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).\n- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).\n- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).\n- drm/amd/display: Fix nanosec stat overflow (stable-fixes).\n- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).\n- drm/amd/display: Fix overlapping copy within dml_core_mode_programming (stable-fixes).\n- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).\n- drm/amd/display: Fix refresh rate range for some panel (stable-fixes).\n- drm/amd/display: Fix uninitialized variables in DM (stable-fixes).\n- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).\n- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).\n- drm/amd/display: Move \u0027struct scaler_data\u0027 off stack (git-fixes).\n- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).\n- drm/amd/display: Prevent crash when disable stream (stable-fixes).\n- drm/amd/display: Program VSC SDP colorimetry for all DP sinks \u003e= 1.4 (stable-fixes).\n- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).\n- drm/amd/display: Remove pixle rate limit for subvp (stable-fixes).\n- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).\n- drm/amd/display: Return the correct HDCP error code (stable-fixes).\n- drm/amd/display: Revert Remove pixle rate limit for subvp (stable-fixes).\n- drm/amd/display: Send DP_TOTAL_LTTPR_CNT during detection if LTTPR is present (stable-fixes).\n- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).\n- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).\n- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).\n- drm/amd/display: Set color_mgmt_changed to true on unsuspend (stable-fixes).\n- drm/amd/display: Skip finding free audio for unknown engine_id (stable-fixes).\n- drm/amd/display: Skip pipe if the pipe idx not set properly (stable-fixes).\n- drm/amd/display: Update efficiency bandwidth for dcn351 (stable-fixes).\n- drm/amd/display: Update odm when ODM combine is changed on an otg master pipe with no plane (stable-fixes).\n- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).\n- drm/amd/display: Workaround register access in idle race with cursor (stable-fixes).\n- drm/amd/display: change dram_clock_latency to 34us for dcn35 (stable-fixes).\n- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).\n- drm/amd/display: fix input states translation error for dcn35 \u0026 dcn351 (stable-fixes).\n- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).\n- drm/amd/display: revert Exit idle optimizations before HDCP execution (stable-fixes).\n- drm/amd/pm: Fix aldebaran pcie speed reporting (git-fixes).\n- drm/amd/pm: Restore config space after reset (stable-fixes).\n- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).\n- drm/amd/pm: remove logically dead code for renoir (git-fixes).\n- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).\n- drm/amd: Fix shutdown (again) on some SMU v13.0.4/11 platforms (git-fixes).\n- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).\n- drm/amdgpu/atomfirmware: add intergrated info v2.3 table (stable-fixes).\n- drm/amdgpu/atomfirmware: fix parsing of vram_info (stable-fixes).\n- drm/amdgpu/atomfirmware: silence UBSAN warning (stable-fixes).\n- drm/amdgpu/display: Address kdoc for \u0027is_psr_su\u0027 in \u0027fill_dc_dirty_rects\u0027 (git-fixes).\n- drm/amdgpu/mes: fix use-after-free issue (stable-fixes).\n- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).\n- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).\n- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).\n- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).\n- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).\n- drm/amdgpu: Check if NBIO funcs are NULL in amdgpu_device_baco_exit (git-fixes).\n- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes).\n- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).\n- drm/amdgpu: Fix VRAM memory accounting (stable-fixes).\n- drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() (git-fixes).\n- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).\n- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).\n- drm/amdgpu: Fix memory range calculation (git-fixes).\n- drm/amdgpu: Fix pci state save during mode-1 reset (git-fixes).\n- drm/amdgpu: Fix signedness bug in sdma_v4_0_process_trap_irq() (git-fixes).\n- drm/amdgpu: Fix the ring buffer size for queue VM flush (stable-fixes).\n- drm/amdgpu: Fix uninitialized variable warnings (stable-fixes).\n- drm/amdgpu: Indicate CU havest info to CP (stable-fixes).\n- drm/amdgpu: Initialize timestamp for some legacy SOCs (stable-fixes).\n- drm/amdgpu: Refine IB schedule error logging (stable-fixes).\n- drm/amdgpu: Remove GC HW IP 9.3.0 from noretry=1 (git-fixes).\n- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).\n- drm/amdgpu: Update BO eviction priorities (stable-fixes).\n- drm/amdgpu: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (stable-fixes).\n- drm/amdgpu: add error handle to avoid out-of-bounds (stable-fixes).\n- drm/amdgpu: always force full reset for SOC21 (stable-fixes).\n- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).\n- drm/amdgpu: avoid using null object of framebuffer (stable-fixes).\n- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).\n- drm/amdgpu: fix UBSAN warning in kv_dpm.c (stable-fixes).\n- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).\n- drm/amdgpu: fix doorbell regression (git-fixes).\n- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).\n- drm/amdgpu: fix locking scope when flushing tlb (stable-fixes).\n- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).\n- drm/amdgpu: fix the warning about the expression (int)size - len (stable-fixes).\n- drm/amdgpu: fix uninitialized scalar variable warning (stable-fixes).\n- drm/amdgpu: fix use-after-free bug (stable-fixes).\n- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).\n- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).\n- drm/amdgpu: init microcode chip name from ip versions (stable-fixes).\n- drm/amdgpu: make damage clips support configurable (stable-fixes).\n- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).\n- drm/amdgpu: remove invalid resource-\u003estart check v2 (git-fixes).\n- drm/amdgpu: silence UBSAN warning (stable-fixes).\n- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).\n- drm/amdkfd: Add VRAM accounting for SVM migration (stable-fixes).\n- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).\n- drm/amdkfd: Fix CU Masking for GFX 9.4.3 (git-fixes).\n- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).\n- drm/amdkfd: Flush the process wq before creating a kfd_process (stable-fixes).\n- drm/amdkfd: Let VRAM allocations go to GTT domain on small APUs (stable-fixes).\n- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).\n- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).\n- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).\n- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).\n- drm/arm/komeda: Fix komeda probe failing if there are no links in the secondary pipeline (git-fixes).\n- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).\n- drm/ast: Fix soft lockup (git-fixes).\n- drm/bridge/panel: Fix runtime warning on panel bridge release (git-fixes).\n- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).\n- drm/bridge: anx7625: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: anx7625: Update audio status while detecting (git-fixes).\n- drm/bridge: dpc3433: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: icn6211: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: it6505: fix hibernate to resume no display issue (git-fixes).\n- drm/bridge: lt8912b: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt9611: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt9611uxc: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: samsung-dsim: Set P divider based on min/max of fin pll (git-fixes).\n- drm/bridge: tc358775: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).\n- drm/buddy: check range allocation matches alignment (stable-fixes).\n- drm/ci: update device type for volteer devices (git-fixes).\n- drm/client: Fully protect modes[] with dev-\u003emode_config.mutex (stable-fixes).\n- drm/connector: Add \\n to message about demoting connector force-probes (git-fixes).\n- drm/display: fix typo (git-fixes).\n- drm/dp_mst: Fix all mstb marked as not probed after suspend/resume (git-fixes).\n- drm/drm_file: Fix pid refcounting race (git-fixes).\n- drm/etnaviv: fix DMA direction handling for cached RW buffers (git-fixes).\n- drm/etnaviv: fix tx clock gating on some GC7000 variants (stable-fixes).\n- drm/exynos/vidi: fix memory leak in .get_modes() (stable-fixes).\n- drm/exynos: do not return negative values from .get_modes() (stable-fixes).\n- drm/exynos: dp: drop driver owner initialization (stable-fixes).\n- drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found (git-fixes).\n- drm/fbdev-dma: Fix framebuffer mode for big endian devices (git-fixes).\n- drm/fbdev-dma: Only set smem_start is enable per module option (git-fixes).\n- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).\n- drm/fbdev-generic: Fix framebuffer on big endian devices (git-fixes).\n- drm/gma500: Remove lid code (git-fixes).\n- drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (git-fixes).\n- drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (git-fixes).\n- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).\n- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).\n- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).\n- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).\n- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).\n- drm/i915/dp: Do not switch the LTTPR mode on an active link (git-fixes).\n- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY \u0026lt; 13 (git-fixes).\n- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).\n- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).\n- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).\n- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).\n- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).\n- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).\n- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).\n- drm/i915/gt: Do not consider preemption during execlists_dequeue for gen8 (git-fixes).\n- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).\n- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).\n- drm/i915/gt: Fix CCS id\u0027s calculation for CCS mode setting (git-fixes).\n- drm/i915/gt: Fix potential UAF by revoke of fence registers (git-fixes).\n- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).\n- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).\n- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).\n- drm/i915/hwmon: Get rid of devm (stable-fixes).\n- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).\n- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).\n- drm/i915/mso: using joiner is not possible with eDP MSO (git-fixes).\n- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).\n- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).\n- drm/i915/mtl: Update workaround 14018575942 (git-fixes).\n- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).\n- drm/i915/vrr: Generate VRR \"safe window\" for DSB (git-fixes).\n- drm/i915: Disable live M/N updates when using bigjoiner (stable-fixes).\n- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).\n- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).\n- drm/i915: Fix audio component initialization (git-fixes).\n- drm/i915: Include the PLL name in the debug messages (stable-fixes).\n- drm/i915: Pre-populate the cursor physical dma address (git-fixes).\n- drm/i915: Replace a memset() with zero initialization (stable-fixes).\n- drm/i915: Stop printing pipe name as hex (stable-fixes).\n- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).\n- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).\n- drm/i915: Use named initializers for DPLL info (stable-fixes).\n- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).\n- drm/komeda: check for error-valued pointer (git-fixes).\n- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).\n- drm/lima: Mark simple_ondemand governor as softdep (git-fixes).\n- drm/lima: add mask irq callback to gp and pp (stable-fixes).\n- drm/lima: fix shared irq handling on driver remove (stable-fixes).\n- drm/lima: mask irqs in timeout path before hard reset (stable-fixes).\n- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).\n- drm/mediatek: Add DRM_MODE_ROTATE_0 to rotation property (git-fixes).\n- drm/mediatek: Add OVL compatible name for MT8195 (git-fixes).\n- drm/mediatek: Add missing plane settings when async update (git-fixes).\n- drm/mediatek: Call drm_atomic_helper_shutdown() at shutdown time (stable-fixes).\n- drm/mediatek: Fix XRGB setting error in Mixer (git-fixes).\n- drm/mediatek: Fix XRGB setting error in OVL (git-fixes).\n- drm/mediatek: Fix bit depth overwritten for mtk_ovl_set bit_depth() (git-fixes).\n- drm/mediatek: Fix destination alpha error in OVL (git-fixes).\n- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).\n- drm/mediatek: Remove less-than-zero comparison of an unsigned value (git-fixes).\n- drm/mediatek: Set DRM mode configs accordingly (git-fixes).\n- drm/mediatek: Support DRM plane alpha in Mixer (git-fixes).\n- drm/mediatek: Support DRM plane alpha in OVL (git-fixes).\n- drm/mediatek: Support RGBA8888 and RGBX8888 in OVL on MT8195 (git-fixes).\n- drm/mediatek: Turn off the layers with zero width or height (git-fixes).\n- drm/mediatek: Use 8-bit alpha in ETHDR (git-fixes).\n- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).\n- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).\n- drm/meson: dw-hdmi: power up phy on device init (git-fixes).\n- drm/meson: fix canvas release in bind function (git-fixes).\n- drm/meson: gate px_clk when setting rate (git-fixes).\n- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).\n- drm/mgag200: Bind I2C lifetime to DRM device (git-fixes).\n- drm/mgag200: Set DDC timeout in milliseconds (git-fixes).\n- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_dcs_write_seq() (git-fixes).\n- drm/mipi-dsi: Fix theoretical int overflow in mipi_dsi_generic_write_seq() (git-fixes).\n- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).\n- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).\n- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).\n- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).\n- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).\n- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).\n- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).\n- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).\n- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).\n- drm/msm/dpu: drop validity checks for clear_pending_flush() ctl op (git-fixes).\n- drm/msm/dpu: fix encoder irq wait skip (git-fixes).\n- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).\n- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).\n- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).\n- drm/msm/dsi: set VIDEO_COMPRESSION_MODE_CTRL_WC (git-fixes).\n- drm/msm/mdp5: Remove MDP_CAP_SRC_SPLIT from msm8x53_config (git-fixes).\n- drm/msm: Add newlines to some debug prints (git-fixes).\n- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).\n- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_hd_modes (stable-fixes).\n- drm/nouveau/dispnv04: fix null pointer dereference in nv17_tv_get_ld_modes (stable-fixes).\n- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).\n- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).\n- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).\n- drm/nouveau: do not attempt to schedule hpd_work on headless cards (git-fixes).\n- drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (git-fixes).\n- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).\n- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).\n- drm/panel: boe-tv101wum-nl6: Check for errors on the NOP in prepare() (git-fixes).\n- drm/panel: boe-tv101wum-nl6: If prepare fails, disable GPIO before regulators (git-fixes).\n- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).\n- drm/panel: himax-hx8394: Handle errors from mipi_dsi_dcs_set_display_on() better (git-fixes).\n- drm/panel: ili9341: Respect deferred probe (git-fixes).\n- drm/panel: ili9341: Use predefined error codes (git-fixes).\n- drm/panel: ilitek-ili9881c: Fix warning with GPIO controllers that sleep (stable-fixes).\n- drm/panel: ilitek-ili9882t: Check for errors on the NOP in prepare() (git-fixes).\n- drm/panel: ilitek-ili9882t: If prepare fails, disable GPIO before regulators (git-fixes).\n- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).\n- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).\n- drm/panel: novatek-nt35950: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).\n- drm/panel: simple: Add missing display timing flags for KOE TX26D202VM0BWA (git-fixes).\n- drm/panel: sitronix-st7789v: Add check for of_drm_get_panel_orientation (git-fixes).\n- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).\n- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).\n- drm/panfrost: Mark simple_ondemand governor as softdep (git-fixes).\n- drm/panfrost: fix power transition timeout warnings (git-fixes).\n- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).\n- drm/probe-helper: warn about negative .get_modes() (stable-fixes).\n- drm/qxl: Add check for drm_cvt_mode (git-fixes).\n- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).\n- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).\n- drm/radeon/radeon_display: Decrease the size of allocated memory (stable-fixes).\n- drm/radeon: check bo_va-\u003ebo is non-NULL before using it (stable-fixes).\n- drm/radeon: fix UBSAN warning in kv_dpm.c (stable-fixes).\n- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).\n- drm/radeon: silence UBSAN warning (v3) (stable-fixes).\n- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).\n- drm/rockchip: vop2: Fix the port mux of VP2 (git-fixes).\n- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).\n- drm/sched: fix null-ptr-deref in init entity (git-fixes).\n- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).\n- drm/sun4i: hdmi: Convert encoder to atomic (stable-fixes).\n- drm/sun4i: hdmi: Move mode_set into enable (stable-fixes).\n- drm/ttm: Always take the bo delayed cleanup path for imported bos (git-fixes).\n- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).\n- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).\n- drm/udl: Remove DRM_CONNECTOR_POLL_HPD (git-fixes).\n- drm/vc4: do not check if plane-\u003estate-\u003efb == state-\u003efb (stable-fixes).\n- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).\n- drm/vmwgfx: 3D disabled should not effect STDU memory limits (git-fixes).\n- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).\n- drm/vmwgfx: Do not memcmp equivalent pointers (git-fixes).\n- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).\n- drm/vmwgfx: Filter modes which exceed graphics memory (git-fixes).\n- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).\n- drm/vmwgfx: Fix crtc\u0027s atomic check conditional (git-fixes).\n- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).\n- drm/vmwgfx: Fix missing HYPERVISOR_GUEST dependency (stable-fixes).\n- drm/vmwgfx: Fix prime import/export (git-fixes).\n- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).\n- drm: Check output polling initialized before disabling (stable-fixes).\n- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).\n- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).\n- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).\n- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).\n- drm: nv04: Fix out of bounds access (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).\n- drm: panel-orientation-quirks: Add quirk for Valve Galileo (stable-fixes).\n- drm: vc4: Fix possible null pointer dereference (git-fixes).\n- drm: zynqmp_dpsub: Always register bridge (git-fixes).\n- drm: zynqmp_dpsub: Fix an error handling path in zynqmp_dpsub_probe() (git-fixes).\n- drm: zynqmp_kms: Fix AUX bus not getting unregistered (git-fixes).\n- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)\n- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).\n- dyndbg: fix old BUG_ON in \u003econtrol parser (stable-fixes).\n- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).\n- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).\n- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).\n- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)\n- ecryptfs: Reject casefold directory inodes (git-fixes)\n- eeprom: at24: Probe for DDR3 thermal sensor in the SPD case (stable-fixes).\n- eeprom: digsy_mtc: Fix 93xx46 driver probe failure (git-fixes).\n- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).\n- efi/unaccepted: touch soft lockup during memory accept (git-fixes).\n- efi/x86: Free EFI memory map only when installing a new one (git-fixes).\n- efi: disable mirror feature during crashkernel (stable-fixes).\n- efi: fix panic in kdump kernel (git-fixes).\n- efi: libstub: only free priv.runtime_map when allocated (git-fixes).\n- erofs: ensure m_llen is reset to 0 if metadata is invalid (git-fixes).\n- exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes).\n- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).\n- f2fs: fix error path of __f2fs_build_free_nids (git-fixes).\n- fast_dput(): handle underflows gracefully (git-fixes)\n- fat: fix uninitialized field in nostale filehandles (git-fixes)\n- fbdev: fix incorrect address computation in deferred IO (git-fixes).\n- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).\n- fbdev: sh7760fb: allow modular build (git-fixes).\n- fbdev: shmobile: fix snprintf truncation (git-fixes).\n- fbdev: sisfb: hide unused variables (git-fixes).\n- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).\n- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).\n- filelock: fix potential use-after-free in posix_lock_inode (git-fixes).\n- firewire: core: use long bus reset on gap count error (stable-fixes).\n- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).\n- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).\n- firmware: cs_dsp: Fix overflow checking of wmfw header (git-fixes).\n- firmware: cs_dsp: Prevent buffer overrun when processing V2 alg headers (git-fixes).\n- firmware: cs_dsp: Return error if block header overflows file (git-fixes).\n- firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files (git-fixes).\n- firmware: cs_dsp: Validate payload length before processing block (git-fixes).\n- firmware: dmi-id: add a release callback function (git-fixes).\n- firmware: dmi: Stop decoding on broken entry (stable-fixes).\n- firmware: psci: Fix return value from psci_system_suspend() (git-fixes).\n- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).\n- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).\n- firmware: turris-mox-rwtm: Do not complete if there are no waiters (git-fixes).\n- firmware: turris-mox-rwtm: Fix checking return value of wait_for_completion_timeout() (git-fixes).\n- firmware: turris-mox-rwtm: Initialize completion before mailbox (git-fixes).\n- fpga: dfl-pci: add PCI subdevice ID for Intel D5005 card (stable-fixes).\n- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)\n- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)\n- fs/file: fix the check in find_next_fd() (git-fixes).\n- fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes).\n- fs: Fix error checking for d_hash_and_lookup() (git-fixes)\n- fs: indicate request originates from old mount API (git-fixes)\n- fs: relax mount_setattr() permission checks (git-fixes)\n- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)\n- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).\n- fuse: do not unhash root (bsc#1223946).\n- fuse: fix root lookup with nonzero generation (bsc#1223945).\n- fuse: verify {g,u}id mount options correctly (bsc#1228193).\n- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).\n- geneve: make sure to pull inner header in geneve_rx() (git-fixes).\n- genirq/irqdesc: Prevent use-after-free in irq_find_at_or_after() (git-fixes).\n- gfs2: Do not forget to complete delayed withdraw (git-fixes).\n- gfs2: Fix \"ignore unlock failures after withdraw\" (git-fixes).\n- gfs2: Fix invalid metadata access in punch_hole (git-fixes).\n- gfs2: Get rid of gfs2_alloc_blocks generation parameter (git-fixes).\n- gfs2: Rename gfs2_lookup_{ simple =\u003e meta } (git-fixes).\n- gfs2: Use mapping-\u003egfp_mask for metadata inodes (git-fixes).\n- gfs2: convert to ctime accessor functions (git-fixes).\n- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).\n- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).\n- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).\n- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).\n- gpio: davinci: Validate the obtained number of IRQs (git-fixes).\n- gpio: lpc32xx: fix module autoloading (stable-fixes).\n- gpio: mc33880: Convert comma to semicolon (git-fixes).\n- gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (stable-fixes).\n- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).\n- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).\n- gpio: tqmx86: fix broken IRQ_TYPE_EDGE_BOTH interrupt type (git-fixes).\n- gpio: tqmx86: fix typo in Kconfig label (git-fixes).\n- gpio: tqmx86: introduce shadow register for GPIO output value (git-fixes).\n- gpio: tqmx86: store IRQ trigger type and unmask status separately (git-fixes).\n- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).\n- gpiolib: cdev: Disallow reconfiguration without direction (uAPI v1) (git-fixes).\n- gpiolib: cdev: fix uninitialised kfifo (git-fixes).\n- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).\n- gpiolib: swnode: Remove wrong header inclusion (git-fixes).\n- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).\n- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).\n- hfsplus: fix to avoid false alarm of circular locking (git-fixes).\n- hfsplus: fix uninit-value in copy_name (git-fixes).\n- hpet: Support 32-bit userspace (git-fixes).\n- hwmon: (adt7475) Fix default duty on fan is disabled (git-fixes).\n- hwmon: (amc6821) add of_match table (stable-fixes).\n- hwmon: (corsair-cpro) Protect ccp-\u003ewait_input_report with a spinlock (git-fixes).\n- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).\n- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).\n- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).\n- hwmon: (lm70) fix links in doc and comments (git-fixes).\n- hwmon: (max6697) Fix swapped temp{1,8} critical alarms (git-fixes).\n- hwmon: (max6697) Fix underflow when writing limit attributes (git-fixes).\n- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).\n- hwmon: (shtc1) Fix property misspelling (git-fixes).\n- hwrng: amd - Convert PCIBIOS_* return codes to errnos (git-fixes).\n- hwrng: core - Fix wrong quality calculation at hw rng registration (git-fixes).\n- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).\n- i2c: acpi: Unbind mux adapters before delete (git-fixes).\n- i2c: at91: Fix the functionality flags of the slave-only interface (git-fixes).\n- i2c: cadence: Avoid fifo clear after start (git-fixes).\n- i2c: designware: Fix the functionality flags of the slave-only interface (git-fixes).\n- i2c: i801: Annotate apanel_addr as __ro_after_init (stable-fixes).\n- i2c: mark HostNotify target address as used (git-fixes).\n- i2c: ocores: set IACK bit after core is enabled (git-fixes).\n- i2c: pnx: Fix potential deadlock warning from del_timer_sync() call in isr (git-fixes).\n- i2c: pxa: hide unused icr_bits[] variable (git-fixes).\n- i2c: rcar: bring hardware to known state when probing (git-fixes).\n- i2c: smbus: fix NULL function pointer dereference (git-fixes).\n- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).\n- i2c: testunit: avoid re-issued work after read message (git-fixes).\n- i2c: testunit: correct Kconfig description (git-fixes).\n- i2c: testunit: discard write requests while old command is running (git-fixes).\n- i2c: testunit: do not erase registers after STOP (git-fixes).\n- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).\n- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).\n- i40e: Enforce software interrupt during busy-poll exit (git-fixes).\n- i40e: Fix VF MAC filter removal (git-fixes).\n- i40e: Fix firmware version comparison function (git-fixes).\n- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).\n- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).\n- i40e: fix vf may be used uninitialized in this function warning (git-fixes).\n- i40e: fix: remove needless retries of NVM update (bsc#1227736).\n- i915: make inject_virtual_interrupt() void (stable-fixes).\n- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).\n- ice: fix enabling RX VLAN filtering (git-fixes).\n- ice: fix memory corruption bug with suspend and rebuild (git-fixes).\n- ice: fix stats being updated by way too large values (git-fixes).\n- ice: fix typo in assignment (git-fixes).\n- ice: fix uninitialized dplls mutex usage (git-fixes).\n- ice: reconfig host after changing MSI-X on VF (git-fixes).\n- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).\n- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).\n- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).\n- ida: make \u0027ida_dump\u0027 static (git-fixes).\n- idma64: Do not try to serve interrupts when device is powered off (git-fixes).\n- idpf: disable local BH when scheduling napi for marker packets (git-fixes).\n- idpf: extend tx watchdog timeout (bsc#1224137).\n- idpf: fix kernel panic on unknown packet types (git-fixes).\n- igb: Fix missing time sync events (git-fixes).\n- igb: extend PTP timestamp adjustments to i211 (git-fixes).\n- igc: Fix missing time sync events (git-fixes).\n- igc: Remove stale comment about Tx timestamping (git-fixes).\n- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).\n- iio: Fix the sorting functionality in iio_gts_build_avail_time_table (git-fixes).\n- iio: accel: fxls8962af: select IIO_BUFFER \u0026 IIO_KFIFO_BUF (git-fixes).\n- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).\n- iio: accel: mxc4005: Reset chip on probe() and resume() (stable-fixes).\n- iio: accel: mxc4005: allow module autoloading via OF compatible (stable-fixes).\n- iio: adc: ad7266: Fix variable checking bug (git-fixes).\n- iio: adc: ad9467: fix scan type sign (git-fixes).\n- iio: adc: ad9467: use chip_info variables instead of array (stable-fixes).\n- iio: adc: ad9467: use spi_get_device_match_data() (stable-fixes).\n- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).\n- iio: chemical: bme680: Fix calibration data variable (git-fixes).\n- iio: chemical: bme680: Fix overflows in compensate() functions (git-fixes).\n- iio: chemical: bme680: Fix pressure value output (git-fixes).\n- iio: chemical: bme680: Fix sensor data read operation (git-fixes).\n- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).\n- iio: dac: ad5592r: fix temperature channel scaling value (git-fixes).\n- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).\n- iio: frequency: adrf6780: rm clk provider include (git-fixes).\n- iio: gts-helper: Fix division loop (git-fixes).\n- iio: imu: inv_icm42600: delete unneeded update watermark call (git-fixes).\n- iio: pressure: Fixes BME280 SPI driver data (git-fixes).\n- iio: pressure: bmp280: Fix BMP580 temperature reading (stable-fixes).\n- iio: pressure: dps310: support negative temperature values (git-fixes).\n- iio: pressure: fix some word spelling errors (stable-fixes).\n- iio: xilinx-ams: Do not include ams_ctrl_channels in scan_mask (git-fixes).\n- iio:imu: adis16475: Fix sync mode setting (git-fixes).\n- inet: frags: eliminate kernel-doc warning (git-fixes).\n- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).\n- init/main.c: Fix potential static_command_line memory overflow (git-fixes).\n- init: open /initrd.image with O_LARGEFILE (stable-fixes).\n- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).\n- input: Add event code for accessibility key (stable-fixes).\n- input: Add support for \"Do Not Disturb\" (stable-fixes).\n- intel: legacy: Partial revert of field get conversion (git-fixes).\n- intel_th: pci: Add Granite Rapids SOC support (stable-fixes).\n- intel_th: pci: Add Granite Rapids support (stable-fixes).\n- intel_th: pci: Add Lunar Lake support (stable-fixes).\n- intel_th: pci: Add Meteor Lake-S CPU support (stable-fixes).\n- intel_th: pci: Add Meteor Lake-S support (stable-fixes).\n- intel_th: pci: Add Sapphire Rapids SOC support (stable-fixes).\n- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).\n- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).\n- interconnect: qcom: qcm2290: Fix mas_snoc_bimc RPM master ID (git-fixes).\n- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).\n- interconnect: qcom: sm8550: Enable sync_state (git-fixes).\n- io-wq: write next_work before dropping acct_lock (git-fixes).\n- io_uring/io-wq: Use set_bit() and test_bit() at worker-\u003eflags (git-fixes).\n- io_uring/io-wq: avoid garbage value of \u0027match\u0027 in io_wq_enqueue() (git-fixes).\n- io_uring/kbuf: get rid of bl-\u003eis_ready (git-fixes).\n- io_uring/kbuf: get rid of lower BGID lists (git-fixes).\n- io_uring/kbuf: protect io_buffer_list teardown with a reference (git-fixes).\n- io_uring/kbuf: rename is_mapped (git-fixes).\n- io_uring/net: correct the type of variable (git-fixes).\n- io_uring/net: correctly handle multishot recvmsg retry setup (git-fixes).\n- io_uring/net: fix sendzc lazy wake polling (git-fixes).\n- io_uring/net: move receive multishot out of the generic msghdr path (git-fixes).\n- io_uring/net: restore msg_control on sendzc retry (git-fixes).\n- io_uring/net: unify how recvmsg and sendmsg copy in the msghdr (git-fixes).\n- io_uring/rsrc: do not lock while !TASK_RUNNING (git-fixes).\n- io_uring/rsrc: fix incorrect assignment of iter-\u003enr_segs in io_import_fixed (git-fixes).\n- io_uring/rw: do not allow multishot reads without NOWAIT support (git-fixes).\n- io_uring/rw: return IOU_ISSUE_SKIP_COMPLETE for multishot retry (git-fixes).\n- io_uring/sqpoll: work around a potential audit memory leak (git-fixes).\n- io_uring/unix: drop usage of io_uring socket (git-fixes).\n- io_uring: Fix io_cqring_wait() not restoring sigmask on get_timespec64() failure (git-fixes).\n- io_uring: clean rings on NO_MMAP alloc fail (git-fixes).\n- io_uring: clear opcode specific data for an early failure (git-fixes).\n- io_uring: do not save/restore iowait state (git-fixes).\n- io_uring: fail NOP if non-zero op flags is passed in (git-fixes).\n- io_uring: fix io_queue_proc modifying req-\u003eflags (git-fixes).\n- io_uring: fix mshot io-wq checks (git-fixes).\n- io_uring: fix mshot read defer taskrun cqe posting (git-fixes).\n- io_uring: fix poll_remove stalled req completion (git-fixes).\n- io_uring: kabi cookie remove (bsc#1217384).\n- io_uring: remove looping around handling traditional task_work (git-fixes).\n- io_uring: remove unconditional looping in local task_work handling (git-fixes).\n- io_uring: use private workqueue for exit work (git-fixes).\n- io_uring: use the right type for work_llist empty check (git-fixes).\n- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)\n- iommu/amd: Enhance def_domain_type to handle untrusted device (git-fixes).\n- iommu/amd: Fix panic accessing amd_iommu_enable_faulting (bsc#1224767).\n- iommu/amd: Fix sysfs leak in iommu init (git-fixes).\n- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).\n- iommu/arm-smmu-v3: Free MSIs in case of ENOMEM (git-fixes).\n- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)\n- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).\n- iommu/vt-d: Allocate DMAR fault interrupts locally (bsc#1224767).\n- iommu/vt-d: Allocate local memory for page request queue (git-fixes).\n- iommu/vt-d: Fix WARN_ON in iommu probe path (git-fixes).\n- iommu/vt-d: Fix wrong use of pasid config (git-fixes).\n- iommu/vt-d: Improve ITE fault handling if target device isn\u0027t present (git-fixes).\n- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).\n- iommu/vt-d: Update iotlb in nested domain attach (git-fixes).\n- iommu/vt-d: Use rbtree to track iommu probed devices (git-fixes).\n- iommu: Fix compilation without CONFIG_IOMMU_INTEL (git-fixes).\n- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).\n- iommu: Return right value in iommu_sva_bind_device() (git-fixes).\n- iommu: Undo pasid attachment only for the devices that have succeeded (git-fixes).\n- iommu: mtk: fix module autoloading (git-fixes).\n- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).\n- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).\n- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).\n- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).\n- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).\n- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).\n- ionic: set adminq irq affinity (git-fixes).\n- ipmi: ssif_bmc: prevent integer overflow on 32bit systems (git-fixes).\n- ipv4: annotate data-races around fi-\u003efib_dead (git-fixes).\n- ipvs: Fix checksumming on GSO of SCTP packets (bsc#1221958)\n- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).\n- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).\n- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).\n- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).\n- irqchip/gic-v3-its: Prevent double free on error (git-fixes).\n- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).\n- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).\n- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register\u0027s index (stable-fixes).\n- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).\n- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).\n- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).\n- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).\n- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).\n- iwlwifi: fw: fix more kernel-doc warnings (bsc#1227149).\n- iwlwifi: mvm: Drop unused fw_trips_index[] from iwl_mvm_thermal_device (bsc#1227149).\n- iwlwifi: mvm: Populate trip table before registering thermal zone (bsc#1227149).\n- iwlwifi: mvm: Use for_each_thermal_trip() for walking trip points (bsc#1227149).\n- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).\n- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).\n- jffs2: Fix potential illegal address access in jffs2_free_inode (git-fixes).\n- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).\n- jfs: Fix array-index-out-of-bounds in diFree (git-fixes).\n- jfs: xattr: fix buffer overflow for invalid xattr (bsc#1227383).\n- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).\n- kABI fix of KVM: x86/pmu: Prioritize VMX interception over\n- kABI fix of KVM: x86: Snapshot if a vCPU\u0027s vendor model is AMD vs. Intel compatible (git-fixes).\n- kABI workaround for cs35l56 (git-fixes).\n- kABI workaround for of driver changes (git-fixes).\n- kABI workaround for sof_ipc_pcm_ops (git-fixes).\n- kABI workaround for wireless updates (bsc#1227149).\n- kABI: Adjust trace_iterator.wait_index (git-fixes).\n- kABI: bpf: verifier kABI workaround (bsc#1225903).\n- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).\n- kabi/severities: Ignore io_uring internal symbols\n- kabi/severities: Remove mitigation-related symbols\n- kabi/severities: cleanup and update for WiFi driver entries (bsc#1227149)\n- kabi/severities: cover all ath/* drivers (bsc#1227149)\n- kabi/severities: cover all mt76 modules (bsc#1227149)\n- kabi/severities: ignore IMS functions \n- kabi/severities: ignore TAS2781 symbol drop, it\u0027s only locally used\n- kabi/severities: ignore Wangxun ethernet driver local symbols\n- kabi/severities: ignore amd pds internal symbols\n- kabi/severities: ignore brcmfmac-specific local symbols\n- kabi/severities: ignore kABI changes Realtek WiFi drivers (bsc#1227149)\n- kabi: Use __iowriteXX_copy_inlined for in-kernel modules (bsc#1226502)\n- kasan, fortify: properly rename memintrinsics (git-fixes).\n- kasan/test: avoid gcc warning for intentional overflow (git-fixes).\n- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).\n- kasan: print the original fault addr when access invalid shadow (git-fixes).\n- kbuild: Fix build target deb-pkg: ln: failed to create hard link (git-fixes).\n- kbuild: Install dtb files as 0644 in Makefile.dtbinst (git-fixes).\n- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-fixes).\n- kbuild: avoid build error when single DTB is turned into composite DTB (git-fixes).\n- kconfig: doc: fix a typo in the note about \u0027imply\u0027 (git-fixes).\n- kconfig: fix comparison to constant symbols, \u0027m\u0027, \u0027n\u0027 (git-fixes).\n- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).\n- kconfig: gconf: give a proper initial state to the Save button (stable-fixes).\n- kconfig: remove wrong expr_trans_bool() (stable-fixes).\n- kcov: do not lose track of remote references during softirqs (git-fixes).\n- kernel-binary: vdso: Own module_dir\n- kernel-doc: fix struct_group_tagged() parsing (git-fixes).\n- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).\n- kheaders: explicitly define file modes for archived headers (stable-fixes).\n- knfsd: LOOKUP can return an illegal error value (git-fixes).\n- kobject_uevent: Fix OOB access within zap_modalias_env() (git-fixes).\n- kprobe/ftrace: bail out if ftrace was killed (git-fixes).\n- kprobe/ftrace: fix build error due to bad function definition (git-fixes).\n- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).\n- kselftest: Add a ksft_perror() helper (stable-fixes).\n- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).\n- kunit: Fix checksum tests on big endian CPUs (git-fixed).\n- leds: flash: leds-qcom-flash: Test the correct variable in init (git-fixes).\n- leds: mt6360: Fix memory leak in mt6360_init_isnk_properties() (git-fixes).\n- leds: pwm: Disable PWM when going to suspend (git-fixes).\n- leds: ss4200: Convert PCIBIOS_* return codes to errnos (git-fixes).\n- leds: trigger: Unregister sysfs attributes before calling deactivate() (git-fixes).\n- leds: triggers: Flush pending brightness before activating trigger (git-fixes).\n- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).\n- lib: objagg: Fix general protection fault (git-fixes).\n- lib: objagg: Fix spelling (git-fixes).\n- lib: test_objagg: Fix spelling (git-fixes).\n- libceph: fix race between delayed_work() and ceph_monc_stop() (bsc#1228192).\n- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).\n- libperf evlist: Avoid out-of-bounds access (git-fixes).\n- libsubcmd: Fix parse-options memory leak (git-fixes).\n- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).\n- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)\n- lsm: fix the logic in security_inode_getsecctx() (git-fixes).\n- mISDN: Fix a use after free in hfcmulti_tx() (git-fixes).\n- mISDN: fix MISDN_TIME_STAMP handling (git-fixes).\n- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).\n- mac802154: fix time calculation in ieee802154_configure_durations() (git-fixes).\n- mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (git-fixes).\n- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).\n- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).\n- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).\n- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).\n- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).\n- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).\n- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).\n- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).\n- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).\n- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).\n- md: add a new helper rdev_has_badblock() (jsc#PED-7542).\n- md: add a new helper reshape_interrupted() (jsc#PED-7542).\n- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).\n- md: check mddev-\u003epers before calling md_set_readonly() (jsc#PED-7542).\n- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).\n- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).\n- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).\n- md: export helper md_is_rdwr() (jsc#PED-7542).\n- md: export helpers to stop sync_thread (jsc#PED-7542).\n- md: factor out a helper to sync mddev (jsc#PED-7542).\n- md: fix kmemleak of rdev-\u003eserial (jsc#PED-7542).\n- md: get rdev-\u003emddev with READ_ONCE() (jsc#PED-7542).\n- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).\n- md: preserve KABI in struct md_personality (jsc#PED-7542).\n- md: remove redundant check of \u0027mddev-\u003esync_thread\u0027 (jsc#PED-7542).\n- md: remove redundant md_wakeup_thread() (jsc#PED-7542).\n- md: return directly before setting did_set_md_closing (jsc#PED-7542).\n- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).\n- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).\n- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).\n- media: cadence: csi2rx: use match fwnode for media link (git-fixes).\n- media: cec: core: remove length check of Timer Status (stable-fixes).\n- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).\n- media: dvb-frontends: tda10048: Fix integer overflow (stable-fixes).\n- media: dvb-frontends: tda18271c2dd: Remove casting during div (stable-fixes).\n- media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control() (git-fixes).\n- media: dvb-usb: dib0700_devices: Add missing release_firmware() (stable-fixes).\n- media: dvb: as102-fe: Fix as10x_register_addr packing (stable-fixes).\n- media: dvbdev: Initialize sbuf (stable-fixes).\n- media: dw2102: Do not translate i2c read into write (stable-fixes).\n- media: dw2102: fix a potential buffer overflow (git-fixes).\n- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).\n- media: i2c: Fix imx412 exposure control (git-fixes).\n- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).\n- media: imon: Fix race getting ictx-\u003elock (git-fixes).\n- media: imx-jpeg: Drop initial source change event if capture has been setup (git-fixes).\n- media: imx-jpeg: Remove some redundant error logs (git-fixes).\n- media: imx-pxp: Fix ERR_PTR dereference in pxp_probe() (git-fixes).\n- media: ipu3-cio2: Request IRQ earlier (git-fixes).\n- media: lgdt3306a: Add a check against null-pointer-def (stable-fixes).\n- media: mc: Fix flags handling when creating pad links (stable-fixes).\n- media: mc: Fix graph walk in media_pipeline_start (git-fixes).\n- media: mc: Rename pad variable to clarify intent (stable-fixes).\n- media: mc: mark the media devnode as registered from the, start (git-fixes).\n- media: mxl5xx: Move xpt structures off stack (stable-fixes).\n- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).\n- media: pci: ivtv: Add check for DMA map result (git-fixes).\n- media: radio-shark2: Avoid led_names truncations (git-fixes).\n- media: rcar-vin: Fix YUYV8_1X16 handling for CSI-2 (git-fixes).\n- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).\n- media: renesas: vsp1: Fix _irqsave and _irq mix (git-fixes).\n- media: renesas: vsp1: Store RPF partition configuration per RPF instance (git-fixes).\n- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).\n- media: s2255: Use refcount_t instead of atomic_t for num_channels (stable-fixes).\n- media: sta2x11: fix irq handler cast (stable-fixes).\n- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).\n- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).\n- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).\n- media: uvcvideo: Fix integer overflow calculating timestamp (git-fixes).\n- media: uvcvideo: Override default flags (git-fixes).\n- media: v4l2-core: hold videodev_lock until dev reg, finishes (stable-fixes).\n- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).\n- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).\n- media: v4l: async: Fix NULL pointer dereference in adding ancillary links (git-fixes).\n- media: v4l: subdev: Fix typo in documentation (git-fixes).\n- media: venus: fix use after free in vdec_close (git-fixes).\n- media: venus: flush all buffers in output plane streamoff (git-fixes).\n- mei: demote client disconnect warning on suspend to debug (stable-fixes).\n- mei: me: add arrow lake point H DID (stable-fixes).\n- mei: me: add arrow lake point S DID (stable-fixes).\n- mei: me: add lunar lake point M DID (stable-fixes).\n- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).\n- mei: me: release irq in mei_me_pci_resume error path (git-fixes).\n- mfd: omap-usb-tll: Use struct_size to allocate tll (git-fixes).\n- mfd: pm8008: Fix regmap irq chip initialisation (git-fixes).\n- misc: fastrpc: Avoid updating PD type for capability request (git-fixes).\n- misc: fastrpc: Copy the complete capability structure to user (git-fixes).\n- misc: fastrpc: Fix DSP capabilities request (git-fixes).\n- misc: fastrpc: Fix memory leak in audio daemon attach operation (git-fixes).\n- misc: fastrpc: Fix ownership reassignment of remote heap (git-fixes).\n- misc: fastrpc: Restrict untrusted app to attach to privileged PD (git-fixes).\n- misc: microchip: pci1xxxx: Fix a memory leak in the error handling of gp_aux_bus_probe() (git-fixes).\n- misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() (git-fixes).\n- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).\n- mlxbf_gige: stop PHY during open() error paths (git-fixes).\n- mlxbf_gige: stop interface during shutdown (git-fixes).\n- mlxsw: Use refcount_t for reference counting (git-fixes).\n- mm,page_owner: Defer enablement of static branch (bsc#1222366).\n- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).\n- mm,page_owner: Fix printing of stack records (bsc#1222366).\n- mm,page_owner: Fix refcount imbalance (bsc#1222366).\n- mm,page_owner: Update metadata for tail pages (bsc#1222366).\n- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).\n- mm,page_owner: drop unnecessary check (bsc#1222366).\n- mm,page_owner: fix recursion (bsc#1222366).\n- mm/slab: make __free(kfree) accept error pointers (git-fixes).\n- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).\n- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).\n- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).\n- mm_init kABI workaround (git-fixes).\n- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).\n- mmc: core: Add mmc_gpiod_set_cd_config() function (stable-fixes).\n- mmc: core: Avoid negative index with array access (git-fixes).\n- mmc: core: Do not force a retune before RPMB switch (stable-fixes).\n- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).\n- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).\n- mmc: omap: fix broken slot switch lookup (git-fixes).\n- mmc: omap: fix deferred probe (git-fixes).\n- mmc: omap: restore original power up/down steps (git-fixes).\n- mmc: sdhci-acpi: Add quirk to enable pull-up on the card-detect GPIO on Asus T100TA (git-fixes).\n- mmc: sdhci-acpi: Disable write protect detection on Toshiba WT10-A (stable-fixes).\n- mmc: sdhci-acpi: Fix Lenovo Yoga Tablet 2 Pro 1380 sdcard slot not working (stable-fixes).\n- mmc: sdhci-acpi: Sort DMI quirks alphabetically (stable-fixes).\n- mmc: sdhci-brcmstb: check R1_STATUS for erase/trim/discard (git-fixes).\n- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).\n- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).\n- mmc: sdhci-pci: Convert PCIBIOS_* return codes to errnos (git-fixes).\n- mmc: sdhci: Add support for \"Tuning Error\" interrupts (stable-fixes).\n- mmc: sdhci: Do not invert write-protect twice (git-fixes).\n- mmc: sdhci: Do not lock spinlock around mmc_gpio_get_ro() (git-fixes).\n- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).\n- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).\n- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).\n- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).\n- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).\n- modpost: Add \u0027.ltext\u0027 and \u0027.ltext.*\u0027 to TEXT_SECTIONS (stable-fixes).\n- module: do not ignore sysfs_create_link() failures (git-fixes).\n- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).\n- mptcp: annotate data-races around msk-\u003ermem_fwd_alloc (git-fixes).\n- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).\n- mptcp: move __mptcp_error_report in protocol.c (git-fixes).\n- mptcp: process pending subflow error on close (git-fixes).\n- mt76: connac: move more mt7921/mt7915 mac shared code in connac lib (bsc#1227149).\n- mt76: mt7996: rely on mt76_sta_stats in mt76_wcid (bsc#1227149).\n- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).\n- mtd: diskonchip: work around ubsan link failure (stable-fixes).\n- mtd: partitions: redboot: Added conversion of operands to a larger type (stable-fixes).\n- mtd: rawnand: Bypass a couple of sanity checks during NAND identification (git-fixes).\n- mtd: rawnand: Ensure ECC configuration is propagated to upper layers (git-fixes).\n- mtd: rawnand: Fix the nand_read_data_op() early check (git-fixes).\n- mtd: rawnand: hynix: fixed typo (git-fixes).\n- mtd: rawnand: rockchip: ensure NVDDR timings are rejected (git-fixes).\n- mtd: spinand: Add support for 5-byte IDs (stable-fixes).\n- net/dcb: check for detached device before executing callbacks (bsc#1215587).\n- net/mlx5: Correctly compare pkt reformat ids (git-fixes).\n- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).\n- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).\n- net/mlx5: Fix MTMP register capability offset in MCAM register (git-fixes).\n- net/mlx5: Fix fw reporter diagnose output (git-fixes).\n- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).\n- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).\n- net/mlx5: Properly link new fs rules into the tree (git-fixes).\n- net/mlx5: Register devlink first under devlink lock (git-fixes).\n- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).\n- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).\n- net/mlx5: offset comp irq index in name by one (git-fixes).\n- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).\n- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).\n- net/mlx5e: Fix MACsec state loss upon state update in offload path (git-fixes).\n- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).\n- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).\n- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).\n- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).\n- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).\n- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).\n- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).\n- net/smc: fix documentation of buffer sizes (git-fixes).\n- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).\n- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).\n- net: NSH: fix kernel-doc notation warning (git-fixes).\n- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).\n- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).\n- net: annotate data-races around sk-\u003esk_bind_phc (git-fixes).\n- net: annotate data-races around sk-\u003esk_forward_alloc (git-fixes).\n- net: annotate data-races around sk-\u003esk_lingertime (git-fixes).\n- net: annotate data-races around sk-\u003esk_tsflags (git-fixes).\n- net: bonding: remove kernel-doc comment marker (git-fixes).\n- net: can: j1939: Initialize unused data in j1939_send_one() (git-fixes).\n- net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new (git-fixes).\n- net: can: j1939: recover socket queue on CAN bus error during BAM transmission (git-fixes).\n- net: cfg802154: fix kernel-doc notation warnings (git-fixes).\n- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).\n- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).\n- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).\n- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).\n- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).\n- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).\n- net: ena: Fix incorrect descriptor free behavior (git-fixes).\n- net: ena: Fix potential sign extension issue (git-fixes).\n- net: ena: Fix redundant device NUMA node override (jsc#PED-8688).\n- net: ena: Move XDP code to its new files (git-fixes).\n- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).\n- net: ena: Remove ena_select_queue (git-fixes).\n- net: ena: Set tx_info-\u003exdpf value to NULL (git-fixes).\n- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).\n- net: ena: Wrong missing IO completions check order (git-fixes).\n- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).\n- net: ethernet: mtk_wed: introduce mtk_wed_buf structure (bsc#1227149).\n- net: ethernet: mtk_wed: rename mtk_rxbm_desc in mtk_wed_bm_desc (bsc#1227149).\n- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).\n- net: fec: Set mac_managed_pm during probe (git-fixes).\n- net: fill in MODULE_DESCRIPTION()s in kuba@\u0027s modules (bsc#1227149).\n- net: hns3: Remove io_stop_wc() calls after __iowrite64_copy() (bsc#1226502)\n- net: hns3: fix index limit to support all queue stats (git-fixes).\n- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).\n- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).\n- net: hns3: fix port duplex configure error in IMP reset (git-fixes).\n- net: hns3: fix wrong judgment condition issue (git-fixes).\n- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).\n- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).\n- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).\n- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).\n- net: ks8851: Inline ks8851_rx_skb() (git-fixes).\n- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).\n- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).\n- net: lan743x: Support WOL at both the PHY and MAC appropriately (git-fixes).\n- net: lan743x: disable WOL upon resume to restore full data path operation (git-fixes).\n- net: libwx: fix memory leak on free page (git-fixes).\n- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).\n- net: llc: fix kernel-doc notation warnings (git-fixes).\n- net: mac802154: Fix racy device stats updates by DEV_STATS_INC() and DEV_STATS_ADD() (stable-fixes).\n- net: mana: Enable MANA driver on ARM64 with 4K page size (jsc#PED-8491).\n- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).\n- net: mana: Fix possible double free in error handling path (git-fixes).\n- net: mana: Fix the extra HZ in mana_hwc_send_request (git-fixes).\n- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).\n- net: nfc: remove inappropriate attrs check (stable-fixes).\n- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).\n- net: phy: Micrel KSZ8061: fix errata solution not taking effect problem (git-fixes).\n- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).\n- net: phy: micrel: Fix potential null pointer dereference (git-fixes).\n- net: phy: micrel: add Microchip KSZ 9477 to the device table (git-fixes).\n- net: phy: micrel: fix KSZ9477 PHY issues after suspend/resume (git-fixes).\n- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).\n- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).\n- net: phy: microchip: lan87xx: reinit PHY after cable test (git-fixes).\n- net: phy: mxl-gpy: Remove interrupt mask clearing from config_init (git-fixes).\n- net: phy: phy_device: Fix PHY LED blinking code comment (git-fixes).\n- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).\n- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).\n- net: ravb: Always process TX descriptor ring (git-fixes).\n- net: ravb: Always update error counters (git-fixes).\n- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).\n- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).\n- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).\n- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).\n- net: sparx5: flower: fix fragment flags handling (git-fixes).\n- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).\n- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).\n- net: stmmac: fix rx queue priority assignment (git-fixes).\n- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).\n- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).\n- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).\n- net: tls: fix returned read length with async decrypt (bsc#1221858).\n- net: tls: fix use-after-free with partial reads and async (bsc#1221858).\n- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).\n- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).\n- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).\n- net: usb: ax88179_178a: improve link status logs (git-fixes).\n- net: usb: ax88179_178a: improve reset check (git-fixes).\n- net: usb: ax88179_178a: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: qmi_wwan: add Telit FN912 compositions (stable-fixes).\n- net: usb: qmi_wwan: add Telit FN920C04 compositions (git-fixes).\n- net: usb: rtl8150 fix unintiatilzed variables in rtl8150_get_link_ksettings (git-fixes).\n- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).\n- net: usb: smsc95xx: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: sr9700: stop lying about skb-\u003etruesize (git-fixes).\n- net: veth: do not manipulate GRO when using XDP (git-fixes).\n- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).\n- net:usb:qmi_wwan: support Rolling modules (stable-fixes).\n- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).\n- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).\n- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).\n- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).\n- nf_conntrack: fix -Wunused-const-variable= (git-fixes).\n- nfc/nci: Add the inconsistency check between the input data length and count (stable-fixes).\n- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).\n- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).\n- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).\n- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).\n- nfp: flower: handle acti_netdevs allocation failure (git-fixes).\n- nfs: Avoid flushing many pages with NFS_FILE_SYNC (bsc#1218442).\n- nfs: Block on write congestion (bsc#1218442).\n- nfs: Bump default write congestion size (bsc#1218442).\n- nfs: Drop pointless check from nfs_commit_release_pages() (bsc#1218442).\n- nfs: Fix up kabi after adding write_congestion_wait (bsc#1218442).\n- nfs: Handle error of rpc_proc_register() in nfs_net_init() (git-fixes).\n- nfs: Properly initialize server-\u003ewriteback (bsc#1218442).\n- nfs: drop the incorrect assertion in nfs_swap_rw() (git-fixes).\n- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).\n- nfs: fix undefined behavior in nfs_block_bits() (git-fixes).\n- nfs: keep server info for remounts (git-fixes).\n- nfsd: Fix a regression in nfsd_setattr() (git-fixes).\n- nfsd: do not call locks_release_private() twice concurrently (git-fixes).\n- nfsd: hold a lighter-weight client reference over CB_RECALL_ANY (git-fixes).\n- nfsd: optimise recalculate_deny_mode() for a common case (bsc#1217912).\n- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).\n- nilfs2: add missing check for inode numbers on directory entries (stable-fixes).\n- nilfs2: avoid undefined behavior in nilfs_cnt32_ge macro (git-fixes).\n- nilfs2: convert persistent object allocator to use kmap_local (git-fixes).\n- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).\n- nilfs2: fix incorrect inode allocation from reserved inodes (git-fixes).\n- nilfs2: fix inode number range checks (stable-fixes).\n- nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors (git-fixes).\n- nilfs2: fix out-of-range warning (git-fixes).\n- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).\n- nilfs2: fix potential hang in nilfs_detach_log_writer() (git-fixes).\n- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).\n- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).\n- nilfs2: make superblock data array index computation sparse friendly (git-fixes).\n- nilfs2: return the mapped address from nilfs_get_page() (stable-fixes).\n- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).\n- nouveau/gsp: do not check devinit disable on GSP (git-fixes).\n- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).\n- nouveau: add an ioctl to report vram usage (stable-fixes).\n- nouveau: add an ioctl to return vram bar size (stable-fixes).\n- nouveau: fix devinit paths to only handle display on GSP (git-fixes).\n- nouveau: fix function cast warning (git-fixes).\n- nouveau: fix instmem race condition around ptr stores (git-fixes).\n- nouveau: lock the client object tree (stable-fixes).\n- nouveau: report byte usage in VRAM usage (git-fixes).\n- nouveau: reset the bo resource bus info after an eviction (git-fixes).\n- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).\n- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).\n- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).\n- nvme-fabrics: short-circuit reconnect retries (bsc#1186716).\n- nvme-fc: do not wait in vain when unloading module (git-fixes).\n- nvme-multipath: fix io accounting on failover (git-fixes).\n- nvme-pci: Add quirk for broken MSIs (git-fixes).\n- nvme-tcp: Export the nvme_tcp_wq to sysfs (bsc#1224049).\n- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).\n- nvme/tcp: Add wq_unbound modparam for nvme_tcp_wq (bsc#1224049).\n- nvme: cancel pending I/O if nvme controller is in terminal state (bsc#1226503).\n- nvme: do not retry authentication failures (bsc#1186716).\n- nvme: find numa distance only if controller has valid numa id (git-fixes).\n- nvme: fix multipath batched completion accounting (git-fixes).\n- nvme: fix nvme_pr_* status code parsing (git-fixes).\n- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).\n- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).\n- nvme: return kernel error codes for admin queue connect (bsc#1186716).\n- nvmet-auth: replace pr_debug() with pr_err() to report an error (git-fixes).\n- nvmet-auth: return the error code to the nvmet_auth_host_hash() callers (git-fixes).\n- nvmet-fc: abort command when there is no binding (git-fixes).\n- nvmet-fc: avoid deadlock on delete association path (git-fixes).\n- nvmet-fc: defer cleanup using RCU properly (git-fixes).\n- nvmet-fc: hold reference on hostport match (git-fixes).\n- nvmet-fc: release reference on target port (git-fixes).\n- nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).\n- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).\n- nvmet-passthru: propagate status from id override functions (git-fixes).\n- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).\n- nvmet-tcp: fix possible memory leak when tearing down a controller (git-fixes).\n- nvmet: fix ns enable/disable possible hang (git-fixes).\n- nvmet: fix nvme status code when namespace is disabled (git-fixes).\n- nvmet: lock config semaphore when accessing DH-HMAC-CHAP key (bsc#1186716).\n- nvmet: prevent sprintf() overflow in nvmet_subsys_nsid_exists() (git-fixes).\n- nvmet: return DHCHAP status codes from nvmet_setup_auth() (bsc#1186716).\n- ocfs2: adjust enabling place for la window (bsc#1219224).\n- ocfs2: fix DIO failure due to insufficient transaction credits (git-fixes).\n- ocfs2: fix races between hole punching and AIO+DIO (git-fixes).\n- ocfs2: fix sparse warnings (bsc#1219224).\n- ocfs2: improve write IO performance when fragmentation is high (bsc#1219224).\n- ocfs2: speed up chain-list searching (bsc#1219224).\n- ocfs2: use coarse time for new created files (git-fixes).\n- octeontx2-af: Add array index check (git-fixes).\n- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).\n- octeontx2-af: Fix devlink params (git-fixes).\n- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).\n- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).\n- octeontx2-af: Use separate handlers for interrupts (git-fixes).\n- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).\n- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).\n- octeontx2-pf: Use default max_active works instead of one (git-fixes).\n- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).\n- octeontx2-pf: check negative error code in otx2_open() (git-fixes).\n- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).\n- octeontx2: Detect the mbox up or down message via register (git-fixes).\n- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).\n- of: module: add buffer overflow check in of_modalias() (git-fixes).\n- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).\n- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).\n- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).\n- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).\n- of: property: fix typo in io-channels (git-fixes).\n- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).\n- of: unittest: Fix compile in the non-dynamic case (git-fixes).\n- orangefs: fix out-of-bounds fsid access (git-fixes).\n- overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).\n- pNFS/filelayout: fixup pNfs allocation modes (git-fixes).\n- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).\n- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).\n- perf annotate: Get rid of duplicate --group option item (git-fixes).\n- perf auxtrace: Fix multiple use of --itrace option (git-fixes).\n- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).\n- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).\n- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).\n- perf daemon: Fix file leak in daemon_session__control (git-fixes).\n- perf docs: Document bpf event modifier (git-fixes).\n- perf evsel: Fix duplicate initialization of data-\u003eid in evsel__parse_sample() (git-fixes).\n- perf expr: Fix \"has_event\" function for metric style events (git-fixes).\n- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).\n- perf jevents: Drop or simplify small integer values (git-fixes).\n- perf list: fix short description for some cache events (git-fixes).\n- perf lock contention: Add a missing NULL check (git-fixes).\n- perf metric: Do not remove scale from counts (git-fixes).\n- perf pmu: Count sys and cpuid JSON events separately (git fixes).\n- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).\n- perf pmu: Treat the msr pmu as software (git-fixes).\n- perf print-events: make is_event_supported() more robust (git-fixes).\n- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).\n- perf record: Check conflict between \u0027--timestamp-filename\u0027 option and pipe mode before recording (git-fixes).\n- perf record: Delete session after stopping sideband thread (git-fixes).\n- perf record: Fix debug message placement for test consumption (git-fixes).\n- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).\n- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).\n- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).\n- perf script: Show also errors for --insn-trace option (git-fixes).\n- perf srcline: Add missed addr2line closes (git-fixes).\n- perf stat: Avoid metric-only segv (git-fixes).\n- perf stat: Do not display metric header for non-leader uncore events (git-fixes).\n- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).\n- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).\n- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).\n- perf tests: Apply attributes to all events in object code reading test (git-fixes).\n- perf tests: Make \"test data symbol\" more robust on Neoverse N1 (git-fixes).\n- perf tests: Make data symbol test wait for perf to start (bsc#1220045).\n- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).\n- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).\n- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).\n- perf top: Uniform the event name for the hybrid machine (git-fixes).\n- perf top: Use evsel\u0027s cpus to replace user_requested_cpus (git-fixes).\n- perf ui browser: Avoid SEGV on title (git fixes).\n- perf ui browser: Do not save pointer to stack memory (git-fixes).\n- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).\n- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).\n- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).\n- perf/x86/amd/core: Update and fix stalled-cycles-* events for Zen 2 and later (git-fixes).\n- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).\n- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).\n- perf/x86/intel/ds: Do not clear -\u003epebs_data_cfg for the last PEBS event (git-fixes).\n- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).\n- perf/x86: Fix out of range data (git-fixes).\n- phy: cadence-torrent: Check return value on register read (git-fixes).\n- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).\n- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).\n- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).\n- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).\n- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).\n- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).\n- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).\n- pinctrl/meson: fix typo in PDM\u0027s pin name (git-fixes).\n- pinctrl: armada-37xx: remove an unused variable (git-fixes).\n- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).\n- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).\n- pinctrl: core: fix possible memory leak when pinctrl_enable() fails (git-fixes).\n- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).\n- pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (git-fixes).\n- pinctrl: freescale: mxs: Fix refcount of child (git-fixes).\n- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).\n- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).\n- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).\n- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).\n- pinctrl: qcom: spmi-gpio: drop broken pm8008 support (git-fixes).\n- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).\n- pinctrl: renesas: r8a779g0: FIX PWM suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix (H)SCIF1 suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix (H)SCIF3 suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix CANFD5 suffix (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix FXR_TXEN[AB] suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix IRQ suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix TCLK suffixes (git-fixes).\n- pinctrl: renesas: r8a779g0: Fix TPU suffixes (git-fixes).\n- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO2-B pins (git-fixes).\n- pinctrl: rockchip: fix pinmux bits for RK3328 GPIO3-B pins (git-fixes).\n- pinctrl: rockchip: fix pinmux reset in rockchip_pmx_set (git-fixes).\n- pinctrl: rockchip: update rk3308 iomux routes (git-fixes).\n- pinctrl: rockchip: use dedicated pinctrl type for RK3328 (git-fixes).\n- pinctrl: single: fix possible memory leak when pinctrl_enable() fails (git-fixes).\n- pinctrl: ti: ti-iodelay: fix possible memory leak when pinctrl_enable() fails (git-fixes).\n- platform/chrome: cros_ec_debugfs: fix wrong EC message version (git-fixes).\n- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).\n- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).\n- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).\n- platform/x86/intel/tpmi: Handle error from tpmi_process_info() (stable-fixes).\n- platform/x86: ISST: Add Grand Ridge to HPM CPU list (stable-fixes).\n- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).\n- platform/x86: dell-smbios: Fix wrong token data in sysfs (git-fixes).\n- platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).\n- platform/x86: lg-laptop: Change ACPI device id (stable-fixes).\n- platform/x86: lg-laptop: Remove LGEX0815 hotkey handling (stable-fixes).\n- platform/x86: lg-laptop: Use ACPI device handle when evaluating WMAB/WMBB (stable-fixes).\n- platform/x86: thinkpad_acpi: Take hotkey_mutex during hotkey_exit() (git-fixes).\n- platform/x86: toshiba_acpi: Add quirk for buttons on Z830 (stable-fixes).\n- platform/x86: toshiba_acpi: Fix array out-of-bounds access (git-fixes).\n- platform/x86: toshiba_acpi: Fix quickstart quirk handling (git-fixes).\n- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).\n- platform/x86: touchscreen_dmi: Add info for GlobalSpace SolT IVW 11.6\" tablet (stable-fixes).\n- platform/x86: touchscreen_dmi: Add info for the EZpad 6s Pro (stable-fixes).\n- platform/x86: wireless-hotkey: Add support for LG Airplane Button (stable-fixes).\n- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).\n- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).\n- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).\n- power: supply: ab8500: Fix error handling when calling iio_read_channel_processed() (git-fixes).\n- power: supply: cros_usbpd: provide ID table for avoiding fallback match (stable-fixes).\n- power: supply: ingenic: Fix some error handling paths in ingenic_battery_get_property() (git-fixes).\n- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).\n- powerpc/64s/radix/kfence: map __kfence_pool at page granularity (bsc#1223570 ltc#205770).\n- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).\n- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).\n- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).\n- powerpc/prom: Add CPU info to hardware description string later (bsc#1215199).\n- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).\n- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).\n- powerpc/pseries: Fix scv instruction crash with kexec (bsc#1194869).\n- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).\n- powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() (bsc#1227487).\n- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).\n- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).\n- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).\n- ppdev: Add an error check in register_device (git-fixes).\n- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).\n- printk: Add this_cpu_in_panic() (bsc#1225607).\n- printk: Adjust mapping for 32bit seq macros (bsc#1225607).\n- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).\n- printk: Consolidate console deferred printing (bsc#1225607).\n- printk: Disable passing console lock owner completely during panic() (bsc#1225607).\n- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).\n- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).\n- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).\n- printk: Let no_printk() use _printk() (bsc#1225618).\n- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).\n- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).\n- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).\n- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).\n- printk: Wait for all reserved records with pr_flush() (bsc#1225607).\n- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).\n- printk: ringbuffer: Clarify special lpos values (bsc#1225607).\n- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).\n- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).\n- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).\n- proc/kcore: do not try to access unaccepted memory (git-fixes).\n- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).\n- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).\n- pstore: inode: Only d_invalidate() is needed (git-fixes).\n- pwm: img: fix pwm clock lookup (git-fixes).\n- pwm: sti: Prepare removing pwm_chip from driver data (stable-fixes).\n- pwm: sti: Simplify probe function using devm functions (git-fixes).\n- pwm: stm32: Always do lazy disabling (git-fixes).\n- qibfs: fix dentry leak (git-fixes)\n- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).\n- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).\n- random: handle creditable entropy from atomic process context (git-fixes).\n- regmap-i2c: Subtract reg size from max_write (stable-fixes).\n- regmap: Add regmap_read_bypassed() (git-fixes).\n- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).\n- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).\n- regmap: maple: Fix uninitialized symbol \u0027ret\u0027 warnings (git-fixes).\n- regulator: bd71815: fix ramp values (git-fixes).\n- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).\n- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).\n- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).\n- regulator: core: Fix modpost error \"regulator_get_regmap\" undefined (git-fixes).\n- regulator: core: fix debugfs creation regression (git-fixes).\n- regulator: irq_helpers: duplicate IRQ name (stable-fixes).\n- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).\n- regulator: tps65132: Add of_match table (stable-fixes).\n- regulator: vqmmc-ipq4019: fix module autoloading (stable-fixes).\n- remoteproc: imx_rproc: Fix refcount mistake in imx_rproc_addr_init (git-fixes).\n- remoteproc: imx_rproc: Skip over memory region when node value is NULL (git-fixes).\n- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).\n- remoteproc: k3-r5: Fix IPC-only mode detection (git-fixes).\n- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).\n- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).\n- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).\n- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).\n- remoteproc: stm32_rproc: Fix mailbox interrupts queuing (git-fixes).\n- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).\n- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).\n- ring-buffer: Fix a race between readers and resize checks (git-fixes).\n- ring-buffer: Fix full_waiters_pending in poll (git-fixes).\n- ring-buffer: Fix resetting of shortest_full (git-fixes).\n- ring-buffer: Fix waking up ring buffer readers (git-fixes).\n- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).\n- ring-buffer: Only update pages_touched when a new page is touched (git-fixes).\n- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).\n- ring-buffer: use READ_ONCE() to read cpu_buffer-\u003ecommit_page in concurrent environment (git-fixes).\n- rpcrdma: fix handling for RDMA_CM_EVENT_DEVICE_REMOVAL (git-fixes).\n- rpm/kernel-obs-build.spec.in: Add iso9660 (bsc#1226212) Some builds do not just create an iso9660 image, but also mount it during build.\n- rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211) docker needs more networking modules, even legacy iptable_nat and _filter.\n- rpm/kernel-obs-build.spec.in: Include algif_hash, aegis128 and xts modules afgif_hash is needed by some packages (e.g. iwd) for tests, xts is used for LUKS2 volumes by default and aegis128 is useful as AEAD cipher for LUKS2. Wrap the long line to make it readable.\n- rtc: abx80x: Fix return value of nvmem callback on read (git-fixes).\n- rtc: cmos: Fix return value of nvmem callbacks (git-fixes).\n- rtc: interface: Add RTC offset to alarm after fix-up (git-fixes).\n- rtc: isl1208: Fix return value of nvmem callbacks (git-fixes).\n- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).\n- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).\n- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).\n- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).\n- s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227072).\n- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).\n- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348).\n- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).\n- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).\n- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).\n- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).\n- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).\n- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).\n- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).\n- s390/vdso: drop \u0027-fPIC\u0027 from LDFLAGS (git-fixes bsc#1223593).\n- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).\n- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).\n- s390: Implement __iowrite32_copy() (bsc#1226502)\n- s390: Stop using weak symbols for __iowrite64_copy() (bsc#1226502)\n- saa7134: Unchecked i2c_transfer function result fixed (git-fixes).\n- sched/balancing: Rename newidle_balance() =\u003e sched_balance_newidle() (bsc#1222173).\n- sched/core: Fix incorrect initialization of the \u0027burst\u0027 parameter in cpu_max_write() (bsc#1226791).\n- sched/fair: Check root_domain::overload value before update (bsc#1222173).\n- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).\n- sched/psi: Select KERNFS as needed (git-fixes).\n- sched/topology: Optimize topology_span_sane() (bsc#1225053).\n- scsi: bfa: Fix function pointer type mismatch for hcb_qe-\u003ecbfn (git-fixes).\n- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).\n- scsi: core: Fix unremoved procfs host directory regression (git-fixes).\n- scsi: csiostor: Avoid function pointer casts (git-fixes).\n- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).\n- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).\n- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).\n- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).\n- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).\n- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842).\n- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).\n- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).\n- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).\n- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).\n- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).\n- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).\n- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).\n- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).\n- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).\n- scsi: lpfc: Move NPIV\u0027s transport unregistration to after resource clean up (bsc#1221777).\n- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).\n- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).\n- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).\n- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).\n- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).\n- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).\n- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).\n- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).\n- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).\n- scsi: mpi3mr: Reduce stack usage in mpi3mr_refresh_sas_ports() (git-fixes).\n- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).\n- scsi: mylex: Fix sysfs buffer lengths (git-fixes).\n- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).\n- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).\n- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).\n- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).\n- scsi: qla2xxx: Fix double free of fcport (bsc1221816).\n- scsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer (bsc1221816).\n- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).\n- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).\n- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).\n- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).\n- scsi: qla2xxx: Update manufacturer detail (bsc1221816).\n- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).\n- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).\n- scsi: sg: Avoid race in error handling \u0026 drop bogus warn (git-fixes).\n- scsi: sg: Avoid sg device teardown race (git-fixes).\n- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).\n- sctp: annotate data-races around sk-\u003esk_wmem_queued (git-fixes).\n- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).\n- selftests/binderfs: use the Makefile\u0027s rules, not Make\u0027s implicit rules (git-fixes).\n- selftests/bpf: add edge case backtracking logic test (bsc#1225756).\n- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).\n- selftests/bpf: test case for callback_depth states pruning logic (bsc#1225903).\n- selftests/bpf: test if state loops are detected in a tricky case (bsc#1225903).\n- selftests/bpf: test widening for iterating callbacks (bsc#1225903).\n- selftests/bpf: tests for iterating callbacks (bsc#1225903).\n- selftests/bpf: tests with delayed read/precision makrs in loop body (bsc#1225903).\n- selftests/bpf: track string payload offset as scalar in strobemeta (bsc#1225903).\n- selftests/bpf: track tcp payload offset as scalar in xdp_synproxy (bsc#1225903).\n- selftests/ftrace: Fix event filter target_func selection (stable-fixes).\n- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).\n- selftests/kcmp: remove unused open mode (git-fixes).\n- selftests/mm: compaction_test: fix incorrect write of zero to nr_hugepages (git-fixes).\n- selftests/mm: fix build warnings on ppc64 (stable-fixes).\n- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).\n- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).\n- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).\n- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).\n- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).\n- selftests/sigaltstack: Fix ppc64 GCC build (git-fixes).\n- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).\n- selftests: default to host arch for LLVM builds (git-fixes).\n- selftests: fix OOM in msg_zerocopy selftest (git-fixes).\n- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).\n- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).\n- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).\n- selftests: make order checking verbose in msg_zerocopy selftest (git-fixes).\n- selftests: mptcp: add ms units for tc-netem delay (stable-fixes).\n- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).\n- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).\n- selftests: net: move amt to socat for better compatibility (git-fixes).\n- selftests: sud_test: return correct emulated syscall value on RISC-V (stable-fixes).\n- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).\n- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).\n- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).\n- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).\n- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).\n- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).\n- selinux: avoid dereference of garbage after mount failure (git-fixes).\n- selinux: introduce an initial SID for early boot processes (bsc#1208593).\n- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).\n- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).\n- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).\n- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).\n- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).\n- serial: Lock console when calling into driver before registration (git-fixes).\n- serial: bcm63xx-uart: fix tx after conversion to uart_port_tx_limited() (git-fixes).\n- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).\n- serial: core: introduce uart_port_tx_limited_flags() (git-fixes).\n- serial: core: only stop transmit when HW fifo is empty (git-fixes).\n- serial: exar: adding missing CTI and Exar PCI ids (stable-fixes).\n- serial: imx: Introduce timeout when waiting on transmitter empty (stable-fixes).\n- serial: imx: Raise TX trigger level to 8 (stable-fixes).\n- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).\n- serial: max3100: Fix bitwise types (git-fixes).\n- serial: max3100: Lock port-\u003elock when calling uart_handle_cts_change() (git-fixes).\n- serial: max3100: Update uart_driver_registered on driver removal (git-fixes).\n- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).\n- serial: max310x: fix syntax error in IRQ error message (git-fixes).\n- serial: mxs-auart: add spinlock around changing cts state (git-fixes).\n- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).\n- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).\n- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).\n- serial: stm32: Reset .throttled state in .startup() (git-fixes).\n- series.conf: cleanup Fix subsection header to silence series_insert error.\n- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).\n- smb3: allow controlling length of time directory entries are cached with dir leases (git-fixes, bsc#1225172).\n- smb3: allow controlling maximum number of cached directories (git-fixes, bsc#1225172).\n- smb3: do not start laundromat thread when dir leases disabled (git-fixes, bsc#1225172).\n- smb3: show beginning time for per share stats (bsc#1225172).\n- smb: client: do not start laundromat thread on nohandlecache (git-fixes, bsc#1225172).\n- smb: client: ensure to try all targets when finding nested links (bsc#1225172).\n- smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1225172).\n- smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes, bsc#1225172).\n- smb: client: get rid of dfs code dep in namespace.c (bsc#1225172).\n- smb: client: get rid of dfs naming in automount code (bsc#1225172).\n- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1225172).\n- smb: client: make laundromat a delayed worker (git-fixes, bsc#1225172).\n- smb: client: prevent new fids from being removed by laundromat (git-fixes, bsc#1225172).\n- smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1225172).\n- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1225172).\n- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1225172).\n- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).\n- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).\n- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).\n- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).\n- soc: qcom: pdr: fix parsing of domains lists (git-fixes).\n- soc: qcom: pdr: protect locator_addr with the main mutex (git-fixes).\n- soc: qcom: pmic_glink: Handle the return value of pmic_glink_init (git-fixes).\n- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).\n- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).\n- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).\n- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).\n- soc: qcom: rpmh-rsc: Ensure irqs are not disabled by rpmh_rsc_send_data() callers (git-fixes).\n- soc: ti: wkup_m3_ipc: Send NULL dummy message instead of pointer message (stable-fixes).\n- soc: xilinx: rename cpu_number1 to dummy_cpu_number (git-fixes).\n- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).\n- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).\n- soundwire: cadence: fix invalid PDI offset (stable-fixes).\n- speakup: Avoid crash on very long word (git-fixes).\n- speakup: Fix 8bit characters from direct synth (git-fixes).\n- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).\n- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).\n- spi: atmel-quadspi: Add missing check for clk_prepare (git-fixes).\n- spi: cadence: Ensure data lines set to low during dummy-cycle period (stable-fixes).\n- spi: fix null pointer dereference within spi_sync (git-fixes).\n- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).\n- spi: imx: Do not expect DMA for i.MX{25,35,50,51,53} cspi devices (stable-fixes).\n- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).\n- spi: lm70llp: fix links in doc and comments (git-fixes).\n- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).\n- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).\n- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).\n- spi: microchip-core: defer asserting chip select until just before write to TX FIFO (git-fixes).\n- spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer (git-fixes).\n- spi: microchip-core: fix the issues in the isr (git-fixes).\n- spi: microchip-core: only disable SPI controller when register value change requires it (git-fixes).\n- spi: mux: set ctlr-\u003ebits_per_word_mask (stable-fixes).\n- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).\n- spi: spi-microchip-core: Fix the number of chip selects supported (git-fixes).\n- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).\n- spi: spidev: add correct compatible for Rohm BH2228FV (git-fixes).\n- spi: stm32: Do not warn about spurious interrupts (git-fixes).\n- spi: stm32: qspi: Clamp stm32_qspi_get_mode() output to CCR_BUSWIDTH_4 (git-fixes).\n- spi: stm32: qspi: Fix dual flash mode sanity test in stm32_qspi_setup() (git-fixes).\n- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).\n- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).\n- ssb: Fix potential NULL pointer dereference in ssb_device_uevent() (stable-fixes).\n- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).\n- staging: vc04_services: fix information leak in create_component() (git-fixes).\n- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).\n- stmmac: Clear variable when destroying workqueue (git-fixes).\n- struct acpi_ec kABI workaround (git-fixes).\n- sunrpc: fix NFSACL RPC retry on soft mount (git-fixes).\n- supported.conf: Add APM X-Gene SoC hardware monitoring driver (bsc#1223265 jsc#PED-8570)\n- supported.conf: Add APM X-Gene SoC hardware monitoring driver (jsc#PED-8649) Module is marked supported because of merge from SP6, but lets add reference to SLM6.0 maintenance task.\n- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8644)\n- supported.conf: Add support for v4l2-dv-timings (jsc#PED-8645)\n- supported.conf: mark orangefs as optional We do not support orangefs at all (and it is already marked as such), but since there are no SLE consumers of it, mark it as optional.\n- supported.conf: mark ufs as unsupported UFS is an unsupported filesystem, mark it as such. We still keep it around (not marking as optional), to accommodate any potential migrations from BSD systems.\n- supported.conf: mark vdpa modules supported (jsc#PED-8954)\n- supported.conf: support tcp_dctcp module (jsc#PED-8111)\n- supported.conf: update for mt76 stuff (bsc#1227149)\n- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)\n- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)\n- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)\n- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)\n- swiotlb: use the calculated number of areas (git-fixes).\n- tcp: Dump bound-only sockets in inet_diag (bsc#1204562).\n- thermal/drivers/mediatek/lvts_thermal: Check NULL ptr on lvts_data (stable-fixes).\n- thermal/drivers/mediatek/lvts_thermal: Return error in case of invalid efuse data (git-fixes).\n- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).\n- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).\n- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).\n- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).\n- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).\n- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).\n- thunderbolt: Fix wake configurations after device unplug (stable-fixes).\n- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).\n- thunderbolt: Introduce tb_port_reset() (stable-fixes).\n- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).\n- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).\n- thunderbolt: debugfs: Fix margin debugfs node creation condition (git-fixes).\n- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).\n- tls: do not skip over different type records from the rx_list (bsc#1221858).\n- tls: fix peeking with sync+async decryption (bsc#1221858).\n- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).\n- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).\n- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).\n- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).\n- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).\n- tools/memory-model: Fix bug in lock.cat (git-fixes).\n- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).\n- tools/power turbostat: Remember global max_die_id (stable-fixes).\n- tools/power/cpupower: Fix Pstate frequency reporting on AMD Family 1Ah CPUs (stable-fixes).\n- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).\n- tools: ynl: do not leak mcast_groups on init error (git-fixes).\n- tools: ynl: fix handling of multiple mcast groups (git-fixes).\n- tools: ynl: make sure we always pass yarg to mnl_cb_run (git-fixes).\n- tpm_tis: Do *not* flush uninitialized work (git-fixes).\n- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).\n- tracefs: Add missing lockdown check to tracefs_create_dir() (git-fixes).\n- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).\n- tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() (git-fixes).\n- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).\n- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).\n- tracing: Build event generation tests only as modules (git-fixes).\n- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).\n- tracing: Remove precision vsnprintf() check from print event (git-fixes).\n- tracing: Use .flush() call to wake up readers (git-fixes).\n- tracing: hide unused ftrace_event_id_fops (git-fixes).\n- tty: mcf: MCF54418 has 10 UARTS (git-fixes).\n- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).\n- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).\n- tty: n_tty: Fix buffer offsets when lookahead is used (git-fixes).\n- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).\n- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).\n- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).\n- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).\n- ubifs: Set page uptodate in the correct place (git-fixes).\n- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).\n- ubifs: fix sort function prototype (git-fixes).\n- usb-storage: alauda: Check whether the media is initialized (git-fixes).\n- usb: Disable USB3 LPM at shutdown (stable-fixes).\n- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).\n- usb: aqc111: stop lying about skb-\u003etruesize (git-fixes).\n- usb: atm: cxacru: fix endpoint checking in cxacru_bind() (git-fixes).\n- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).\n- usb: cdc-wdm: close race between read and workqueue (git-fixes).\n- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).\n- usb: dwc2: gadget: LPM flow fix (git-fixes).\n- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).\n- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).\n- usb: dwc2: host: Fix hibernation flow (git-fixes).\n- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).\n- usb: dwc3-am62: Disable wakeup at remove (git-fixes).\n- usb: dwc3-am62: Rename private data (git-fixes).\n- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).\n- usb: dwc3: Properly set system wakeup (git-fixes).\n- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).\n- usb: dwc3: core: Add DWC31 version 2.00a controller (stable-fixes).\n- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).\n- usb: dwc3: core: Workaround for CSR read timeout (stable-fixes).\n- usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock (git-fixes).\n- usb: dwc3: pci: Do not set \"linux,phy_charger_detect\" property on Lenovo Yoga Tab2 1380 (stable-fixes).\n- usb: dwc3: pci: Drop duplicate ID (git-fixes).\n- usb: dwc3: pci: add support for the Intel Panther Lake (stable-fixes).\n- usb: fotg210: Add missing kernel doc description (git-fixes).\n- usb: gadget: aspeed_udc: fix device address configuration (git-fixes).\n- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).\n- usb: gadget: configfs: Prevent OOB read/write in usb_string_copy() (stable-fixes).\n- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).\n- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).\n- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).\n- usb: gadget: function: Remove usage of the deprecated ida_simple_xx() API (stable-fixes).\n- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).\n- usb: gadget: printer: SS+ support (stable-fixes).\n- usb: gadget: printer: fix races against disable (git-fixes).\n- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).\n- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).\n- usb: gadget: uvc: configfs: ensure guid to be valid before set (stable-fixes).\n- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).\n- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).\n- usb: misc: uss720: check for incompatible versions of the Belkin F5U002 (stable-fixes).\n- usb: musb: da8xx: fix a resource leak in probe() (git-fixes).\n- usb: ohci: Prevent missed ohci interrupts (git-fixes).\n- usb: phy: generic: Get the vbus supply (git-fixes).\n- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).\n- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).\n- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).\n- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).\n- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).\n- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).\n- usb: typec: tcpm: Ignore received Hard Reset in TOGGLING state (git-fixes).\n- usb: typec: tcpm: Update PD of Type-C port upon pd_set (git-fixes).\n- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).\n- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).\n- usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps (git-fixes).\n- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).\n- usb: typec: tipd: fix event checking for tps6598x (git-fixes).\n- usb: typec: ucsi: Ack also failed Get Error commands (git-fixes).\n- usb: typec: ucsi: Ack unsupported commands (stable-fixes).\n- usb: typec: ucsi: Check for notifications after init (git-fixes).\n- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).\n- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).\n- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).\n- usb: typec: ucsi: Fix connector check on init (git-fixes).\n- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).\n- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).\n- usb: typec: ucsi: Never send a lone connector change ack (stable-fixes).\n- usb: typec: ucsi: always register a link to USB PD device (git-fixes).\n- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).\n- usb: typec: ucsi: glink: fix child node release in probe function (git-fixes).\n- usb: typec: ucsi: simplify partner\u0027s PD caps registration (git-fixes).\n- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).\n- usb: typec: ucsi_glink: drop special handling for CCI_BUSY (stable-fixes).\n- usb: ucsi: stm32: fix command completion handling (git-fixes).\n- usb: udc: remove warning when queue disabled ep (stable-fixes).\n- usb: xhci-plat: Do not include xhci.h (stable-fixes).\n- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).\n- usb: xhci: Implement xhci_handshake_check_state() helper.\n- usb: xhci: correct return value in case of STS_HCE (git-fixes).\n- usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (stable-fixes).\n- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).\n- vboxsf: explicitly deny setlease attempts (stable-fixes).\n- vdpa/mlx5: Allow CVQ size changes (git-fixes).\n- vdpa_sim: reset must not run (git-fixes).\n- veth: try harder when allocating queue memory (git-fixes).\n- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).\n- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).\n- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).\n- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).\n- virtio_net: Do not send RSS key if it is not supported (git-fixes).\n- virtio_net: avoid data-races on dev-\u003estats fields (git-fixes).\n- virtio_net: checksum offloading handling fix (git-fixes).\n- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).\n- vmlinux.lds.h: catch .bss..L* sections into BSS\") (git-fixes).\n- vsock/virtio: fix packet delivery to tap device (git-fixes).\n- watchdog: bd9576: Drop \"always-running\" property (git-fixes).\n- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).\n- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).\n- watchdog: rzg2l_wdt: Check return status of pm_runtime_put() (git-fixes).\n- watchdog: rzg2l_wdt: Use pm_runtime_resume_and_get() (git-fixes).\n- watchdog: rzn1: Convert comma to semicolon (git-fixes).\n- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).\n- wifi: add HAS_IOPORT dependencies (bsc#1227149).\n- wifi: ar5523: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ar5523: enable proper endpoint verification (git-fixes).\n- wifi: ath10/11/12k: Use alloc_ordered_workqueue() to create ordered workqueues (bsc#1227149).\n- wifi: ath10k: Annotate struct ath10k_ce_ring with __counted_by (bsc#1227149).\n- wifi: ath10k: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: ath10k: Drop checks that are always false (bsc#1227149).\n- wifi: ath10k: Drop cleaning of driver data from probe error path and remove (bsc#1227149).\n- wifi: ath10k: Fix a few spelling errors (bsc#1227149).\n- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).\n- wifi: ath10k: Fix enum ath10k_fw_crash_dump_type kernel-doc (bsc#1227149).\n- wifi: ath10k: Fix htt_data_tx_completion kernel-doc warning (bsc#1227149).\n- wifi: ath10k: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath10k: Remove unused struct ath10k_htc_frame (bsc#1227149).\n- wifi: ath10k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).\n- wifi: ath10k: Use DECLARE_FLEX_ARRAY() for ath10k_htc_record (bsc#1227149).\n- wifi: ath10k: Use list_count_nodes() (bsc#1227149).\n- wifi: ath10k: add missing wmi_10_4_feature_mask documentation (bsc#1227149).\n- wifi: ath10k: add support to allow broadcast action frame RX (bsc#1227149).\n- wifi: ath10k: consistently use kstrtoX_from_user() functions (bsc#1227149).\n- wifi: ath10k: correctly document enum wmi_tlv_tx_pause_id (bsc#1227149).\n- wifi: ath10k: drop HTT_DATA_TX_STATUS_DOWNLOAD_FAIL (bsc#1227149).\n- wifi: ath10k: fix QCOM_RPROC_COMMON dependency (git-fixes).\n- wifi: ath10k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).\n- wifi: ath10k: fix htt_q_state_conf \u0026 htt_q_state kernel-doc (bsc#1227149).\n- wifi: ath10k: improve structure padding (bsc#1227149).\n- wifi: ath10k: indicate to mac80211 scan complete with aborted flag for ATH10K_SCAN_STARTING state (bsc#1227149).\n- wifi: ath10k: poll service ready message before failing (git-fixes).\n- wifi: ath10k: populate board data for WCN3990 (git-fixes).\n- wifi: ath10k: remove ath10k_htc_record::pauload[] (bsc#1227149).\n- wifi: ath10k: remove duplicate memset() in 10.4 TDLS peer update (bsc#1227149).\n- wifi: ath10k: remove struct wmi_pdev_chanlist_update_event (bsc#1227149).\n- wifi: ath10k: remove unused template structs (bsc#1227149).\n- wifi: ath10k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: ath10k: replace deprecated strncpy with memcpy (bsc#1227149).\n- wifi: ath10k: simplify __ath10k_htt_tx_txq_recalc() (bsc#1227149).\n- wifi: ath10k: simplify ath10k_peer_create() (bsc#1227149).\n- wifi: ath10k: use flexible array in struct wmi_host_mem_chunks (bsc#1227149).\n- wifi: ath10k: use flexible array in struct wmi_tdls_peer_capabilities (bsc#1227149).\n- wifi: ath10k: use flexible arrays for WMI start scan TLVs (bsc#1227149).\n- wifi: ath11k: Add HTT stats for PHY reset case (bsc#1227149).\n- wifi: ath11k: Add coldboot calibration support for QCN9074 (bsc#1227149).\n- wifi: ath11k: Allow ath11k to boot without caldata in ftm mode (bsc#1227149).\n- wifi: ath11k: Consistently use ath11k_vif_to_arvif() (bsc#1227149).\n- wifi: ath11k: Consolidate WMI peer flags (bsc#1227149).\n- wifi: ath11k: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: ath11k: Do not directly use scan_flags in struct scan_req_params (bsc#1227149).\n- wifi: ath11k: EMA beacon support (bsc#1227149).\n- wifi: ath11k: Fix a few spelling errors (bsc#1227149).\n- wifi: ath11k: Fix ath11k_htc_record flexible record (bsc#1227149).\n- wifi: ath11k: Introduce and use ath11k_sta_to_arsta() (bsc#1227149).\n- wifi: ath11k: MBSSID beacon support (bsc#1227149).\n- wifi: ath11k: MBSSID configuration during vdev create/start (bsc#1227149).\n- wifi: ath11k: MBSSID parameter configuration in AP mode (bsc#1227149).\n- wifi: ath11k: Really consistently use ath11k_vif_to_arvif() (bsc#1227149).\n- wifi: ath11k: Relocate the func ath11k_mac_bitrate_mask_num_ht_rates() and change hweight16 to hweight8 (bsc#1227149).\n- wifi: ath11k: Remove ath11k_base::bd_api (bsc#1227149).\n- wifi: ath11k: Remove cal_done check during probe (bsc#1227149).\n- wifi: ath11k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).\n- wifi: ath11k: Remove scan_flags union from struct scan_req_params (bsc#1227149).\n- wifi: ath11k: Remove struct ath11k::ops (bsc#1227149).\n- wifi: ath11k: Remove unneeded semicolon (bsc#1227149).\n- wifi: ath11k: Remove unused declarations (bsc#1227149).\n- wifi: ath11k: Remove unused struct ath11k_htc_frame (bsc#1227149).\n- wifi: ath11k: Send HT fixed rate in WMI peer fixed param (bsc#1227149).\n- wifi: ath11k: Split coldboot calibration hw_param (bsc#1227149).\n- wifi: ath11k: Update Qualcomm Innovation Center, Inc. copyrights (bsc#1227149).\n- wifi: ath11k: Use device_get_match_data() (bsc#1227149).\n- wifi: ath11k: Use list_count_nodes() (bsc#1227149).\n- wifi: ath11k: add WMI event debug messages (bsc#1227149).\n- wifi: ath11k: add WMI_TLV_SERVICE_EXT_TPC_REG_SUPPORT service bit (bsc#1227149).\n- wifi: ath11k: add chip id board name while searching board-2.bin for WCN6855 (bsc#1227149).\n- wifi: ath11k: add firmware-2.bin support (bsc#1227149).\n- wifi: ath11k: add handler for WMI_VDEV_SET_TPC_POWER_CMDID (bsc#1227149).\n- wifi: ath11k: add parse of transmit power envelope element (bsc#1227149).\n- wifi: ath11k: add parsing of phy bitmap for reg rules (bsc#1227149).\n- wifi: ath11k: add support for QCA2066 (bsc#1227149).\n- wifi: ath11k: add support to select 6 GHz regulatory type (bsc#1227149).\n- wifi: ath11k: ath11k_debugfs_register(): fix format-truncation warning (bsc#1227149).\n- wifi: ath11k: avoid forward declaration of ath11k_mac_start_vdev_delay() (bsc#1227149).\n- wifi: ath11k: call ath11k_mac_fils_discovery() without condition (bsc#1227149).\n- wifi: ath11k: constify MHI channel and controller configs (bsc#1227149).\n- wifi: ath11k: debug: add ATH11K_DBG_CE (bsc#1227149).\n- wifi: ath11k: debug: remove unused ATH11K_DBG_ANY (bsc#1227149).\n- wifi: ath11k: debug: use all upper case in ATH11k_DBG_HAL (bsc#1227149).\n- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).\n- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).\n- wifi: ath11k: do not use %pK (bsc#1227149).\n- wifi: ath11k: document HAL_RX_BUF_RBM_SW4_BM (bsc#1227149).\n- wifi: ath11k: dp: cleanup debug message (bsc#1227149).\n- wifi: ath11k: driver settings for MBSSID and EMA (bsc#1227149).\n- wifi: ath11k: drop NULL pointer check in ath11k_update_per_peer_tx_stats() (bsc#1227149).\n- wifi: ath11k: drop redundant check in ath11k_dp_rx_mon_dest_process() (bsc#1227149).\n- wifi: ath11k: enable 36 bit mask for stream DMA (bsc#1227149).\n- wifi: ath11k: factory test mode support (bsc#1227149).\n- wifi: ath11k: fill parameters for vdev set tpc power WMI command (bsc#1227149).\n- wifi: ath11k: fix CAC running state during virtual interface start (bsc#1227149).\n- wifi: ath11k: fix IOMMU errors on buffer rings (bsc#1227149).\n- wifi: ath11k: fix RCU documentation in ath11k_mac_op_ipv6_changed() (git-fixes).\n- wifi: ath11k: fix WCN6750 firmware crash caused by 17 num_vdevs (bsc#1227149).\n- wifi: ath11k: fix Wvoid-pointer-to-enum-cast warning (bsc#1227149).\n- wifi: ath11k: fix a possible dead lock caused by ab-\u003ebase_lock (bsc#1227149).\n- wifi: ath11k: fix ath11k_mac_op_remain_on_channel() stack usage (bsc#1227149).\n- wifi: ath11k: fix connection failure due to unexpected peer delete (bsc#1227149).\n- wifi: ath11k: fix tid bitmap is 0 in peer rx mu stats (bsc#1227149).\n- wifi: ath11k: fix wrong definition of CE ring\u0027s base address (git-fixes).\n- wifi: ath11k: fix wrong handling of CCMP256 and GCMP ciphers (git-fixes).\n- wifi: ath11k: hal: cleanup debug message (bsc#1227149).\n- wifi: ath11k: htc: cleanup debug messages (bsc#1227149).\n- wifi: ath11k: initialize eirp_power before use (bsc#1227149).\n- wifi: ath11k: mac: fix struct ieee80211_sband_iftype_data handling (bsc#1227149).\n- wifi: ath11k: mhi: add a warning message for MHI_CB_EE_RDDM crash (bsc#1227149).\n- wifi: ath11k: move pci.ops registration ahead (bsc#1227149).\n- wifi: ath11k: move power type check to ASSOC stage when connecting to 6 GHz AP (bsc#1227149).\n- wifi: ath11k: move references from rsvd2 to info fields (bsc#1227149).\n- wifi: ath11k: pci: cleanup debug logging (bsc#1227149).\n- wifi: ath11k: print debug level in debug messages (bsc#1227149).\n- wifi: ath11k: provide address list if chip supports 2 stations (bsc#1227149).\n- wifi: ath11k: qmi: refactor ath11k_qmi_m3_load() (bsc#1227149).\n- wifi: ath11k: refactor ath11k_wmi_tlv_parse_alloc() (bsc#1227149).\n- wifi: ath11k: refactor setting country code logic (stable-fixes).\n- wifi: ath11k: refactor vif parameter configurations (bsc#1227149).\n- wifi: ath11k: rely on mac80211 debugfs handling for vif (bsc#1227149).\n- wifi: ath11k: remove ath11k_htc_record::pauload[] (bsc#1227149).\n- wifi: ath11k: remove invalid peer create logic (bsc#1227149).\n- wifi: ath11k: remove manual mask names from debug messages (bsc#1227149).\n- wifi: ath11k: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath11k: remove unsupported event handlers (bsc#1227149).\n- wifi: ath11k: remove unused function ath11k_tm_event_wmi() (bsc#1227149).\n- wifi: ath11k: remove unused members of \u0027struct ath11k_base\u0027 (bsc#1227149).\n- wifi: ath11k: remove unused scan_events from struct scan_req_params (bsc#1227149).\n- wifi: ath11k: rename MBSSID fields in wmi_vdev_up_cmd (bsc#1227149).\n- wifi: ath11k: rename ath11k_start_vdev_delay() (bsc#1227149).\n- wifi: ath11k: rename the sc naming convention to ab (bsc#1227149).\n- wifi: ath11k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).\n- wifi: ath11k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: ath11k: restore country code during resume (git-fixes).\n- wifi: ath11k: save max transmit power in vdev start response event from firmware (bsc#1227149).\n- wifi: ath11k: save power spectral density(PSD) of regulatory rule (bsc#1227149).\n- wifi: ath11k: simplify ath11k_mac_validate_vht_he_fixed_rate_settings() (bsc#1227149).\n- wifi: ath11k: simplify the code with module_platform_driver (bsc#1227149).\n- wifi: ath11k: store cur_regulatory_info for each radio (bsc#1227149).\n- wifi: ath11k: support 2 station interfaces (bsc#1227149).\n- wifi: ath11k: update proper pdev/vdev id for testmode command (bsc#1227149).\n- wifi: ath11k: update regulatory rules when connect to AP on 6 GHz band for station (bsc#1227149).\n- wifi: ath11k: update regulatory rules when interface added (bsc#1227149).\n- wifi: ath11k: use RCU when accessing struct inet6_dev::ac_list (bsc#1227149).\n- wifi: ath11k: use WMI_VDEV_SET_TPC_POWER_CMDID when EXT_TPC_REG_SUPPORT for 6 GHz (bsc#1227149).\n- wifi: ath11k: use kstrtoul_from_user() where appropriate (bsc#1227149).\n- wifi: ath11k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).\n- wifi: ath11k: wmi: add unified command debug messages (bsc#1227149).\n- wifi: ath11k: wmi: cleanup error handling in ath11k_wmi_send_init_country_cmd() (bsc#1227149).\n- wifi: ath11k: wmi: use common error handling style (bsc#1227149).\n- wifi: ath11k: workaround too long expansion sparse warnings (bsc#1227149).\n- wifi: ath12k: Add logic to write QRTR node id to scratch (bsc#1227149).\n- wifi: ath12k: Add missing qmi_txn_cancel() calls (bsc#1227149).\n- wifi: ath12k: Add support to parse new WMI event for 6 GHz regulatory (bsc#1227149).\n- wifi: ath12k: Consistently use ath12k_vif_to_arvif() (bsc#1227149).\n- wifi: ath12k: Consolidate WMI peer flags (bsc#1227149).\n- wifi: ath12k: Correct 6 GHz frequency value in rx status (git-fixes).\n- wifi: ath12k: Do not drop tx_status in failure case (git-fixes).\n- wifi: ath12k: Do not use scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).\n- wifi: ath12k: Enable Mesh support for QCN9274 (bsc#1227149).\n- wifi: ath12k: Fix a few spelling errors (bsc#1227149).\n- wifi: ath12k: Fix tx completion ring (WBM2SW) setup failure (git-fixes).\n- wifi: ath12k: Fix uninitialized use of ret in ath12k_mac_allocate() (bsc#1227149).\n- wifi: ath12k: Introduce and use ath12k_sta_to_arsta() (bsc#1227149).\n- wifi: ath12k: Introduce the container for mac80211 hw (bsc#1227149).\n- wifi: ath12k: Make QMI message rules const (bsc#1227149).\n- wifi: ath12k: Optimize the mac80211 hw data access (bsc#1227149).\n- wifi: ath12k: Read board id to support split-PHY QCN9274 (bsc#1227149).\n- wifi: ath12k: Refactor the mac80211 hw access from link/radio (bsc#1227149).\n- wifi: ath12k: Remove ath12k_base::bd_api (bsc#1227149).\n- wifi: ath12k: Remove obsolete struct wmi_peer_flags_map *peer_flags (bsc#1227149).\n- wifi: ath12k: Remove some dead code (bsc#1227149).\n- wifi: ath12k: Remove struct ath12k::ops (bsc#1227149).\n- wifi: ath12k: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath12k: Remove unnecessary struct qmi_txn initializers (bsc#1227149).\n- wifi: ath12k: Remove unused declarations (bsc#1227149).\n- wifi: ath12k: Remove unused scan_flags from struct ath12k_wmi_scan_req_arg (bsc#1227149).\n- wifi: ath12k: Set default beacon mode to burst mode (bsc#1227149).\n- wifi: ath12k: Update Qualcomm Innovation Center, Inc. copyrights (stable-fixes).\n- wifi: ath12k: Use initializers for QMI message buffers (bsc#1227149).\n- wifi: ath12k: Use msdu_end to check MCBC (bsc#1227149).\n- wifi: ath12k: Use pdev_id rather than mac_id to get pdev (bsc#1227149).\n- wifi: ath12k: WMI support to process EHT capabilities (bsc#1227149).\n- wifi: ath12k: add 320 MHz bandwidth enums (bsc#1227149).\n- wifi: ath12k: add CE and ext IRQ flag to indicate irq_handler (bsc#1227149).\n- wifi: ath12k: add EHT PHY modes (bsc#1227149).\n- wifi: ath12k: add MAC id support in WBM error path (bsc#1227149).\n- wifi: ath12k: add MLO header in peer association (bsc#1227149).\n- wifi: ath12k: add P2P IE in beacon template (bsc#1227149).\n- wifi: ath12k: add QMI PHY capability learn support (bsc#1227149).\n- wifi: ath12k: add WMI support for EHT peer (bsc#1227149).\n- wifi: ath12k: add ath12k_qmi_free_resource() for recovery (bsc#1227149).\n- wifi: ath12k: add fallback board name without variant while searching board-2.bin (bsc#1227149).\n- wifi: ath12k: add firmware-2.bin support (bsc#1227149).\n- wifi: ath12k: add handler for scan event WMI_SCAN_EVENT_DEQUEUED (bsc#1227149).\n- wifi: ath12k: add keep backward compatibility of PHY mode to avoid firmware crash (bsc#1227149).\n- wifi: ath12k: add msdu_end structure for WCN7850 (bsc#1227149).\n- wifi: ath12k: add parsing of phy bitmap for reg rules (bsc#1227149).\n- wifi: ath12k: add processing for TWT disable event (bsc#1227149).\n- wifi: ath12k: add processing for TWT enable event (bsc#1227149).\n- wifi: ath12k: add qmi_cnss_feature_bitmap field to hardware parameters (bsc#1227149).\n- wifi: ath12k: add rcu lock for ath12k_wmi_p2p_noa_event() (bsc#1227149).\n- wifi: ath12k: add read variant from SMBIOS for download board data (bsc#1227149).\n- wifi: ath12k: add string type to search board data in board-2.bin for WCN7850 (bsc#1227149).\n- wifi: ath12k: add support for BA1024 (bsc#1227149).\n- wifi: ath12k: add support for collecting firmware log (bsc#1227149).\n- wifi: ath12k: add support for hardware rfkill for WCN7850 (bsc#1227149).\n- wifi: ath12k: add support for peer meta data version (bsc#1227149).\n- wifi: ath12k: add support one MSI vector (bsc#1227149).\n- wifi: ath12k: add support to search regdb data in board-2.bin for WCN7850 (bsc#1227149).\n- wifi: ath12k: add wait operation for tx management packets for flush from mac80211 (bsc#1227149).\n- wifi: ath12k: advertise P2P dev support for WCN7850 (bsc#1227149).\n- wifi: ath12k: allow specific mgmt frame tx while vdev is not up (bsc#1227149).\n- wifi: ath12k: ath12k_start_vdev_delay(): convert to use ar (bsc#1227149).\n- wifi: ath12k: avoid deadlock by change ieee80211_queue_work for regd_update_work (bsc#1227149).\n- wifi: ath12k: avoid duplicated vdev stop (git-fixes).\n- wifi: ath12k: avoid explicit HW conversion argument in Rxdma replenish (bsc#1227149).\n- wifi: ath12k: avoid explicit RBM id argument in Rxdma replenish (bsc#1227149).\n- wifi: ath12k: avoid explicit mac id argument in Rxdma replenish (bsc#1227149).\n- wifi: ath12k: avoid repeated hw access from ar (bsc#1227149).\n- wifi: ath12k: avoid repeated wiphy access from hw (bsc#1227149).\n- wifi: ath12k: call ath12k_mac_fils_discovery() without condition (bsc#1227149).\n- wifi: ath12k: change DMA direction while mapping reinjected packets (git-fixes).\n- wifi: ath12k: change MAC buffer ring size to 2048 (bsc#1227149).\n- wifi: ath12k: change WLAN_SCAN_PARAMS_MAX_IE_LEN from 256 to 512 (bsc#1227149).\n- wifi: ath12k: change interface combination for P2P mode (bsc#1227149).\n- wifi: ath12k: change to initialize recovery variables earlier in ath12k_core_reset() (bsc#1227149).\n- wifi: ath12k: change to treat alpha code na as world wide regdomain (bsc#1227149).\n- wifi: ath12k: change to use dynamic memory for channel list of scan (bsc#1227149).\n- wifi: ath12k: check M3 buffer size as well whey trying to reuse it (bsc#1227149).\n- wifi: ath12k: check hardware major version for WCN7850 (bsc#1227149).\n- wifi: ath12k: configure RDDM size to MHI for device recovery (bsc#1227149).\n- wifi: ath12k: configure puncturing bitmap (bsc#1227149).\n- wifi: ath12k: correct the data_type from QMI_OPT_FLAG to QMI_UNSIGNED_1_BYTE for mlo_capable (bsc#1227149).\n- wifi: ath12k: delete the timer rx_replenish_retry during rmmod (bsc#1227149).\n- wifi: ath12k: designating channel frequency for ROC scan (bsc#1227149).\n- wifi: ath12k: disable QMI PHY capability learn in split-phy QCN9274 (bsc#1227149).\n- wifi: ath12k: do not drop data frames from unassociated stations (bsc#1227149).\n- wifi: ath12k: do not restore ASPM in case of single MSI vector (bsc#1227149).\n- wifi: ath12k: drop NULL pointer check in ath12k_update_per_peer_tx_stats() (bsc#1227149).\n- wifi: ath12k: drop failed transmitted frames from metric calculation (git-fixes).\n- wifi: ath12k: enable 320 MHz bandwidth for 6 GHz band in EHT PHY capability for WCN7850 (bsc#1227149).\n- wifi: ath12k: enable 802.11 power save mode in station mode (bsc#1227149).\n- wifi: ath12k: enable IEEE80211_HW_SINGLE_SCAN_ON_ALL_BANDS for WCN7850 (bsc#1227149).\n- wifi: ath12k: fetch correct pdev id from WMI_SERVICE_READY_EXT_EVENTID (bsc#1227149).\n- wifi: ath12k: fix PCI read and write (bsc#1227149).\n- wifi: ath12k: fix WARN_ON during ath12k_mac_update_vif_chan (bsc#1227149).\n- wifi: ath12k: fix broken structure wmi_vdev_create_cmd (bsc#1227149).\n- wifi: ath12k: fix conf_mutex in ath12k_mac_op_unassign_vif_chanctx() (bsc#1227149).\n- wifi: ath12k: fix debug messages (bsc#1227149).\n- wifi: ath12k: fix fetching MCBC flag for QCN9274 (bsc#1227149).\n- wifi: ath12k: fix firmware assert during insmod in memory segment mode (bsc#1227149).\n- wifi: ath12k: fix firmware crash during reo reinject (git-fixes).\n- wifi: ath12k: fix invalid m3 buffer address (bsc#1227149).\n- wifi: ath12k: fix invalid memory access while processing fragmented packets (git-fixes).\n- wifi: ath12k: fix kernel crash during resume (bsc#1227149).\n- wifi: ath12k: fix license in p2p.c and p2p.h (bsc#1227149).\n- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).\n- wifi: ath12k: fix peer metadata parsing (git-fixes).\n- wifi: ath12k: fix potential wmi_mgmt_tx_queue race condition (bsc#1227149).\n- wifi: ath12k: fix radar detection in 160 MHz (bsc#1227149).\n- wifi: ath12k: fix recovery fail while firmware crash when doing channel switch (bsc#1227149).\n- wifi: ath12k: fix the error handler of rfkill config (bsc#1227149).\n- wifi: ath12k: fix the issue that the multicast/broadcast indicator is not read correctly for WCN7850 (bsc#1227149).\n- wifi: ath12k: fix the problem that down grade phy mode operation (bsc#1227149).\n- wifi: ath12k: fix wrong definition of CE ring\u0027s base address (git-fixes).\n- wifi: ath12k: fix wrong definitions of hal_reo_update_rx_queue (bsc#1227149).\n- wifi: ath12k: get msi_data again after request_irq is called (bsc#1227149).\n- wifi: ath12k: implement handling of P2P NoA event (bsc#1227149).\n- wifi: ath12k: implement remain on channel for P2P mode (bsc#1227149).\n- wifi: ath12k: increase vdev setup timeout (bsc#1227149).\n- wifi: ath12k: indicate NON MBSSID vdev by default during vdev start (bsc#1227149).\n- wifi: ath12k: indicate scan complete for scan canceled when scan running (bsc#1227149).\n- wifi: ath12k: indicate to mac80211 scan complete with aborted flag for ATH12K_SCAN_STARTING state (bsc#1227149).\n- wifi: ath12k: move HE capabilities processing to a new function (bsc#1227149).\n- wifi: ath12k: move peer delete after vdev stop of station for WCN7850 (bsc#1227149).\n- wifi: ath12k: parse WMI service ready ext2 event (bsc#1227149).\n- wifi: ath12k: peer assoc for 320 MHz (bsc#1227149).\n- wifi: ath12k: prepare EHT peer assoc parameters (bsc#1227149).\n- wifi: ath12k: propagate EHT capabilities to userspace (bsc#1227149).\n- wifi: ath12k: refactor DP Rxdma ring structure (bsc#1227149).\n- wifi: ath12k: refactor QMI MLO host capability helper function (bsc#1227149).\n- wifi: ath12k: refactor ath12k_bss_assoc() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_allocate() and ath12k_mac_destroy() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_ampdu_action() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_conf_tx() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_config() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_configure_filter() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_flush() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_start() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_stop() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_op_update_vif_offload() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_register() and ath12k_mac_unregister() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_mac_setup_channels_rates() (bsc#1227149).\n- wifi: ath12k: refactor ath12k_wmi_tlv_parse_alloc() (bsc#1227149).\n- wifi: ath12k: refactor multiple MSI vector implementation (bsc#1227149).\n- wifi: ath12k: refactor the rfkill worker (bsc#1227149).\n- wifi: ath12k: register EHT mesh capabilities (bsc#1227149).\n- wifi: ath12k: relax list iteration in ath12k_mac_vif_unref() (bsc#1227149).\n- wifi: ath12k: relocate ath12k_dp_pdev_pre_alloc() call (bsc#1227149).\n- wifi: ath12k: remove hal_desc_sz from hw params (bsc#1227149).\n- wifi: ath12k: remove redundant memset() in ath12k_hal_reo_qdesc_setup() (bsc#1227149).\n- wifi: ath12k: remove the unused scan_events from ath12k_wmi_scan_req_arg (bsc#1227149).\n- wifi: ath12k: remove unused ATH12K_BD_IE_BOARD_EXT (bsc#1227149).\n- wifi: ath12k: rename HE capabilities setup/copy functions (bsc#1227149).\n- wifi: ath12k: rename the sc naming convention to ab (bsc#1227149).\n- wifi: ath12k: rename the wmi_sc naming convention to wmi_ab (bsc#1227149).\n- wifi: ath12k: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: ath12k: send WMI_PEER_REORDER_QUEUE_SETUP_CMDID when ADDBA session starts (bsc#1227149).\n- wifi: ath12k: set IRQ affinity to CPU0 in case of one MSI vector (bsc#1227149).\n- wifi: ath12k: set PERST pin no pull request for WCN7850 (bsc#1227149).\n- wifi: ath12k: split hal_ops to support RX TLVs word mask compaction (bsc#1227149).\n- wifi: ath12k: subscribe required word mask from rx tlv (bsc#1227149).\n- wifi: ath12k: support default regdb while searching board-2.bin for WCN7850 (bsc#1227149).\n- wifi: ath12k: trigger station disconnect on hardware restart (bsc#1227149).\n- wifi: ath12k: use ATH12K_PCI_IRQ_DP_OFFSET for DP IRQ (bsc#1227149).\n- wifi: ath12k: use correct flag field for 320 MHz channels (bsc#1227149).\n- wifi: ath12k: use select for CRYPTO_MICHAEL_MIC (bsc#1227149).\n- wifi: ath5k: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: ath5k: Remove redundant dev_err() (bsc#1227149).\n- wifi: ath5k: ath5k_hw_get_median_noise_floor(): use swap() (bsc#1227149).\n- wifi: ath5k: remove phydir check from ath5k_debug_init_device() (bsc#1227149).\n- wifi: ath5k: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath5k: remove unused ath5k_eeprom_info::ee_antenna (bsc#1227149).\n- wifi: ath5k: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: ath6kl: Remove error checking for debugfs_create_dir() (bsc#1227149).\n- wifi: ath6kl: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath6kl: replace deprecated strncpy with memcpy (bsc#1227149).\n- wifi: ath9k: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: ath9k: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: ath9k: Remove unnecessary ternary operators (bsc#1227149).\n- wifi: ath9k: Remove unused declarations (bsc#1227149).\n- wifi: ath9k: avoid using uninitialized array (bsc#1227149).\n- wifi: ath9k: clean up function ath9k_hif_usb_resume (bsc#1227149).\n- wifi: ath9k: consistently use kstrtoX_from_user() functions (bsc#1227149).\n- wifi: ath9k: delete some unused/duplicate macros (bsc#1227149).\n- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).\n- wifi: ath9k: fix parameter check in ath9k_init_debug() (bsc#1227149).\n- wifi: ath9k: remove redundant assignment to variable ret (bsc#1227149).\n- wifi: ath9k: reset survey of current channel after a scan started (bsc#1227149).\n- wifi: ath9k: simplify ar9003_hw_process_ini() (bsc#1227149).\n- wifi: ath9k: use u32 for txgain indexes (bsc#1227149).\n- wifi: ath9k: work around memset overflow warning (bsc#1227149).\n- wifi: ath9k_htc: fix format-truncation warning (bsc#1227149).\n- wifi: ath: Use is_multicast_ether_addr() to check multicast Ether address (bsc#1227149).\n- wifi: ath: dfs_pattern_detector: Use flex array to simplify code (bsc#1227149).\n- wifi: ath: remove unused-but-set parameter (bsc#1227149).\n- wifi: ath: work around false-positive stringop-overread warning (bsc#1227149).\n- wifi: atk10k: Do not opencode ath10k_pci_priv() in ath10k_ahb_priv() (bsc#1227149).\n- wifi: atmel: remove unused ioctl function (bsc#1227149).\n- wifi: b43: silence sparse warnings (bsc#1227149).\n- wifi: brcm80211: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).\n- wifi: brcmfmac: Annotate struct brcmf_gscan_config with __counted_by (bsc#1227149).\n- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).\n- wifi: brcmfmac: Detect corner error case earlier with log (bsc#1227149).\n- wifi: brcmfmac: add linefeed at end of file (bsc#1227149).\n- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).\n- wifi: brcmfmac: allow per-vendor event handling (bsc#1227149).\n- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).\n- wifi: brcmfmac: do not cast hidden SSID attribute value to boolean (bsc#1227149).\n- wifi: brcmfmac: do not pass hidden SSID attribute as value directly (bsc#1227149).\n- wifi: brcmfmac: export firmware interface functions (bsc#1227149).\n- wifi: brcmfmac: firmware: Annotate struct brcmf_fw_request with __counted_by (bsc#1227149).\n- wifi: brcmfmac: fix format-truncation warnings (bsc#1227149).\n- wifi: brcmfmac: fix gnu_printf warnings (bsc#1227149).\n- wifi: brcmfmac: fweh: Add __counted_by for struct brcmf_fweh_queue_item and use struct_size() (bsc#1227149).\n- wifi: brcmfmac: fweh: Fix boot crash on Raspberry Pi 4 (bsc#1227149).\n- wifi: brcmfmac: move feature overrides before feature_disable (bsc#1227149).\n- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).\n- wifi: brcmsmac: LCN PHY code is used for BCM4313 2G-only device (git-fixes).\n- wifi: brcmsmac: cleanup SCB-related data types (bsc#1227149).\n- wifi: brcmsmac: fix gnu_printf warnings (bsc#1227149).\n- wifi: brcmsmac: phy: Remove unreachable code (bsc#1227149).\n- wifi: brcmsmac: remove more unused data types (bsc#1227149).\n- wifi: brcmsmac: remove unused data type (bsc#1227149).\n- wifi: brcmsmac: replace deprecated strncpy with memcpy (bsc#1227149).\n- wifi: brcmsmac: silence sparse warnings (bsc#1227149).\n- wifi: brcmutil: use helper function pktq_empty() instead of open code (bsc#1227149).\n- wifi: carl9170: Remove redundant assignment to pointer super (bsc#1227149).\n- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).\n- wifi: carl9170: re-fix fortified-memset warning (git-fixes).\n- wifi: carl9170: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: cfg80211: Add support for setting TID to link mapping (bsc#1227149).\n- wifi: cfg80211: Allow AP/P2PGO to indicate port authorization to peer STA/P2PClient (bsc#1227149).\n- wifi: cfg80211: Extend support for scanning while MLO connected (bsc#1227149).\n- wifi: cfg80211: Fix typo in documentation (bsc#1227149).\n- wifi: cfg80211: Handle specific BSSID in 6GHz scanning (bsc#1227149).\n- wifi: cfg80211: Include operating class 137 in 6GHz band (bsc#1227149).\n- wifi: cfg80211: Lock wiphy in cfg80211_get_station (git-fixes).\n- wifi: cfg80211: OWE DH IE handling offload (bsc#1227149).\n- wifi: cfg80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: cfg80211: Schedule regulatory check on BSS STA channel change (bsc#1227149).\n- wifi: cfg80211: Update the default DSCP-to-UP mapping (bsc#1227149).\n- wifi: cfg80211: add BSS usage reporting (bsc#1227149).\n- wifi: cfg80211: add RNR with reporting AP information (bsc#1227149).\n- wifi: cfg80211: add a flag to disable wireless extensions (bsc#1227149).\n- wifi: cfg80211: add local_state_change to deauth trace (bsc#1227149).\n- wifi: cfg80211: add locked debugfs wrappers (bsc#1227149).\n- wifi: cfg80211: add support for SPP A-MSDUs (bsc#1227149).\n- wifi: cfg80211: address several kerneldoc warnings (bsc#1227149).\n- wifi: cfg80211: allow reg update by driver even if wiphy-\u003eregd is set (bsc#1227149).\n- wifi: cfg80211: annotate iftype_data pointer with sparse (bsc#1227149).\n- wifi: cfg80211: avoid double free if updating BSS fails (bsc#1227149).\n- wifi: cfg80211: call reg_call_notifier on beacon hints (bsc#1227149).\n- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).\n- wifi: cfg80211: check RTNL when iterating devices (bsc#1227149).\n- wifi: cfg80211: check wiphy mutex is held for wdev mutex (bsc#1227149).\n- wifi: cfg80211: consume both probe response and beacon IEs (bsc#1227149).\n- wifi: cfg80211: detect stuck ECSA element in probe resp (bsc#1227149).\n- wifi: cfg80211: ensure cfg80211_bss_update frees IEs on error (bsc#1227149).\n- wifi: cfg80211: export DFS CAC time and usable state helper functions (bsc#1227149).\n- wifi: cfg80211: expose nl80211_chan_width_to_mhz for wide sharing (bsc#1227149).\n- wifi: cfg80211: fix 6 GHz scan request building (stable-fixes).\n- wifi: cfg80211: fix CQM for non-range use (bsc#1227149).\n- wifi: cfg80211: fix header kernel-doc typos (bsc#1227149).\n- wifi: cfg80211: fix kernel-doc for wiphy_delayed_work_flush() (bsc#1227149).\n- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).\n- wifi: cfg80211: fix spelling \u0026 punctutation (bsc#1227149).\n- wifi: cfg80211: fix the order of arguments for trace events of the tx_rx_evt class (stable-fixes).\n- wifi: cfg80211: fix typo in cfg80211_calculate_bitrate_he() (git-fixes).\n- wifi: cfg80211: fully move wiphy work to unbound workqueue (git-fixes).\n- wifi: cfg80211: generate an ML element for per-STA profiles (bsc#1227149).\n- wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (git-fixes).\n- wifi: cfg80211: handle UHB AP and STA power type (bsc#1227149).\n- wifi: cfg80211: hold wiphy lock in cfg80211_any_wiphy_oper_chan() (bsc#1227149).\n- wifi: cfg80211: hold wiphy mutex for send_interface (bsc#1227149).\n- wifi: cfg80211: improve documentation for flag fields (bsc#1227149).\n- wifi: cfg80211: introduce cfg80211_ssid_eq() (bsc#1227149).\n- wifi: cfg80211: make RX assoc data const (bsc#1227149).\n- wifi: cfg80211: make read-only array centers_80mhz static const (bsc#1227149).\n- wifi: cfg80211: modify prototype for change_beacon (bsc#1227149).\n- wifi: cfg80211: pmsr: use correct nla_get_uX functions (git-fixes).\n- wifi: cfg80211: reg: Support P2P operation on DFS channels (bsc#1227149).\n- wifi: cfg80211: reg: describe return values in kernel-doc (bsc#1227149).\n- wifi: cfg80211: reg: fix various kernel-doc issues (bsc#1227149).\n- wifi: cfg80211: reg: hold wiphy mutex for wdev iteration (bsc#1227149).\n- wifi: cfg80211: remove scan_width support (bsc#1227149).\n- wifi: cfg80211: remove wdev mutex (bsc#1227149).\n- wifi: cfg80211: rename UHB to 6 GHz (bsc#1227149).\n- wifi: cfg80211: report per-link errors during association (bsc#1227149).\n- wifi: cfg80211: report unprotected deauth/disassoc in wowlan (bsc#1227149).\n- wifi: cfg80211: restrict NL80211_ATTR_TXQ_QUANTUM values (git-fixes).\n- wifi: cfg80211: save power spectral density(psd) of regulatory rule (bsc#1227149).\n- wifi: cfg80211: set correct param change count in ML element (bsc#1227149).\n- wifi: cfg80211: sme: hold wiphy lock for wdev iteration (bsc#1227149).\n- wifi: cfg80211: sort certificates in build (bsc#1227149).\n- wifi: cfg80211: split struct cfg80211_ap_settings (bsc#1227149).\n- wifi: cfg80211: validate HE operation element parsing (bsc#1227149).\n- wifi: cfg80211: wext: add extra SIOCSIWSCAN data check (stable-fixes).\n- wifi: cfg80211: wext: convert return value to kernel-doc (bsc#1227149).\n- wifi: cfg80211: wext: set ssids=NULL for passive scans (git-fixes).\n- wifi: cw1200: Avoid processing an invalid TIM IE (bsc#1227149).\n- wifi: cw1200: Convert to GPIO descriptors (bsc#1227149).\n- wifi: cw1200: fix __le16 sparse warnings (bsc#1227149).\n- wifi: cw1200: restore endian swapping (bsc#1227149).\n- wifi: drivers: Explicitly include correct DT includes (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for Broadcom WLAN (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for ar5523 (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for mt76 drivers (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for p54spi (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wcn36xx (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wilc1000 (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wl1251 and wl12xx (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wl18xx (bsc#1227149).\n- wifi: fill in MODULE_DESCRIPTION()s for wlcore (bsc#1227149).\n- wifi: hostap: Add __counted_by for struct prism2_download_data and use struct_size() (bsc#1227149).\n- wifi: hostap: fix stringop-truncations GCC warning (bsc#1227149).\n- wifi: hostap: remove unused ioctl function (bsc#1227149).\n- wifi: ieee80211: add UL-bandwidth definition of trigger frame (bsc#1227149).\n- wifi: ieee80211: add definitions for negotiated TID to Link map (bsc#1227149).\n- wifi: ieee80211: check for NULL in ieee80211_mle_size_ok() (stable-fixes).\n- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).\n- wifi: iwlmei: do not send SAP messages if AMT is disabled (bsc#1227149).\n- wifi: iwlmei: do not send nic info with invalid mac address (bsc#1227149).\n- wifi: iwlmei: send HOST_GOES_DOWN message even if wiamt is disabled (bsc#1227149).\n- wifi: iwlmei: send driver down SAP message only if wiamt is enabled (bsc#1227149).\n- wifi: iwlmvm: fw: Add new OEM vendor to tas approved list (bsc#1227149).\n- wifi: iwlwifi: Add rf_mapping of new wifi7 devices (bsc#1227149).\n- wifi: iwlwifi: Add support for PPAG cmd v5 and PPAG revision 3 (bsc#1227149).\n- wifi: iwlwifi: Add support for new 802.11be device (bsc#1227149).\n- wifi: iwlwifi: Do not mark DFS channels as NO-IR (bsc#1227149).\n- wifi: iwlwifi: Extract common prph mac/phy regions data dump logic (bsc#1227149).\n- wifi: iwlwifi: Fix spelling mistake \"SESION\" -\u003e \"SESSION\" (bsc#1227149).\n- wifi: iwlwifi: Use request_module_nowait (bsc#1227149).\n- wifi: iwlwifi: abort scan when rfkill on but device enabled (bsc#1227149).\n- wifi: iwlwifi: add HONOR to PPAG approved list (bsc#1227149).\n- wifi: iwlwifi: add Razer to ppag approved list (bsc#1227149).\n- wifi: iwlwifi: add mapping of a periphery register crf for WH RF (bsc#1227149).\n- wifi: iwlwifi: add new RF support for wifi7 (bsc#1227149).\n- wifi: iwlwifi: add support for SNPS DPHYIP region type (bsc#1227149).\n- wifi: iwlwifi: add support for a wiphy_work rx handler (bsc#1227149).\n- wifi: iwlwifi: add support for activating UNII-1 in WW via BIOS (bsc#1227149).\n- wifi: iwlwifi: add support for new ini region types (bsc#1227149).\n- wifi: iwlwifi: adjust rx_phyinfo debugfs to MLO (bsc#1227149).\n- wifi: iwlwifi: always have \u0027uats_enabled\u0027 (bsc#1227149).\n- wifi: iwlwifi: api: clean up some kernel-doc/typos (bsc#1227149).\n- wifi: iwlwifi: api: dbg-tlv: fix up kernel-doc (bsc#1227149).\n- wifi: iwlwifi: api: fix a small upper/lower-case typo (bsc#1227149).\n- wifi: iwlwifi: api: fix center_freq label in PHY diagram (bsc#1227149).\n- wifi: iwlwifi: api: fix constant version to match FW (bsc#1227149).\n- wifi: iwlwifi: api: fix kernel-doc reference (bsc#1227149).\n- wifi: iwlwifi: bump FW API to 84 for AX/BZ/SC devices (bsc#1227149).\n- wifi: iwlwifi: bump FW API to 86 for AX/BZ/SC devices (bsc#1227149).\n- wifi: iwlwifi: bump FW API to 87 for AX/BZ/SC devices (bsc#1227149).\n- wifi: iwlwifi: bump FW API to 88 for AX/BZ/SC devices (bsc#1227149).\n- wifi: iwlwifi: cancel session protection only if there is one (bsc#1227149).\n- wifi: iwlwifi: change link id in time event to s8 (bsc#1227149).\n- wifi: iwlwifi: check for kmemdup() return value in iwl_parse_tlv_firmware() (bsc#1227149).\n- wifi: iwlwifi: cleanup BT Shared Single Antenna code (bsc#1227149).\n- wifi: iwlwifi: cleanup sending PER_CHAIN_LIMIT_OFFSET_CMD (bsc#1227149).\n- wifi: iwlwifi: cleanup uefi variables loading (bsc#1227149).\n- wifi: iwlwifi: clear link_id in time_event (bsc#1227149).\n- wifi: iwlwifi: dbg-tlv: avoid extra allocation/copy (bsc#1227149).\n- wifi: iwlwifi: dbg-tlv: use struct_size() for allocation (bsc#1227149).\n- wifi: iwlwifi: dbg_ini: move iwl_dbg_tlv_free outside of debugfs ifdef (git-fixes).\n- wifi: iwlwifi: disable 160 MHz based on subsystem device ID (bsc#1227149).\n- wifi: iwlwifi: disable eSR when BT is active (bsc#1227149).\n- wifi: iwlwifi: disable multi rx queue for 9000 (bsc#1227149).\n- wifi: iwlwifi: do not check TAS block list size twice (bsc#1227149).\n- wifi: iwlwifi: do not use TRUE/FALSE with bool (bsc#1227149).\n- wifi: iwlwifi: drop NULL pointer check in iwl_mvm_tzone_set_trip_temp() (bsc#1227149).\n- wifi: iwlwifi: dvm: remove kernel-doc warnings (bsc#1227149).\n- wifi: iwlwifi: error-dump: fix kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: fail NIC access fast on dead NIC (bsc#1227149).\n- wifi: iwlwifi: fix #ifdef CONFIG_ACPI check (bsc#1227149).\n- wifi: iwlwifi: fix iwl_mvm_get_valid_rx_ant() (git-fixes).\n- wifi: iwlwifi: fix opmode start/stop race (bsc#1227149).\n- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: fix some kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: fix system commands group ordering (bsc#1227149).\n- wifi: iwlwifi: fix the rf step and flavor bits range (bsc#1227149).\n- wifi: iwlwifi: fw: Add support for UATS table in UHB (bsc#1227149).\n- wifi: iwlwifi: fw: Fix debugfs command sending (bsc#1227149).\n- wifi: iwlwifi: fw: allow vmalloc for PNVM image (bsc#1227149).\n- wifi: iwlwifi: fw: dbg: ensure correct config name sizes (bsc#1227149).\n- wifi: iwlwifi: fw: disable firmware debug asserts (bsc#1227149).\n- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).\n- wifi: iwlwifi: fw: file: clean up kernel-doc (bsc#1227149).\n- wifi: iwlwifi: fw: file: do not use [0] for variable arrays (bsc#1227149).\n- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).\n- wifi: iwlwifi: fw: fix compiler warning for NULL string print (bsc#1227149).\n- wifi: iwlwifi: fw: increase fw_version string size (bsc#1227149).\n- wifi: iwlwifi: fw: reconstruct the API/CAPA enum number (bsc#1227149).\n- wifi: iwlwifi: fw: replace deprecated strncpy with strscpy_pad (bsc#1227149).\n- wifi: iwlwifi: handle per-phy statistics from fw (bsc#1227149).\n- wifi: iwlwifi: implement GLAI ACPI table loading (bsc#1227149).\n- wifi: iwlwifi: implement can_activate_links callback (bsc#1227149).\n- wifi: iwlwifi: implement enable/disable for China 2022 regulatory (bsc#1227149).\n- wifi: iwlwifi: iwl-fh.h: fix kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: iwl-trans.h: clean up kernel-doc (bsc#1227149).\n- wifi: iwlwifi: iwlmvm: handle unprotected deauth/disassoc in d3 (bsc#1227149).\n- wifi: iwlwifi: load b0 version of ucode for HR1/HR2 (bsc#1227149).\n- wifi: iwlwifi: make TB reallocation a debug message (bsc#1227149).\n- wifi: iwlwifi: make time_events MLO aware (bsc#1227149).\n- wifi: iwlwifi: mei: return error from register when not built (bsc#1227149).\n- wifi: iwlwifi: mvm: Add basic link selection logic (bsc#1227149).\n- wifi: iwlwifi: mvm: Add support for removing responder TKs (bsc#1227149).\n- wifi: iwlwifi: mvm: Allow DFS concurrent operation (bsc#1227149).\n- wifi: iwlwifi: mvm: Configure the link mapping for non-MLD FW (bsc#1227149).\n- wifi: iwlwifi: mvm: Correctly report TSF data in scan complete (bsc#1227149).\n- wifi: iwlwifi: mvm: Declare support for secure LTF measurement (bsc#1227149).\n- wifi: iwlwifi: mvm: Do not warn if valid link pair was not found (bsc#1227149).\n- wifi: iwlwifi: mvm: Do not warn on invalid link on scan complete (bsc#1227149).\n- wifi: iwlwifi: mvm: Extend support for P2P service discovery (bsc#1227149).\n- wifi: iwlwifi: mvm: Fix FTM initiator flags (bsc#1227149).\n- wifi: iwlwifi: mvm: Fix scan abort handling with HW rfkill (stable-fixes).\n- wifi: iwlwifi: mvm: Fix unreachable code path (bsc#1227149).\n- wifi: iwlwifi: mvm: Handle BIGTK cipher in kek_kck cmd (stable-fixes).\n- wifi: iwlwifi: mvm: Keep connection in case of missed beacons during RX (bsc#1227149).\n- wifi: iwlwifi: mvm: Return success if link could not be removed (bsc#1227149).\n- wifi: iwlwifi: mvm: Use the link ID provided in scan request (bsc#1227149).\n- wifi: iwlwifi: mvm: add US/Canada MCC to API (bsc#1227149).\n- wifi: iwlwifi: mvm: add a debug print when we get a BAR (bsc#1227149).\n- wifi: iwlwifi: mvm: add a debugfs hook to clear the monitor data (bsc#1227149).\n- wifi: iwlwifi: mvm: add a per-link debugfs (bsc#1227149).\n- wifi: iwlwifi: mvm: add a print when sending RLC command (bsc#1227149).\n- wifi: iwlwifi: mvm: add start mac ctdp sum calculation debugfs handler (bsc#1227149).\n- wifi: iwlwifi: mvm: add support for TID to link mapping neg request (bsc#1227149).\n- wifi: iwlwifi: mvm: add support for new wowlan_info_notif (bsc#1227149).\n- wifi: iwlwifi: mvm: advertise MLO only if EHT is enabled (bsc#1227149).\n- wifi: iwlwifi: mvm: advertise support for SCS traffic description (bsc#1227149).\n- wifi: iwlwifi: mvm: advertise support for protected ranging negotiation (bsc#1227149).\n- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).\n- wifi: iwlwifi: mvm: always update keys in D3 exit (bsc#1227149).\n- wifi: iwlwifi: mvm: avoid garbage iPN (bsc#1227149).\n- wifi: iwlwifi: mvm: calculate EMLSR mode after connection (bsc#1227149).\n- wifi: iwlwifi: mvm: check AP supports EMLSR (bsc#1227149).\n- wifi: iwlwifi: mvm: check for iwl_mvm_mld_update_sta() errors (bsc#1227149).\n- wifi: iwlwifi: mvm: check link more carefully (bsc#1227149).\n- wifi: iwlwifi: mvm: check n_ssids before accessing the ssids (git-fixes).\n- wifi: iwlwifi: mvm: check own capabilities for EMLSR (bsc#1227149).\n- wifi: iwlwifi: mvm: cleanup MLO and non-MLO unification code (bsc#1227149).\n- wifi: iwlwifi: mvm: combine condition/warning (bsc#1227149).\n- wifi: iwlwifi: mvm: consider having one active link (bsc#1227149).\n- wifi: iwlwifi: mvm: const-ify chandef pointers (bsc#1227149).\n- wifi: iwlwifi: mvm: cycle FW link on chanctx removal (bsc#1227149).\n- wifi: iwlwifi: mvm: d3: avoid intermediate/early mutex unlock (bsc#1227149).\n- wifi: iwlwifi: mvm: d3: disconnect on GTK rekey failure (bsc#1227149).\n- wifi: iwlwifi: mvm: d3: fix WoWLAN command version lookup (stable-fixes).\n- wifi: iwlwifi: mvm: d3: implement suspend with MLO (bsc#1227149).\n- wifi: iwlwifi: mvm: debugfs for fw system stats (bsc#1227149).\n- wifi: iwlwifi: mvm: define RX queue sync timeout as a macro (bsc#1227149).\n- wifi: iwlwifi: mvm: disable MLO for the time being (bsc#1227149).\n- wifi: iwlwifi: mvm: disallow puncturing in US/Canada (bsc#1227149).\n- wifi: iwlwifi: mvm: disconnect long CSA only w/o alternative (bsc#1227149).\n- wifi: iwlwifi: mvm: disconnect station vifs if recovery failed (bsc#1227149).\n- wifi: iwlwifi: mvm: do not abort queue sync in CT-kill (bsc#1227149).\n- wifi: iwlwifi: mvm: do not add dummy phy context (bsc#1227149).\n- wifi: iwlwifi: mvm: do not always disable EMLSR due to BT coex (bsc#1227149).\n- wifi: iwlwifi: mvm: do not do duplicate detection for nullfunc packets (bsc#1227149).\n- wifi: iwlwifi: mvm: do not initialize csa_work twice (git-fixes).\n- wifi: iwlwifi: mvm: do not limit VLP/AFC to UATS-enabled (git-fixes).\n- wifi: iwlwifi: mvm: do not read past the mfuart notifcation (git-fixes).\n- wifi: iwlwifi: mvm: do not send BT_COEX_CI command on new devices (bsc#1227149).\n- wifi: iwlwifi: mvm: do not send NDPs for new tx devices (bsc#1227149).\n- wifi: iwlwifi: mvm: do not send STA_DISABLE_TX_CMD for newer firmware (bsc#1227149).\n- wifi: iwlwifi: mvm: do not send the smart fifo command if not needed (bsc#1227149).\n- wifi: iwlwifi: mvm: do not set trigger frame padding in AP mode (bsc#1227149).\n- wifi: iwlwifi: mvm: do not support reduced tx power on ack for new devices (bsc#1227149).\n- wifi: iwlwifi: mvm: do not wake up rx_sync_waitq upon RFKILL (git-fixes).\n- wifi: iwlwifi: mvm: enable FILS DF Tx on non-PSC channel (bsc#1227149).\n- wifi: iwlwifi: mvm: enable HE TX/RX \u0026lt;242 tone RU on new RFs (bsc#1227149).\n- wifi: iwlwifi: mvm: expand queue sync warning messages (bsc#1227149).\n- wifi: iwlwifi: mvm: extend alive timeout to 2 seconds (bsc#1227149).\n- wifi: iwlwifi: mvm: fix ROC version check (bsc#1227149).\n- wifi: iwlwifi: mvm: fix SB CFG check (bsc#1227149).\n- wifi: iwlwifi: mvm: fix a battery life regression (bsc#1227149).\n- wifi: iwlwifi: mvm: fix a crash on 7265 (bsc#1227149).\n- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).\n- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).\n- wifi: iwlwifi: mvm: fix kernel-doc (bsc#1227149).\n- wifi: iwlwifi: mvm: fix link ID management (bsc#1227149).\n- wifi: iwlwifi: mvm: fix recovery flow in CSA (bsc#1227149).\n- wifi: iwlwifi: mvm: fix regdb initialization (bsc#1227149).\n- wifi: iwlwifi: mvm: fix the PHY context resolution for p2p device (bsc#1227149).\n- wifi: iwlwifi: mvm: fix the TXF mapping for BZ devices (bsc#1227149).\n- wifi: iwlwifi: mvm: fix the key PN index (bsc#1227149).\n- wifi: iwlwifi: mvm: fix thermal kernel-doc (bsc#1227149).\n- wifi: iwlwifi: mvm: fold the ref++ into iwl_mvm_phy_ctxt_add (bsc#1227149).\n- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).\n- wifi: iwlwifi: mvm: handle BA session teardown in RF-kill (stable-fixes).\n- wifi: iwlwifi: mvm: handle debugfs names more carefully (bsc#1227149).\n- wifi: iwlwifi: mvm: handle link-STA allocation in restart (bsc#1227149).\n- wifi: iwlwifi: mvm: implement ROC version 3 (bsc#1227149).\n- wifi: iwlwifi: mvm: implement new firmware API for statistics (bsc#1227149).\n- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).\n- wifi: iwlwifi: mvm: increase session protection after CSA (bsc#1227149).\n- wifi: iwlwifi: mvm: init vif works only once (git-fixes).\n- wifi: iwlwifi: mvm: introduce PHY_CONTEXT_CMD_API_VER_5 (bsc#1227149).\n- wifi: iwlwifi: mvm: introduce esr_disable_reason (bsc#1227149).\n- wifi: iwlwifi: mvm: iterate active links for STA queues (bsc#1227149).\n- wifi: iwlwifi: mvm: limit EHT 320 MHz MCS for STEP URM (bsc#1227149).\n- wifi: iwlwifi: mvm: limit pseudo-D3 to 60 seconds (bsc#1227149).\n- wifi: iwlwifi: mvm: log dropped frames (bsc#1227149).\n- wifi: iwlwifi: mvm: log dropped packets due to MIC error (bsc#1227149).\n- wifi: iwlwifi: mvm: make \"pldr_sync\" mode effective (bsc#1227149).\n- wifi: iwlwifi: mvm: make functions public (bsc#1227149).\n- wifi: iwlwifi: mvm: make pldr_sync AX210 specific (bsc#1227149).\n- wifi: iwlwifi: mvm: move BA notif messages before action (bsc#1227149).\n- wifi: iwlwifi: mvm: move RU alloc B2 placement (bsc#1227149).\n- wifi: iwlwifi: mvm: move listen interval to constants (bsc#1227149).\n- wifi: iwlwifi: mvm: offload IGTK in AP if BIGTK is supported (bsc#1227149).\n- wifi: iwlwifi: mvm: partially support PHY context version 6 (bsc#1227149).\n- wifi: iwlwifi: mvm: pick the version of SESSION_PROTECTION_NOTIF (bsc#1227149).\n- wifi: iwlwifi: mvm: properly set 6 GHz channel direct probe option (stable-fixes).\n- wifi: iwlwifi: mvm: reduce maximum RX A-MPDU size (bsc#1227149).\n- wifi: iwlwifi: mvm: refactor TX rate handling (bsc#1227149).\n- wifi: iwlwifi: mvm: refactor duplicate chanctx condition (bsc#1227149).\n- wifi: iwlwifi: mvm: remove EHT code from mac80211.c (bsc#1227149).\n- wifi: iwlwifi: mvm: remove IWL_MVM_STATUS_NEED_FLUSH_P2P (bsc#1227149).\n- wifi: iwlwifi: mvm: remove flags for enable/disable beacon filter (bsc#1227149).\n- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).\n- wifi: iwlwifi: mvm: remove one queue sync on BA session stop (bsc#1227149).\n- wifi: iwlwifi: mvm: remove set_tim callback for MLD ops (bsc#1227149).\n- wifi: iwlwifi: mvm: remove stale STA link data during restart (stable-fixes).\n- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).\n- wifi: iwlwifi: mvm: revert gen2 TX A-MPDU size to 64 (git-fixes).\n- wifi: iwlwifi: mvm: rework debugfs handling (bsc#1227149).\n- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).\n- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).\n- wifi: iwlwifi: mvm: set properly mac header (git-fixes).\n- wifi: iwlwifi: mvm: show dump even for pldr_sync (bsc#1227149).\n- wifi: iwlwifi: mvm: show skb_mac_gso_segment() failure reason (bsc#1227149).\n- wifi: iwlwifi: mvm: simplify the reorder buffer (bsc#1227149).\n- wifi: iwlwifi: mvm: skip adding debugfs symlink for reconfig (bsc#1227149).\n- wifi: iwlwifi: mvm: support CSA with MLD (bsc#1227149).\n- wifi: iwlwifi: mvm: support SPP A-MSDUs (bsc#1227149).\n- wifi: iwlwifi: mvm: support flush on AP interfaces (bsc#1227149).\n- wifi: iwlwifi: mvm: support injection antenna control (bsc#1227149).\n- wifi: iwlwifi: mvm: support iwl_dev_tx_power_cmd_v8 (bsc#1227149).\n- wifi: iwlwifi: mvm: support set_antenna() (bsc#1227149).\n- wifi: iwlwifi: mvm: unlock mvm if there is no primary link (bsc#1227149).\n- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).\n- wifi: iwlwifi: mvm: use fast balance scan in case of an active P2P GO (bsc#1227149).\n- wifi: iwlwifi: mvm: use the new command to clear the internal buffer (bsc#1227149).\n- wifi: iwlwifi: mvm: work around A-MSDU size problem (bsc#1227149).\n- wifi: iwlwifi: no power save during transition to D3 (bsc#1227149).\n- wifi: iwlwifi: nvm-parse: advertise common packet padding (bsc#1227149).\n- wifi: iwlwifi: nvm: parse the VLP/AFC bit from regulatory (bsc#1227149).\n- wifi: iwlwifi: pcie: (re-)assign BAR0 on driver bind (bsc#1227149).\n- wifi: iwlwifi: pcie: Add new PCI device id and CNVI (bsc#1227149).\n- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).\n- wifi: iwlwifi: pcie: clean up WFPM control bits (bsc#1227149).\n- wifi: iwlwifi: pcie: clean up device removal work (bsc#1227149).\n- wifi: iwlwifi: pcie: clean up gen1/gen2 TFD unmap (bsc#1227149).\n- wifi: iwlwifi: pcie: do not allow hw-rfkill to stop device on gen2 (bsc#1227149).\n- wifi: iwlwifi: pcie: dump CSRs before removal (bsc#1227149).\n- wifi: iwlwifi: pcie: enable TOP fatal error interrupt (bsc#1227149).\n- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).\n- wifi: iwlwifi: pcie: fix kernel-doc issues (bsc#1227149).\n- wifi: iwlwifi: pcie: get_crf_id() can be void (bsc#1227149).\n- wifi: iwlwifi: pcie: give up mem read if HW is dead (bsc#1227149).\n- wifi: iwlwifi: pcie: move gen1 TB handling to header (bsc#1227149).\n- wifi: iwlwifi: pcie: point invalid TFDs to invalid data (bsc#1227149).\n- wifi: iwlwifi: pcie: propagate iwl_pcie_gen2_apm_init() error (bsc#1227149).\n- wifi: iwlwifi: pcie: rescan bus if no parent (bsc#1227149).\n- wifi: iwlwifi: prepare for reading DSM from UEFI (bsc#1227149).\n- wifi: iwlwifi: prepare for reading PPAG table from UEFI (bsc#1227149).\n- wifi: iwlwifi: prepare for reading SAR tables from UEFI (bsc#1227149).\n- wifi: iwlwifi: prepare for reading SPLC from UEFI (bsc#1227149).\n- wifi: iwlwifi: prepare for reading TAS table from UEFI (bsc#1227149).\n- wifi: iwlwifi: properly check if link is active (bsc#1227149).\n- wifi: iwlwifi: properly set WIPHY_FLAG_SUPPORTS_EXT_KEK_KCK (stable-fixes).\n- wifi: iwlwifi: queue: fix kernel-doc (bsc#1227149).\n- wifi: iwlwifi: queue: improve warning for no skb in reclaim (bsc#1227149).\n- wifi: iwlwifi: queue: move iwl_txq_gen2_set_tb() up (bsc#1227149).\n- wifi: iwlwifi: read DSM func 2 for specific RF types (bsc#1227149).\n- wifi: iwlwifi: read DSM functions from UEFI (bsc#1227149).\n- wifi: iwlwifi: read ECKV table from UEFI (bsc#1227149).\n- wifi: iwlwifi: read PPAG table from UEFI (bsc#1227149).\n- wifi: iwlwifi: read SAR tables from UEFI (bsc#1227149).\n- wifi: iwlwifi: read SPLC from UEFI (bsc#1227149).\n- wifi: iwlwifi: read WRDD table from UEFI (bsc#1227149).\n- wifi: iwlwifi: read WTAS table from UEFI (bsc#1227149).\n- wifi: iwlwifi: read mac step from aux register (bsc#1227149).\n- wifi: iwlwifi: read txq-\u003eread_ptr under lock (stable-fixes).\n- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).\n- wifi: iwlwifi: refactor RX tracing (bsc#1227149).\n- wifi: iwlwifi: remove \u0027def_rx_queue\u0027 struct member (bsc#1227149).\n- wifi: iwlwifi: remove Gl A-step remnants (bsc#1227149).\n- wifi: iwlwifi: remove WARN from read_mem32() (bsc#1227149).\n- wifi: iwlwifi: remove async command callback (bsc#1227149).\n- wifi: iwlwifi: remove dead-code (bsc#1227149).\n- wifi: iwlwifi: remove extra kernel-doc (bsc#1227149).\n- wifi: iwlwifi: remove memory check for LMAC error address (bsc#1227149).\n- wifi: iwlwifi: remove retry loops in start (bsc#1227149).\n- wifi: iwlwifi: remove unused function prototype (bsc#1227149).\n- wifi: iwlwifi: replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: iwlwifi: return negative -EINVAL instead of positive EINVAL (bsc#1227149).\n- wifi: iwlwifi: rfi: use a single DSM function for all RFI configurations (bsc#1227149).\n- wifi: iwlwifi: send EDT table to FW (bsc#1227149).\n- wifi: iwlwifi: separate TAS \u0027read-from-BIOS\u0027 and \u0027send-to-FW\u0027 flows (bsc#1227149).\n- wifi: iwlwifi: simplify getting DSM from ACPI (bsc#1227149).\n- wifi: iwlwifi: skip affinity setting on non-SMP (bsc#1227149).\n- wifi: iwlwifi: skip opmode start retries on dead transport (bsc#1227149).\n- wifi: iwlwifi: small cleanups in PPAG table flows (bsc#1227149).\n- wifi: iwlwifi: support link command version 2 (bsc#1227149).\n- wifi: iwlwifi: support link id in SESSION_PROTECTION_NOTIF (bsc#1227149).\n- wifi: iwlwifi: support link_id in SESSION_PROTECTION cmd (bsc#1227149).\n- wifi: iwlwifi: take SGOM and UATS code out of ACPI ifdef (bsc#1227149).\n- wifi: iwlwifi: take send-DSM-to-FW flows out of ACPI ifdef (bsc#1227149).\n- wifi: iwlwifi: trace full frames with TX status request (bsc#1227149).\n- wifi: iwlwifi: update context info structure definitions (bsc#1227149).\n- wifi: iwlwifi: use system_unbound_wq for debug dump (bsc#1227149).\n- wifi: iwlwifi: validate PPAG table when sent to FW (bsc#1227149).\n- wifi: lib80211: remove unused variables iv32 and iv16 (bsc#1227149).\n- wifi: libertas: Follow renaming of SPI \"master\" to \"controller\" (bsc#1227149).\n- wifi: libertas: add missing calls to cancel_work_sync() (bsc#1227149).\n- wifi: libertas: cleanup SDIO reset (bsc#1227149).\n- wifi: libertas: handle possible spu_write_u16() errors (bsc#1227149).\n- wifi: libertas: prefer kstrtoX() for simple integer conversions (bsc#1227149).\n- wifi: libertas: simplify list operations in free_if_spi_card() (bsc#1227149).\n- wifi: libertas: use convenient lists to manage SDIO packets (bsc#1227149).\n- wifi: mac80211: Add __counted_by for struct ieee802_11_elems and use struct_size() (bsc#1227149).\n- wifi: mac80211: Avoid address calculations via out of bounds array indexing (stable-fixes).\n- wifi: mac80211: Check if we had first beacon with relevant links (bsc#1227149).\n- wifi: mac80211: Do not force off-channel for management Tx with MLO (bsc#1227149).\n- wifi: mac80211: Do not include crypto/algapi.h (bsc#1227149).\n- wifi: mac80211: Extend support for scanning while MLO connected (bsc#1227149).\n- wifi: mac80211: Fix SMPS handling in the context of MLO (bsc#1227149).\n- wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() (git-fixes).\n- wifi: mac80211: Notify the low level driver on change in MLO valid links (bsc#1227149).\n- wifi: mac80211: Print local link address during authentication (bsc#1227149).\n- wifi: mac80211: Recalc offload when monitor stop (git-fixes).\n- wifi: mac80211: Remove unused function declarations (bsc#1227149).\n- wifi: mac80211: Rename and update IEEE80211_VIF_DISABLE_SMPS_OVERRIDE (bsc#1227149).\n- wifi: mac80211: Replace ENOTSUPP with EOPNOTSUPP (bsc#1227149).\n- wifi: mac80211: Sanity check tx bitrate if not provided by driver (bsc#1227149).\n- wifi: mac80211: Schedule regulatory channels check on bandwith change (bsc#1227149).\n- wifi: mac80211: Skip association timeout update after comeback rejection (bsc#1227149).\n- wifi: mac80211: add a driver callback to add vif debugfs (bsc#1227149).\n- wifi: mac80211: add a driver callback to check active_links (bsc#1227149).\n- wifi: mac80211: add a flag to disallow puncturing (bsc#1227149).\n- wifi: mac80211: add back SPDX identifier (bsc#1227149).\n- wifi: mac80211: add ieee80211_tdls_sta_link_id() (stable-fixes).\n- wifi: mac80211: add link id to ieee80211_gtk_rekey_add() (bsc#1227149).\n- wifi: mac80211: add link id to mgd_prepare_tx() (bsc#1227149).\n- wifi: mac80211: add more ops assertions (bsc#1227149).\n- wifi: mac80211: add more warnings about inserting sta info (bsc#1227149).\n- wifi: mac80211: add support for SPP A-MSDUs (bsc#1227149).\n- wifi: mac80211: add support for mld in ieee80211_chswitch_done (bsc#1227149).\n- wifi: mac80211: add support for parsing TID to Link mapping element (bsc#1227149).\n- wifi: mac80211: add/remove driver debugfs entries as appropriate (bsc#1227149).\n- wifi: mac80211: additions to change_beacon() (bsc#1227149).\n- wifi: mac80211: address some kerneldoc warnings (bsc#1227149).\n- wifi: mac80211: allow 64-bit radiotap timestamps (bsc#1227149).\n- wifi: mac80211: allow for_each_sta_active_link() under RCU (bsc#1227149).\n- wifi: mac80211: apply mcast rate only if interface is up (stable-fixes).\n- wifi: mac80211: cancel multi-link reconf work on disconnect (git-fixes).\n- wifi: mac80211: chanctx emulation set CHANGE_CHANNEL when in_reconfig (git-fixes).\n- wifi: mac80211: check EHT/TTLM action frame length (bsc#1227149).\n- wifi: mac80211: check wiphy mutex in ops (bsc#1227149).\n- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).\n- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).\n- wifi: mac80211: cleanup airtime arithmetic with ieee80211_sta_keep_active() (bsc#1227149).\n- wifi: mac80211: cleanup auth_data only if association continues (bsc#1227149).\n- wifi: mac80211: convert A-MPDU work to wiphy work (bsc#1227149).\n- wifi: mac80211: correctly parse Spatial Reuse Parameter Set element (git-fixes).\n- wifi: mac80211: correctly set active links upon TTLM (bsc#1227149).\n- wifi: mac80211: correcty limit wider BW TDLS STAs (git-fixes).\n- wifi: mac80211: debugfs: lock wiphy instead of RTNL (bsc#1227149).\n- wifi: mac80211: describe return values in kernel-doc (bsc#1227149).\n- wifi: mac80211: disable softirqs for queued frame handling (git-fixes).\n- wifi: mac80211: do not connect to an AP while it\u0027s in a CSA process (bsc#1227149).\n- wifi: mac80211: do not re-add debugfs entries during resume (bsc#1227149).\n- wifi: mac80211: do not select link ID if not provided in scan request (bsc#1227149).\n- wifi: mac80211: do not set ESS capab bit in assoc request (bsc#1227149).\n- wifi: mac80211: do not use rate mask for scanning (stable-fixes).\n- wifi: mac80211: drop robust action frames before assoc (bsc#1227149).\n- wifi: mac80211: drop spurious WARN_ON() in ieee80211_ibss_csa_beacon() (bsc#1227149).\n- wifi: mac80211: ensure beacon is non-S1G prior to extracting the beacon timestamp field (stable-fixes).\n- wifi: mac80211: ethtool: always hold wiphy mutex (bsc#1227149).\n- wifi: mac80211: ethtool: hold wiphy mutex (bsc#1227149).\n- wifi: mac80211: expand __ieee80211_data_to_8023() status (bsc#1227149).\n- wifi: mac80211: extend wiphy lock in interface removal (bsc#1227149).\n- wifi: mac80211: fix BA session teardown race (bsc#1227149).\n- wifi: mac80211: fix BSS_CHANGED_UNSOL_BCAST_PROBE_RESP (bsc#1227149).\n- wifi: mac80211: fix SMPS status handling (bsc#1227149).\n- wifi: mac80211: fix TXQ error path and cleanup (bsc#1227149).\n- wifi: mac80211: fix UBSAN noise in ieee80211_prep_hw_scan() (stable-fixes).\n- wifi: mac80211: fix a expired vs. cancel race in roc (bsc#1227149).\n- wifi: mac80211: fix advertised TTLM scheduling (bsc#1227149).\n- wifi: mac80211: fix another key installation error path (bsc#1227149).\n- wifi: mac80211: fix change_address deadlock during unregister (bsc#1227149).\n- wifi: mac80211: fix channel switch link data (bsc#1227149).\n- wifi: mac80211: fix driver debugfs for vif type change (bsc#1227149).\n- wifi: mac80211: fix error path key leak (bsc#1227149).\n- wifi: mac80211: fix header kernel-doc typos (bsc#1227149).\n- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).\n- wifi: mac80211: fix ieee80211_drop_unencrypted_mgmt return type/value (bsc#1227149).\n- wifi: mac80211: fix monitor channel with chanctx emulation (bsc#1227149).\n- wifi: mac80211: fix potential key leak (bsc#1227149).\n- wifi: mac80211: fix prep_connection error path (stable-fixes).\n- wifi: mac80211: fix spelling typo in comment (bsc#1227149).\n- wifi: mac80211: fix unaligned le16 access (git-fixes).\n- wifi: mac80211: fix unsolicited broadcast probe config (bsc#1227149).\n- wifi: mac80211: fix various kernel-doc issues (bsc#1227149).\n- wifi: mac80211: fixes in FILS discovery updates (bsc#1227149).\n- wifi: mac80211: flush STA queues on unauthorization (bsc#1227149).\n- wifi: mac80211: flush wiphy work where appropriate (bsc#1227149).\n- wifi: mac80211: handle debugfs when switching to/from MLO (bsc#1227149).\n- wifi: mac80211: handle tasklet frames before stopping (stable-fixes).\n- wifi: mac80211: hold wiphy lock in netdev/link debugfs (bsc#1227149).\n- wifi: mac80211: hold wiphy_lock around concurrency checks (bsc#1227149).\n- wifi: mac80211: improve CSA/ECSA connection refusal (bsc#1227149).\n- wifi: mac80211: initialize SMPS mode correctly (bsc#1227149).\n- wifi: mac80211: lock wiphy for aggregation debugfs (bsc#1227149).\n- wifi: mac80211: lock wiphy in IP address notifier (bsc#1227149).\n- wifi: mac80211: make mgd_protect_tdls_discover MLO-aware (bsc#1227149).\n- wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects (git-fixes).\n- wifi: mac80211: mesh: Remove unused function declaration mesh_ids_set_default() (bsc#1227149).\n- wifi: mac80211: mesh: fix some kdoc warnings (bsc#1227149).\n- wifi: mac80211: mesh: init nonpeer_pm to active by default in mesh sdata (stable-fixes).\n- wifi: mac80211: move CSA finalize to wiphy work (bsc#1227149).\n- wifi: mac80211: move DFS CAC work to wiphy work (bsc#1227149).\n- wifi: mac80211: move TDLS work to wiphy work (bsc#1227149).\n- wifi: mac80211: move color change finalize to wiphy work (bsc#1227149).\n- wifi: mac80211: move dynamic PS to wiphy work (bsc#1227149).\n- wifi: mac80211: move filter reconfig to wiphy work (bsc#1227149).\n- wifi: mac80211: move key tailroom work to wiphy work (bsc#1227149).\n- wifi: mac80211: move link activation work to wiphy work (bsc#1227149).\n- wifi: mac80211: move monitor work to wiphy work (bsc#1227149).\n- wifi: mac80211: move tspec work to wiphy work (bsc#1227149).\n- wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-fixes).\n- wifi: mac80211: process and save negotiated TID to Link mapping request (bsc#1227149).\n- wifi: mac80211: purge TX queues in flush_queues flow (bsc#1227149).\n- wifi: mac80211: reduce iflist_mtx (bsc#1227149).\n- wifi: mac80211: reject MLO channel configuration if not supported (bsc#1227149).\n- wifi: mac80211: relax RCU check in for_each_vif_active_link() (bsc#1227149).\n- wifi: mac80211: remove RX_DROP_UNUSABLE (bsc#1227149).\n- wifi: mac80211: remove ampdu_mlme.mtx (bsc#1227149).\n- wifi: mac80211: remove chanctx_mtx (bsc#1227149).\n- wifi: mac80211: remove key_mtx (bsc#1227149).\n- wifi: mac80211: remove link before AP (git-fixes).\n- wifi: mac80211: remove local-\u003emtx (bsc#1227149).\n- wifi: mac80211: remove redundant ML element check (bsc#1227149).\n- wifi: mac80211: remove shifted rate support (bsc#1227149).\n- wifi: mac80211: remove sta_mtx (bsc#1227149).\n- wifi: mac80211: remove unnecessary struct forward declaration (bsc#1227149).\n- wifi: mac80211: rename ieee80211_tx_status() to ieee80211_tx_status_skb() (bsc#1227149).\n- wifi: mac80211: rename struct cfg80211_rx_assoc_resp to cfg80211_rx_assoc_resp_data (bsc#1227149).\n- wifi: mac80211: report per-link error during association (bsc#1227149).\n- wifi: mac80211: reset negotiated TTLM on disconnect (git-fixes).\n- wifi: mac80211: rework RX timestamp flags (bsc#1227149).\n- wifi: mac80211: rework ack_frame_id handling a bit (bsc#1227149).\n- wifi: mac80211: rx.c: fix sentence grammar (bsc#1227149).\n- wifi: mac80211: set wiphy for virtual monitors (bsc#1227149).\n- wifi: mac80211: simplify non-chanctx drivers (bsc#1227149).\n- wifi: mac80211: split ieee80211_drop_unencrypted_mgmt() return value (bsc#1227149).\n- wifi: mac80211: sta_info.c: fix sentence grammar (bsc#1227149).\n- wifi: mac80211: support antenna control in injection (bsc#1227149).\n- wifi: mac80211: support handling of advertised TID-to-link mapping (bsc#1227149).\n- wifi: mac80211: take MBSSID/EHT data also from probe resp (bsc#1227149).\n- wifi: mac80211: take wiphy lock for MAC addr change (bsc#1227149).\n- wifi: mac80211: tx: clarify conditions in if statement (bsc#1227149).\n- wifi: mac80211: update beacon counters per link basis (bsc#1227149).\n- wifi: mac80211: update some locking documentation (bsc#1227149).\n- wifi: mac80211: update the rx_chains after set_antenna() (bsc#1227149).\n- wifi: mac80211: use bandwidth indication element for CSA (bsc#1227149).\n- wifi: mac80211: use deflink and fix typo in link ID check (bsc#1227149).\n- wifi: mac80211: use wiphy locked debugfs for sdata/link (bsc#1227149).\n- wifi: mac80211: use wiphy locked debugfs helpers for agg_status (bsc#1227149).\n- wifi: mac80211_hwsim: init peer measurement result (git-fixes).\n- wifi: mt7601u: delete dead code checking debugfs returns (bsc#1227149).\n- wifi: mt7601u: replace strlcpy() with strscpy() (bsc#1227149).\n- wifi: mt76: Annotate struct mt76_rx_tid with __counted_by (bsc#1227149).\n- wifi: mt76: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: mt76: Remove redundant assignment to variable tidno (bsc#1227149).\n- wifi: mt76: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: mt76: Replace strlcpy() with strscpy() (bsc#1227149).\n- wifi: mt76: Use PTR_ERR_OR_ZERO() to simplify code (bsc#1227149).\n- wifi: mt76: add DMA mapping error check in mt76_alloc_txwi() (bsc#1227149).\n- wifi: mt76: add ability to explicitly forbid LED registration with DT (bsc#1227149).\n- wifi: mt76: add support for providing eeprom in nvmem cells (bsc#1227149).\n- wifi: mt76: add tx_nss histogram to ethtool stats (bsc#1227149).\n- wifi: mt76: change txpower init to per-phy (bsc#1227149).\n- wifi: mt76: check sta rx control frame to multibss capability (bsc#1227149).\n- wifi: mt76: check txs format before getting skb by pid (bsc#1227149).\n- wifi: mt76: check vif type before reporting cca and csa (bsc#1227149).\n- wifi: mt76: connac: add MBSSID support for mt7996 (bsc#1227149).\n- wifi: mt76: connac: add beacon duplicate TX mode support for mt7996 (bsc#1227149).\n- wifi: mt76: connac: add beacon protection support for mt7996 (bsc#1227149).\n- wifi: mt76: connac: add connac3 mac library (bsc#1227149).\n- wifi: mt76: connac: add data field in struct tlv (bsc#1227149).\n- wifi: mt76: connac: add eht support for phy mode config (bsc#1227149).\n- wifi: mt76: connac: add eht support for tx power (bsc#1227149).\n- wifi: mt76: connac: add firmware support for mt7992 (bsc#1227149).\n- wifi: mt76: connac: add more unified command IDs (bsc#1227149).\n- wifi: mt76: connac: add more unified event IDs (bsc#1227149).\n- wifi: mt76: connac: add new definition of tx descriptor (bsc#1227149).\n- wifi: mt76: connac: add support for dsp firmware download (bsc#1227149).\n- wifi: mt76: connac: add support to set ifs time by mcu command (bsc#1227149).\n- wifi: mt76: connac: add thermal protection support for mt7996 (bsc#1227149).\n- wifi: mt76: connac: check for null before dereferencing (bsc#1227149).\n- wifi: mt76: connac: export functions for mt7925 (bsc#1227149).\n- wifi: mt76: connac: introduce helper for mt7925 chipset (bsc#1227149).\n- wifi: mt76: connac: set correct muar_idx for mt799x chipsets (bsc#1227149).\n- wifi: mt76: connac: set fixed_bw bit in TX descriptor for fixed rate frames (bsc#1227149).\n- wifi: mt76: connac: use muar idx 0xe for non-mt799x as well (bsc#1227149).\n- wifi: mt76: disable HW AMSDU when using fixed rate (bsc#1227149).\n- wifi: mt76: dma: introduce __mt76_dma_queue_reset utility routine (bsc#1227149).\n- wifi: mt76: enable UNII-4 channel 177 support (bsc#1227149).\n- wifi: mt76: fix race condition related to checking tx queue fill status (bsc#1227149).\n- wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177 (bsc#1227149).\n- wifi: mt76: fix typo in mt76_get_of_eeprom_from_nvmem function (bsc#1227149).\n- wifi: mt76: increase MT_QFLAG_WED_TYPE size (bsc#1227149).\n- wifi: mt76: introduce mt76_queue_is_wed_tx_free utility routine (bsc#1227149).\n- wifi: mt76: introduce wed pointer in mt76_queue (bsc#1227149).\n- wifi: mt76: limit support of precal loading for mt7915 to MTD only (bsc#1227149).\n- wifi: mt76: make mt76_get_of_eeprom static again (bsc#1227149).\n- wifi: mt76: mmio: move mt76_mmio_wed_{init,release}_rx_buf in common code (bsc#1227149).\n- wifi: mt76: move ampdu_state in mt76_wcid (bsc#1227149).\n- wifi: mt76: move mt76_mmio_wed_offload_{enable,disable} in common code (bsc#1227149).\n- wifi: mt76: move mt76_net_setup_tc in common code (bsc#1227149).\n- wifi: mt76: move rate info in mt76_vif (bsc#1227149).\n- wifi: mt76: move wed reset common code in mt76 module (bsc#1227149).\n- wifi: mt76: mt7603: add missing register initialization for MT7628 (bsc#1227149).\n- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).\n- wifi: mt76: mt7603: disable A-MSDU tx support on MT7628 (bsc#1227149).\n- wifi: mt76: mt7603: fix beacon interval after disabling a single vif (bsc#1227149).\n- wifi: mt76: mt7603: fix tx filter/flush function (bsc#1227149).\n- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).\n- wifi: mt76: mt7603: rely on shared poll_list field (bsc#1227149).\n- wifi: mt76: mt7603: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).\n- wifi: mt76: mt7615: add missing chanctx ops (bsc#1227149).\n- wifi: mt76: mt7615: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).\n- wifi: mt76: mt7615: rely on shared poll_list field (bsc#1227149).\n- wifi: mt76: mt7615: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).\n- wifi: mt76: mt76_connac3: move lmac queue enumeration in mt76_connac3_mac.h (bsc#1227149).\n- wifi: mt76: mt76x02: fix return value check in mt76x02_mac_process_rx (bsc#1227149).\n- wifi: mt76: mt76x2u: add netgear wdna3100v3 to device table (bsc#1227149).\n- wifi: mt76: mt7915 add tc offloading support (bsc#1227149).\n- wifi: mt76: mt7915: accumulate mu-mimo ofdma muru stats (bsc#1227149).\n- wifi: mt76: mt7915: add locking for accessing mapped registers (bsc#1227149).\n- wifi: mt76: mt7915: add missing chanctx ops (bsc#1227149).\n- wifi: mt76: mt7915: add support for MT7981 (bsc#1227149).\n- wifi: mt76: mt7915: also MT7981 is 3T3R but nss2 on 5 GHz band (bsc#1227149).\n- wifi: mt76: mt7915: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).\n- wifi: mt76: mt7915: drop return in mt7915_sta_statistics (bsc#1227149).\n- wifi: mt76: mt7915: fix EEPROM offset of TSSI flag on MT7981 (bsc#1227149).\n- wifi: mt76: mt7915: fix error recovery with WED enabled (bsc#1227149).\n- wifi: mt76: mt7915: fix monitor mode issues (bsc#1227149).\n- wifi: mt76: mt7915: move mib_stats structure in mt76.h (bsc#1227149).\n- wifi: mt76: mt7915: move poll_list in mt76_wcid (bsc#1227149).\n- wifi: mt76: mt7915: move sta_poll_list and sta_poll_lock in mt76_dev (bsc#1227149).\n- wifi: mt76: mt7915: report tx retries/failed counts for non-WED path (bsc#1227149).\n- wifi: mt76: mt7915: update mpdu density capability (bsc#1227149).\n- wifi: mt76: mt7915: update mt798x_wmac_adie_patch_7976 (bsc#1227149).\n- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).\n- wifi: mt76: mt7921: Support temp sensor (bsc#1227149).\n- wifi: mt76: mt7921: add 6GHz power type support for clc (bsc#1227149).\n- wifi: mt76: mt7921: convert acpisar and clc pointers to void (bsc#1227149).\n- wifi: mt76: mt7921: enable set txpower for UNII-4 (bsc#1227149).\n- wifi: mt76: mt7921: fix 6GHz disabled by the missing default CLC config (bsc#1227149).\n- wifi: mt76: mt7921: fix CLC command timeout when suspend/resume (bsc#1227149).\n- wifi: mt76: mt7921: fix a potential association failure upon resuming (bsc#1227149).\n- wifi: mt76: mt7921: fix kernel panic by accessing invalid 6GHz channel info (bsc#1227149).\n- wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform (bsc#1227149).\n- wifi: mt76: mt7921: fix the unfinished command of regd_notifier before suspend (bsc#1227149).\n- wifi: mt76: mt7921: fix wrong 6Ghz power type (bsc#1227149).\n- wifi: mt76: mt7921: get regulatory information from the clc event (bsc#1227149).\n- wifi: mt76: mt7921: get rid of MT7921_RESET_TIMEOUT marco (bsc#1227149).\n- wifi: mt76: mt7921: make mt7921_mac_sta_poll static (bsc#1227149).\n- wifi: mt76: mt7921: move acpi_sar code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move common register definition in mt792x_regs.h (bsc#1227149).\n- wifi: mt76: mt7921: move connac nic capability handling to mt7921 (bsc#1227149).\n- wifi: mt76: mt7921: move debugfs shared code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move dma shared code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move hif_ops macro in mt792x.h (bsc#1227149).\n- wifi: mt76: mt7921: move init shared code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move mac shared code in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt7921: move mt7921_dma_init in pci.c (bsc#1227149).\n- wifi: mt76: mt7921: move mt7921u_disconnect mt792x-lib (bsc#1227149).\n- wifi: mt76: mt7921: move mt792x_hw_dev in mt792x.h (bsc#1227149).\n- wifi: mt76: mt7921: move mt792x_mutex_{acquire/release} in mt792x.h (bsc#1227149).\n- wifi: mt76: mt7921: move runtime-pm pci code in mt792x-lib (bsc#1227149).\n- wifi: mt76: mt7921: move shared runtime-pm code on mt792x-lib (bsc#1227149).\n- wifi: mt76: mt7921: reduce the size of MCU firmware download Rx queue (bsc#1227149).\n- wifi: mt76: mt7921: rely on mib_stats shared definition (bsc#1227149).\n- wifi: mt76: mt7921: rely on shared poll_list field (bsc#1227149).\n- wifi: mt76: mt7921: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).\n- wifi: mt76: mt7921: remove macro duplication in regs.h (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_dev in mt792x_dev (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_hif_ops in mt792x_hif_ops (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_phy in mt792x_phy (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_sta in mt792x_sta (bsc#1227149).\n- wifi: mt76: mt7921: rename mt7921_vif in mt792x_vif (bsc#1227149).\n- wifi: mt76: mt7921: support 5.9/6GHz channel config in acpi (bsc#1227149).\n- wifi: mt76: mt7921: update the channel usage when the regd domain changed (bsc#1227149).\n- wifi: mt76: mt7921e: report tx retries/failed counts in tx free event (bsc#1227149).\n- wifi: mt76: mt7921s: fix potential hung tasks during chip recovery (stable-fixes).\n- wifi: mt76: mt7925: add Mediatek Wi-Fi7 driver for mt7925 chips (bsc#1227149).\n- wifi: mt76: mt7925: add flow to avoid chip bt function fail (bsc#1227149).\n- wifi: mt76: mt7925: add support to set ifs time by mcu command (bsc#1227149).\n- wifi: mt76: mt7925: ensure 4-byte alignment for suspend \u0026 wow command (bsc#1227149).\n- wifi: mt76: mt7925: fix SAP no beacon issue in 5Ghz and 6Ghz band (bsc#1227149).\n- wifi: mt76: mt7925: fix WoW failed in encrypted mode (bsc#1227149).\n- wifi: mt76: mt7925: fix connect to 80211b mode fail in 2Ghz band (bsc#1227149).\n- wifi: mt76: mt7925: fix fw download fail (bsc#1227149).\n- wifi: mt76: mt7925: fix mcu query command fail (bsc#1227149).\n- wifi: mt76: mt7925: fix the wrong data type for scan command (bsc#1227149).\n- wifi: mt76: mt7925: fix the wrong header translation config (bsc#1227149).\n- wifi: mt76: mt7925: fix typo in mt7925_init_he_caps (bsc#1227149).\n- wifi: mt76: mt7925: fix wmm queue mapping (bsc#1227149).\n- wifi: mt76: mt7925: remove iftype from mt7925_init_eht_caps signature (bsc#1227149).\n- wifi: mt76: mt7925: support temperature sensor (bsc#1227149).\n- wifi: mt76: mt7925: update PCIe DMA settings (bsc#1227149).\n- wifi: mt76: mt7925e: fix use-after-free in free_irq() (bsc#1227149).\n- wifi: mt76: mt792x: add the illegal value check for mtcl table of acpi (bsc#1227149).\n- wifi: mt76: mt792x: fix ethtool warning (bsc#1227149).\n- wifi: mt76: mt792x: introduce mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt792x: introduce mt792x-usb module (bsc#1227149).\n- wifi: mt76: mt792x: introduce mt792x_irq_map (bsc#1227149).\n- wifi: mt76: mt792x: move MT7921_PM_TIMEOUT and MT7921_HW_SCAN_TIMEOUT in common code (bsc#1227149).\n- wifi: mt76: mt792x: move more dma shared code in mt792x_dma (bsc#1227149).\n- wifi: mt76: mt792x: move mt7921_load_firmware in mt792x-lib module (bsc#1227149).\n- wifi: mt76: mt792x: move mt7921_skb_add_usb_sdio_hdr in mt792x module (bsc#1227149).\n- wifi: mt76: mt792x: move shared structure definition in mt792x.h (bsc#1227149).\n- wifi: mt76: mt792x: move some common usb code in mt792x module (bsc#1227149).\n- wifi: mt76: mt792x: support mt7925 chip init (bsc#1227149).\n- wifi: mt76: mt792x: update the country list of EU for ACPI SAR (bsc#1227149).\n- wifi: mt76: mt792xu: enable dmashdl support (bsc#1227149).\n- wifi: mt76: mt7996: Add mcu commands for getting sta tx statistic (bsc#1227149).\n- wifi: mt76: mt7996: Use DECLARE_FLEX_ARRAY() and fix -Warray-bounds warnings (bsc#1227149).\n- wifi: mt76: mt7996: add DMA support for mt7992 (bsc#1227149).\n- wifi: mt76: mt7996: add TX statistics for EHT mode in debugfs (bsc#1227149).\n- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).\n- wifi: mt76: mt7996: add muru support (bsc#1227149).\n- wifi: mt76: mt7996: add sanity checks for background radar trigger (stable-fixes).\n- wifi: mt76: mt7996: add support for variants with auxiliary RX path (bsc#1227149).\n- wifi: mt76: mt7996: add thermal sensor device support (bsc#1227149).\n- wifi: mt76: mt7996: add txpower setting support (bsc#1227149).\n- wifi: mt76: mt7996: adjust WFDMA settings to improve performance (bsc#1227149).\n- wifi: mt76: mt7996: adjust interface num and wtbl size for mt7992 (bsc#1227149).\n- wifi: mt76: mt7996: align the format of fixed rate command (bsc#1227149).\n- wifi: mt76: mt7996: check txs format before getting skb by pid (bsc#1227149).\n- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).\n- wifi: mt76: mt7996: disable WFDMA Tx/Rx during SER recovery (bsc#1227149).\n- wifi: mt76: mt7996: drop return in mt7996_sta_statistics (bsc#1227149).\n- wifi: mt76: mt7996: enable BSS_CHANGED_MU_GROUPS support (bsc#1227149).\n- wifi: mt76: mt7996: enable PPDU-TxS to host (bsc#1227149).\n- wifi: mt76: mt7996: enable VHT extended NSS BW feature (bsc#1227149).\n- wifi: mt76: mt7996: ensure 4-byte alignment for beacon commands (bsc#1227149).\n- wifi: mt76: mt7996: fix alignment of sta info event (bsc#1227149).\n- wifi: mt76: mt7996: fix fortify warning (bsc#1227149).\n- wifi: mt76: mt7996: fix fw loading timeout (bsc#1227149).\n- wifi: mt76: mt7996: fix mt7996_mcu_all_sta_info_event struct packing (bsc#1227149).\n- wifi: mt76: mt7996: fix potential memory leakage when reading chip temperature (bsc#1227149).\n- wifi: mt76: mt7996: fix size of txpower MCU command (bsc#1227149).\n- wifi: mt76: mt7996: fix uninitialized variable in mt7996_irq_tasklet() (bsc#1227149).\n- wifi: mt76: mt7996: fix uninitialized variable in parsing txfree (bsc#1227149).\n- wifi: mt76: mt7996: get tx_retries and tx_failed from txfree (bsc#1227149).\n- wifi: mt76: mt7996: handle IEEE80211_RC_SMPS_CHANGED (bsc#1227149).\n- wifi: mt76: mt7996: increase tx token size (bsc#1227149).\n- wifi: mt76: mt7996: introduce mt7996_band_valid() (bsc#1227149).\n- wifi: mt76: mt7996: mark GCMP IGTK unsupported (bsc#1227149).\n- wifi: mt76: mt7996: move radio ctrl commands to proper functions (bsc#1227149).\n- wifi: mt76: mt7996: only set vif teardown cmds at remove interface (bsc#1227149).\n- wifi: mt76: mt7996: rely on mib_stats shared definition (bsc#1227149).\n- wifi: mt76: mt7996: rely on shared poll_list field (bsc#1227149).\n- wifi: mt76: mt7996: rely on shared sta_poll_list and sta_poll_lock (bsc#1227149).\n- wifi: mt76: mt7996: remove TXS queue setting (bsc#1227149).\n- wifi: mt76: mt7996: remove periodic MPDU TXS request (bsc#1227149).\n- wifi: mt76: mt7996: rework ampdu params setting (bsc#1227149).\n- wifi: mt76: mt7996: rework register offsets for mt7992 (bsc#1227149).\n- wifi: mt76: mt7996: set DMA mask to 36 bits for boards with more than 4GB of RAM (bsc#1227149).\n- wifi: mt76: mt7996: support more options for mt7996_set_bitrate_mask() (bsc#1227149).\n- wifi: mt76: mt7996: support mt7992 eeprom loading (bsc#1227149).\n- wifi: mt76: mt7996: support per-band LED control (bsc#1227149).\n- wifi: mt76: mt7996: switch to mcu command for TX GI report (bsc#1227149).\n- wifi: mt76: mt7996: use u16 for val field in mt7996_mcu_set_rro signature (bsc#1227149).\n- wifi: mt76: permit to load precal from NVMEM cell for mt7915 (bsc#1227149).\n- wifi: mt76: permit to use alternative cell name to eeprom NVMEM load (bsc#1227149).\n- wifi: mt76: reduce spin_lock_bh held up in mt76_dma_rx_cleanup (bsc#1227149).\n- wifi: mt76: replace skb_put with skb_put_zero (stable-fixes).\n- wifi: mt76: report non-binding skb tx rate when WED is active (bsc#1227149).\n- wifi: mt76: set page_pool napi pointer for mmio devices (bsc#1227149).\n- wifi: mt76: split get_of_eeprom in subfunction (bsc#1227149).\n- wifi: mt76: usb: create a dedicated queue for psd traffic (bsc#1227149).\n- wifi: mt76: usb: store usb endpoint in mt76_queue (bsc#1227149).\n- wifi: mt76: use atomic iface iteration for pre-TBTT work (bsc#1227149).\n- wifi: mt76: use chainmask for power delta calculation (bsc#1227149).\n- wifi: mwifiex: Drop unused headers (bsc#1227149).\n- wifi: mwifiex: Fix interface type change (git-fixes).\n- wifi: mwifiex: Refactor 1-element array into flexible array in struct mwifiex_ie_types_chan_list_param_set (bsc#1227149).\n- wifi: mwifiex: Replace one-element array with flexible-array member in struct mwifiex_ie_types_rxba_sync (bsc#1227149).\n- wifi: mwifiex: Set WIPHY_FLAG_NETNS_OK flag (bsc#1227149).\n- wifi: mwifiex: Use default @max_active for workqueues (bsc#1227149).\n- wifi: mwifiex: Use helpers to check multicast addresses (bsc#1227149).\n- wifi: mwifiex: Use list_count_nodes() (bsc#1227149).\n- wifi: mwifiex: cleanup adapter data (bsc#1227149).\n- wifi: mwifiex: cleanup private data structures (bsc#1227149).\n- wifi: mwifiex: cleanup struct mwifiex_sdio_mpa_rx (bsc#1227149).\n- wifi: mwifiex: drop BUG_ON from TX paths (bsc#1227149).\n- wifi: mwifiex: fix comment typos in SDIO module (bsc#1227149).\n- wifi: mwifiex: followup PCIE and related cleanups (bsc#1227149).\n- wifi: mwifiex: handle possible mwifiex_write_reg() errors (bsc#1227149).\n- wifi: mwifiex: handle possible sscanf() errors (bsc#1227149).\n- wifi: mwifiex: mwifiex_process_sleep_confirm_resp(): remove unused priv variable (bsc#1227149).\n- wifi: mwifiex: prefer strscpy() over strlcpy() (bsc#1227149).\n- wifi: mwifiex: simplify PCIE write operations (bsc#1227149).\n- wifi: mwifiex: use MODULE_FIRMWARE to add firmware files metadata (bsc#1227149).\n- wifi: mwifiex: use cfg80211_ssid_eq() instead of mwifiex_ssid_cmp() (bsc#1227149).\n- wifi: mwifiex: use is_zero_ether_addr() instead of ether_addr_equal() (bsc#1227149).\n- wifi: mwifiex: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).\n- wifi: mwl8k: initialize cmd-\u003eaddr[] properly (git-fixes).\n- wifi: nl80211: Avoid address calculations via out of bounds array indexing (git-fixes).\n- wifi: nl80211: Extend del pmksa support for SAE and OWE security (bsc#1227149).\n- wifi: nl80211: Remove unused declaration nl80211_pmsr_dump_results() (bsc#1227149).\n- wifi: nl80211: additions to NL80211_CMD_SET_BEACON (bsc#1227149).\n- wifi: nl80211: allow reporting wakeup for unprot deauth/disassoc (bsc#1227149).\n- wifi: nl80211: do not free NULL coalescing rule (git-fixes).\n- wifi: nl80211: fixes to FILS discovery updates (bsc#1227149).\n- wifi: nl80211: refactor nl80211_send_mlme_event() arguments (bsc#1227149).\n- wifi: p54: Add missing MODULE_FIRMWARE macro (bsc#1227149).\n- wifi: p54: Annotate struct p54_cal_database with __counted_by (bsc#1227149).\n- wifi: p54: fix GCC format truncation warning with wiphy-\u003efw_version (bsc#1227149).\n- wifi: plfxlc: Drop unused include (bsc#1227149).\n- wifi: radiotap: add bandwidth definition of EHT U-SIG (bsc#1227149).\n- wifi: remove unused argument of ieee80211_get_tdls_action() (bsc#1227149).\n- wifi: rsi: fix restricted __le32 degrades to integer sparse warnings (bsc#1227149).\n- wifi: rsi: rsi_91x_coex: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_debugfs: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_hal: Remove unnecessary conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_mac80211: Remove unnecessary conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_main: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_sdio: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_sdio_ops: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_usb: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rsi: rsi_91x_usb_ops: Remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: rt2x00: Simplify bool conversion (bsc#1227149).\n- wifi: rt2x00: correct MAC_SYS_CTRL register RX mask in R-Calibration (bsc#1227149).\n- wifi: rt2x00: disable RTS threshold for rt2800 by default (bsc#1227149).\n- wifi: rt2x00: fix MT7620 low RSSI issue (bsc#1227149).\n- wifi: rt2x00: fix rt2800 watchdog function (bsc#1227149).\n- wifi: rt2x00: fix the typo in comments (bsc#1227149).\n- wifi: rt2x00: improve MT7620 register initialization (bsc#1227149).\n- wifi: rt2x00: introduce DMA busy check watchdog for rt2800 (bsc#1227149).\n- wifi: rt2x00: limit MT7620 TX power based on eeprom calibration (bsc#1227149).\n- wifi: rt2x00: make watchdog param per device (bsc#1227149).\n- wifi: rt2x00: remove redundant check if u8 array element is less than zero (bsc#1227149).\n- wifi: rt2x00: remove useless code in rt2x00queue_create_tx_descriptor() (bsc#1227149).\n- wifi: rt2x00: rework MT7620 PA/LNA RF calibration (bsc#1227149).\n- wifi: rt2x00: rework MT7620 channel config function (bsc#1227149).\n- wifi: rt2x00: silence sparse warnings (bsc#1227149).\n- wifi: rt2x00: simplify rt2x00crypto_rx_insert_iv() (bsc#1227149).\n- wifi: rtl8xxxu: 8188e: convert usage of priv-\u003evif to priv-\u003evifs[0] (bsc#1227149).\n- wifi: rtl8xxxu: 8188f: Limit TX power index (git-fixes).\n- wifi: rtl8xxxu: Actually use macid in rtl8xxxu_gen2_report_connect (bsc#1227149).\n- wifi: rtl8xxxu: Add TP-Link TL-WN823N V2 (bsc#1227149).\n- wifi: rtl8xxxu: Add a description about the device ID 0x7392:0xb722 (bsc#1227149).\n- wifi: rtl8xxxu: Add beacon functions (bsc#1227149).\n- wifi: rtl8xxxu: Add parameter force to rtl8xxxu_refresh_rate_mask (bsc#1227149).\n- wifi: rtl8xxxu: Add parameter macid to update_rate_mask (bsc#1227149).\n- wifi: rtl8xxxu: Add parameter role to report_connect (bsc#1227149).\n- wifi: rtl8xxxu: Add set_tim() callback (bsc#1227149).\n- wifi: rtl8xxxu: Add sta_add() and sta_remove() callbacks (bsc#1227149).\n- wifi: rtl8xxxu: Add start_ap() callback (bsc#1227149).\n- wifi: rtl8xxxu: Allow creating interface in AP mode (bsc#1227149).\n- wifi: rtl8xxxu: Allow setting rts threshold to -1 (bsc#1227149).\n- wifi: rtl8xxxu: Clean up filter configuration (bsc#1227149).\n- wifi: rtl8xxxu: Declare AP mode support for 8188f (bsc#1227149).\n- wifi: rtl8xxxu: Enable AP mode for RTL8192EU (bsc#1227149).\n- wifi: rtl8xxxu: Enable AP mode for RTL8192FU (bsc#1227149).\n- wifi: rtl8xxxu: Enable AP mode for RTL8710BU (RTL8188GU) (bsc#1227149).\n- wifi: rtl8xxxu: Enable AP mode for RTL8723BU (bsc#1227149).\n- wifi: rtl8xxxu: Enable hw seq for mgmt/non-QoS data frames (bsc#1227149).\n- wifi: rtl8xxxu: Fix LED control code of RTL8192FU (bsc#1227149).\n- wifi: rtl8xxxu: Fix off by one initial RTS rate (bsc#1227149).\n- wifi: rtl8xxxu: Fix the TX power of RTL8192CU, RTL8723AU (stable-fixes).\n- wifi: rtl8xxxu: Put the macid in txdesc (bsc#1227149).\n- wifi: rtl8xxxu: Remove usage of ieee80211_get_tx_rate() (bsc#1227149).\n- wifi: rtl8xxxu: Remove usage of tx_info-\u003econtrol.rates[0].flags (bsc#1227149).\n- wifi: rtl8xxxu: Rename some registers (bsc#1227149).\n- wifi: rtl8xxxu: Select correct queue for beacon frames (bsc#1227149).\n- wifi: rtl8xxxu: Set maximum number of supported stations (bsc#1227149).\n- wifi: rtl8xxxu: Support USB RX aggregation for the newer chips (bsc#1227149).\n- wifi: rtl8xxxu: Support new chip RTL8192FU (bsc#1227149).\n- wifi: rtl8xxxu: add hw crypto support for AP mode (bsc#1227149).\n- wifi: rtl8xxxu: add macids for STA mode (bsc#1227149).\n- wifi: rtl8xxxu: add missing number of sec cam entries for all variants (bsc#1227149).\n- wifi: rtl8xxxu: check vif before using in rtl8xxxu_tx() (bsc#1227149).\n- wifi: rtl8xxxu: convert EN_DESC_ID of TX descriptor to le32 type (bsc#1227149).\n- wifi: rtl8xxxu: declare concurrent mode support for 8188f (bsc#1227149).\n- wifi: rtl8xxxu: do not parse CFO, if both interfaces are connected in STA mode (bsc#1227149).\n- wifi: rtl8xxxu: enable MFP support with security flag of RX descriptor (bsc#1227149).\n- wifi: rtl8xxxu: enable channel switch support (bsc#1227149).\n- wifi: rtl8xxxu: extend check for matching bssid to both interfaces (bsc#1227149).\n- wifi: rtl8xxxu: extend wifi connected check to both interfaces (bsc#1227149).\n- wifi: rtl8xxxu: fix error messages (bsc#1227149).\n- wifi: rtl8xxxu: fix mixed declarations in rtl8xxxu_set_aifs() (bsc#1227149).\n- wifi: rtl8xxxu: make instances of iface limit and combination to be static const (bsc#1227149).\n- wifi: rtl8xxxu: make supporting AP mode only on port 0 transparent (bsc#1227149).\n- wifi: rtl8xxxu: mark TOTOLINK N150UA V5/N150UA-B as tested (bsc#1227149).\n- wifi: rtl8xxxu: prepare supporting two virtual interfaces (bsc#1227149).\n- wifi: rtl8xxxu: remove assignment of priv-\u003evif in rtl8xxxu_bss_info_changed() (bsc#1227149).\n- wifi: rtl8xxxu: remove obsolete priv-\u003evif (bsc#1227149).\n- wifi: rtl8xxxu: rtl8xxxu_rx_complete(): remove unnecessary return (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interface in start_ap() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in bss_info_changed() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in configure_filter() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in set_aifs() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in update_beacon_work_callback() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in watchdog_callback() (bsc#1227149).\n- wifi: rtl8xxxu: support multiple interfaces in {add,remove}_interface() (bsc#1227149).\n- wifi: rtl8xxxu: support setting bssid register for multiple interfaces (bsc#1227149).\n- wifi: rtl8xxxu: support setting linktype for both interfaces (bsc#1227149).\n- wifi: rtl8xxxu: support setting mac address register for both interfaces (bsc#1227149).\n- wifi: rtl8xxxu: update rate mask per sta (bsc#1227149).\n- wifi: rtlwifi: Convert to use PCIe capability accessors (bsc#1227149).\n- wifi: rtlwifi: Ignore IEEE80211_CONF_CHANGE_RETRY_LIMITS (bsc#1227149).\n- wifi: rtlwifi: Remove bridge vendor/device ids (bsc#1227149).\n- wifi: rtlwifi: Remove rtl_intf_ops.read_efuse_byte (bsc#1227149).\n- wifi: rtlwifi: Remove unused PCI related defines and struct (bsc#1227149).\n- wifi: rtlwifi: Speed up firmware loading for USB (bsc#1227149).\n- wifi: rtlwifi: cleanup USB interface (bsc#1227149).\n- wifi: rtlwifi: cleanup few rtlxxx_tx_fill_desc() routines (bsc#1227149).\n- wifi: rtlwifi: cleanup few rtlxxxx_set_hw_reg() routines (bsc#1227149).\n- wifi: rtlwifi: cleanup struct rtl_hal (bsc#1227149).\n- wifi: rtlwifi: cleanup struct rtl_phy (bsc#1227149).\n- wifi: rtlwifi: cleanup struct rtl_ps_ctl (bsc#1227149).\n- wifi: rtlwifi: drop chk_switch_dmdp() from HAL interface (bsc#1227149).\n- wifi: rtlwifi: drop fill_fake_txdesc() from HAL interface (bsc#1227149).\n- wifi: rtlwifi: drop pre_fill_tx_bd_desc() from HAL interface (bsc#1227149).\n- wifi: rtlwifi: drop unused const_amdpci_aspm (bsc#1227149).\n- wifi: rtlwifi: remove misused flag from HAL data (bsc#1227149).\n- wifi: rtlwifi: remove unreachable code in rtl92d_dm_check_edca_turbo() (bsc#1227149).\n- wifi: rtlwifi: remove unused dualmac control leftovers (bsc#1227149).\n- wifi: rtlwifi: remove unused timer and related code (bsc#1227149).\n- wifi: rtlwifi: rtl8192cu: Fix 2T2R chip type detection (bsc#1227149).\n- wifi: rtlwifi: rtl8192cu: Fix TX aggregation (bsc#1227149).\n- wifi: rtlwifi: rtl8192de: Do not read register in _rtl92de_query_rxphystatus (bsc#1227149).\n- wifi: rtlwifi: rtl8192de: Fix 5 GHz TX power (stable-fixes).\n- wifi: rtlwifi: rtl8192de: Fix endianness issue in RX path (stable-fixes).\n- wifi: rtlwifi: rtl8192de: Fix low speed with WPA3-SAE (stable-fixes).\n- wifi: rtlwifi: rtl8723: Remove unused function rtl8723_cmd_send_packet() (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Access full PMCS reg and use pci_regs.h (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Add pdev into _rtl8821ae_clear_pci_pme_status() (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Remove unnecessary PME_Status bit set (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Reverse PM Capability exists check (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: Use pci_find_capability() (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: phy: remove some useless code (bsc#1227149).\n- wifi: rtlwifi: rtl8821ae: phy: using calculate_bit_shift() (bsc#1227149).\n- wifi: rtlwifi: rtl92ee_dm_dynamic_primary_cca_check(): fix typo in function name (bsc#1227149).\n- wifi: rtlwifi: rtl_usb: Store the endpoint addresses (bsc#1227149).\n- wifi: rtlwifi: rtl_usb: Use sync register writes (bsc#1227149).\n- wifi: rtlwifi: set initial values for unexpected cases of USB endpoint priority (bsc#1227149).\n- wifi: rtlwifi: simplify LED management (bsc#1227149).\n- wifi: rtlwifi: simplify TX command fill callbacks (bsc#1227149).\n- wifi: rtlwifi: simplify rtl_action_proc() and rtl_tx_agg_start() (bsc#1227149).\n- wifi: rtlwifi: use convenient list_count_nodes() (bsc#1227149).\n- wifi: rtlwifi: use eth_broadcast_addr() to assign broadcast address (bsc#1227149).\n- wifi: rtlwifi: use helper function rtl_get_hdr() (bsc#1227149).\n- wifi: rtlwifi: use unsigned long for bt_coexist_8723 timestamp (bsc#1227149).\n- wifi: rtlwifi: use unsigned long for rtl_bssid_entry timestamp (bsc#1227149).\n- wifi: rtw88: 8821c: tweak CCK TX filter setting for SRRC regulation (bsc#1227149).\n- wifi: rtw88: 8821c: update TX power limit to V67 (bsc#1227149).\n- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).\n- wifi: rtw88: 8822c: update TX power limit to V70 (bsc#1227149).\n- wifi: rtw88: 8822ce: refine power parameters for RFE type 5 (bsc#1227149).\n- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).\n- wifi: rtw88: Add support for the SDIO based RTL8723DS chipset (bsc#1227149).\n- wifi: rtw88: Fix AP mode incorrect DTIM behavior (bsc#1227149).\n- wifi: rtw88: Fix action frame transmission fail before association (bsc#1227149).\n- wifi: rtw88: Skip high queue in hci_flush (bsc#1227149).\n- wifi: rtw88: Stop high queue during scan (bsc#1227149).\n- wifi: rtw88: Use random MAC when efuse MAC invalid (bsc#1227149).\n- wifi: rtw88: add missing unwind goto for __rtw_download_firmware() (bsc#1227149).\n- wifi: rtw88: debug: add to check if debug mask is enabled (bsc#1227149).\n- wifi: rtw88: debug: remove wrapper of rtw_dbg() (bsc#1227149).\n- wifi: rtw88: dump firmware debug information in abnormal state (bsc#1227149).\n- wifi: rtw88: fix incorrect error codes in rtw_debugfs_copy_from_user (bsc#1227149).\n- wifi: rtw88: fix incorrect error codes in rtw_debugfs_set_* (bsc#1227149).\n- wifi: rtw88: fix not entering PS mode after AP stops (bsc#1227149).\n- wifi: rtw88: fix typo rtw8822cu_probe (bsc#1227149).\n- wifi: rtw88: process VO packets without workqueue to avoid PTK rekey failed (bsc#1227149).\n- wifi: rtw88: refine register based H2C command (bsc#1227149).\n- wifi: rtw88: regd: configure QATAR and UK (bsc#1227149).\n- wifi: rtw88: regd: update regulatory map to R64-R42 (bsc#1227149).\n- wifi: rtw88: remove unused USB bulkout size set (bsc#1227149).\n- wifi: rtw88: remove unused and set but unused leftovers (bsc#1227149).\n- wifi: rtw88: rtw8723d: Implement RTL8723DS (SDIO) efuse parsing (bsc#1227149).\n- wifi: rtw88: simplify __rtw_tx_work() (bsc#1227149).\n- wifi: rtw88: simplify vif iterators (bsc#1227149).\n- wifi: rtw88: use cfg80211_ssid_eq() instead of rtw_ssid_equal() (bsc#1227149).\n- wifi: rtw88: use kstrtoX_from_user() in debugfs handlers (bsc#1227149).\n- wifi: rtw88: use struct instead of macros to set TX desc (bsc#1227149).\n- wifi: rtw89: 52c: rfk: disable DPK during MCC (bsc#1227149).\n- wifi: rtw89: 52c: rfk: refine MCC channel info notification (bsc#1227149).\n- wifi: rtw89: 8851b: add 8851B basic chip_info (bsc#1227149).\n- wifi: rtw89: 8851b: add 8851be to Makefile and Kconfig (bsc#1227149).\n- wifi: rtw89: 8851b: add BT coexistence support function (bsc#1227149).\n- wifi: rtw89: 8851b: add DLE mem and HFC quota (bsc#1227149).\n- wifi: rtw89: 8851b: add MAC configurations to chip_info (bsc#1227149).\n- wifi: rtw89: 8851b: add NCTL post table (bsc#1227149).\n- wifi: rtw89: 8851b: add RF configurations (bsc#1227149).\n- wifi: rtw89: 8851b: add TX power related functions (bsc#1227149).\n- wifi: rtw89: 8851b: add basic power on function (bsc#1227149).\n- wifi: rtw89: 8851b: add set channel function (bsc#1227149).\n- wifi: rtw89: 8851b: add set_channel_rf() (bsc#1227149).\n- wifi: rtw89: 8851b: add support WoWLAN to 8851B (bsc#1227149).\n- wifi: rtw89: 8851b: add to parse efuse content (bsc#1227149).\n- wifi: rtw89: 8851b: add to read efuse version to recognize hardware version B (bsc#1227149).\n- wifi: rtw89: 8851b: configure CRASH_TRIGGER feature for 8851B (bsc#1227149).\n- wifi: rtw89: 8851b: configure GPIO according to RFE type (bsc#1227149).\n- wifi: rtw89: 8851b: configure to force 1 TX power value (bsc#1227149).\n- wifi: rtw89: 8851b: enable hw_scan support (bsc#1227149).\n- wifi: rtw89: 8851b: fill BB related capabilities to chip_info (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: Fix spelling mistake KIP_RESOTRE -\u003e KIP_RESTORE (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add AACK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add DACK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add DPK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add IQK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add LCK track (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add RCK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add RX DCK (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: add TSSI (bsc#1227149).\n- wifi: rtw89: 8851b: rfk: update IQK to version 0x8 (bsc#1227149).\n- wifi: rtw89: 8851b: update RF radio A parameters to R28 (bsc#1227149).\n- wifi: rtw89: 8851b: update TX power tables to R28 (bsc#1227149).\n- wifi: rtw89: 8851b: update TX power tables to R34 (bsc#1227149).\n- wifi: rtw89: 8851b: update TX power tables to R37 (bsc#1227149).\n- wifi: rtw89: 8851be: add 8851BE PCI entry and fill PCI capabilities (bsc#1227149).\n- wifi: rtw89: 8852b: fix definition of KIP register number (git-fixes).\n- wifi: rtw89: 8852b: update TX power tables to R35 (bsc#1227149).\n- wifi: rtw89: 8852b: update TX power tables to R36 (bsc#1227149).\n- wifi: rtw89: 8852c: Fix TSSI causes transmit power inaccuracy (bsc#1227149).\n- wifi: rtw89: 8852c: Update bandedge parameters for better performance (bsc#1227149).\n- wifi: rtw89: 8852c: add quirk to set PCI BER for certain platforms (bsc#1227149).\n- wifi: rtw89: 8852c: declare to support two chanctx (bsc#1227149).\n- wifi: rtw89: 8852c: read RX gain offset from efuse for 6GHz channels (bsc#1227149).\n- wifi: rtw89: 8852c: update RF radio A/B parameters to R63 (bsc#1227149).\n- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (1 of 3) (bsc#1227149).\n- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (2 of 3) (bsc#1227149).\n- wifi: rtw89: 8852c: update TX power tables to R63 with 6 GHz power type (3 of 3) (bsc#1227149).\n- wifi: rtw89: 8852c: update TX power tables to R67 (bsc#1227149).\n- wifi: rtw89: 8922a: add 8922A basic chip info (bsc#1227149).\n- wifi: rtw89: 8922a: add BTG functions to assist BT coexistence to control TX/RX (bsc#1227149).\n- wifi: rtw89: 8922a: add NCTL pre-settings for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: 8922a: add RF read/write v2 (bsc#1227149).\n- wifi: rtw89: 8922a: add SER IMR tables (bsc#1227149).\n- wifi: rtw89: 8922a: add TX power related ops (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops related to BB init (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops to get thermal value (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::bb_preinit to enable BB before downloading firmware (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::cfg_txrx_path (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::rfk_hw_init (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::rfk_init_late to do initial RF calibrations later (bsc#1227149).\n- wifi: rtw89: 8922a: add chip_ops::{enable,disable}_bb_rf (bsc#1227149).\n- wifi: rtw89: 8922a: add coexistence helpers of SW grant (bsc#1227149).\n- wifi: rtw89: 8922a: add helper of set_channel (bsc#1227149).\n- wifi: rtw89: 8922a: add ieee80211_ops::hw_scan (bsc#1227149).\n- wifi: rtw89: 8922a: add more fields to beacon H2C command to support multi-links (bsc#1227149).\n- wifi: rtw89: 8922a: add power on/off functions (bsc#1227149).\n- wifi: rtw89: 8922a: add register definitions of H2C, C2H, page, RRSR and EDCCA (bsc#1227149).\n- wifi: rtw89: 8922a: add set_channel BB part (bsc#1227149).\n- wifi: rtw89: 8922a: add set_channel MAC part (bsc#1227149).\n- wifi: rtw89: 8922a: add set_channel RF part (bsc#1227149).\n- wifi: rtw89: 8922a: configure CRASH_TRIGGER FW feature (bsc#1227149).\n- wifi: rtw89: 8922a: correct register definition and merge IO for ctrl_nbtg_bt_tx() (bsc#1227149).\n- wifi: rtw89: 8922a: declare to support two chanctx (bsc#1227149).\n- wifi: rtw89: 8922a: dump MAC registers when SER occurs (bsc#1227149).\n- wifi: rtw89: 8922a: extend and add quota number (bsc#1227149).\n- wifi: rtw89: 8922a: hook handlers of TX/RX descriptors to chip_ops (bsc#1227149).\n- wifi: rtw89: 8922a: implement AP mode related reg for BE generation (bsc#1227149).\n- wifi: rtw89: 8922a: implement {stop,resume}_sch_tx and cfg_ppdu (bsc#1227149).\n- wifi: rtw89: 8922a: read efuse content from physical map (bsc#1227149).\n- wifi: rtw89: 8922a: read efuse content via efuse map struct from logic map (bsc#1227149).\n- wifi: rtw89: 8922a: rfk: implement chip_ops to call RF calibrations (bsc#1227149).\n- wifi: rtw89: 8922a: set RX gain along with set_channel operation (bsc#1227149).\n- wifi: rtw89: 8922a: set chip_ops FEM and GPIO to NULL (bsc#1227149).\n- wifi: rtw89: 8922a: set memory heap address for secure firmware (bsc#1227149).\n- wifi: rtw89: 8922a: update BA CAM number to 24 (bsc#1227149).\n- wifi: rtw89: 8922a: update the register used in DIG and the DIG flow (bsc#1227149).\n- wifi: rtw89: 8922ae: add 8922AE PCI entry and basic info (bsc#1227149).\n- wifi: rtw89: 8922ae: add v2 interrupt handlers for 8922AE (bsc#1227149).\n- wifi: rtw89: Add EHT rate mask as parameters of RA H2C command (bsc#1227149).\n- wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() (git-fixes).\n- wifi: rtw89: Fix clang -Wimplicit-fallthrough in rtw89_query_sar() (bsc#1227149).\n- wifi: rtw89: Introduce Time Averaged SAR (TAS) feature (bsc#1227149).\n- wifi: rtw89: Refine active scan behavior in 6 GHz (bsc#1227149).\n- wifi: rtw89: Set default CQM config if not present (bsc#1227149).\n- wifi: rtw89: TX power stuffs replace confusing naming of _max with _num (bsc#1227149).\n- wifi: rtw89: Update EHT PHY beamforming capability (bsc#1227149).\n- wifi: rtw89: acpi: process 6 GHz band policy from DSM (bsc#1227149).\n- wifi: rtw89: add C2H RA event V1 to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add C2H event handlers of RFK log and report (bsc#1227149).\n- wifi: rtw89: add CFO XTAL registers field to support 8851B (bsc#1227149).\n- wifi: rtw89: add DBCC H2C to notify firmware the status (bsc#1227149).\n- wifi: rtw89: add EHT capabilities for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add EHT radiotap in monitor mode (bsc#1227149).\n- wifi: rtw89: add EVM and SNR statistics to debugfs (bsc#1227149).\n- wifi: rtw89: add EVM for antenna diversity (bsc#1227149).\n- wifi: rtw89: add H2C RA command V1 to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add H2C command to download beacon frame for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add RSSI based antenna diversity (bsc#1227149).\n- wifi: rtw89: add RSSI statistics for the case of antenna diversity to debugfs (bsc#1227149).\n- wifi: rtw89: add XTAL SI for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add chip_info::chip_gen to determine chip generation (bsc#1227149).\n- wifi: rtw89: add chip_info::txwd_info size to generalize TX WD submit (bsc#1227149).\n- wifi: rtw89: add chip_ops::h2c_ba_cam() to configure BA CAM (bsc#1227149).\n- wifi: rtw89: add chip_ops::query_rxdesc() and rxd_len as helpers to support newer chips (bsc#1227149).\n- wifi: rtw89: add chip_ops::update_beacon to abstract update beacon operation (bsc#1227149).\n- wifi: rtw89: add firmware H2C command of BA CAM V1 (bsc#1227149).\n- wifi: rtw89: add firmware parser for v1 format (bsc#1227149).\n- wifi: rtw89: add firmware suit for BB MCU 0/1 (bsc#1227149).\n- wifi: rtw89: add function prototype for coex request duration (bsc#1227149).\n- wifi: rtw89: add mac_gen pointer to access mac port registers (bsc#1227149).\n- wifi: rtw89: add mlo_dbcc_mode for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: add new H2C command to pause/sleep transmitting by MAC ID (bsc#1227149).\n- wifi: rtw89: add new H2C for PS mode in 802.11be chip (bsc#1227149).\n- wifi: rtw89: add reserved size as factor of DLE used size (bsc#1227149).\n- wifi: rtw89: add subband index of primary channel to struct rtw89_chan (bsc#1227149).\n- wifi: rtw89: add to display hardware rates v1 histogram in debugfs (bsc#1227149).\n- wifi: rtw89: add to fill TX descriptor for firmware command v2 (bsc#1227149).\n- wifi: rtw89: add to fill TX descriptor v2 (bsc#1227149).\n- wifi: rtw89: add to parse firmware elements of BB and RF tables (bsc#1227149).\n- wifi: rtw89: add to query RX descriptor format v2 (bsc#1227149).\n- wifi: rtw89: add tx_wake notify for 8851B (bsc#1227149).\n- wifi: rtw89: add wait/completion for abort scan (bsc#1227149).\n- wifi: rtw89: adjust init_he_cap() to add EHT cap into iftype_data (bsc#1227149).\n- wifi: rtw89: advertise missing extended scan feature (bsc#1227149).\n- wifi: rtw89: avoid stringop-overflow warning (bsc#1227149).\n- wifi: rtw89: call rtw89_chan_get() by vif chanctx if aware of vif (bsc#1227149).\n- wifi: rtw89: chan: MCC take reconfig into account (bsc#1227149).\n- wifi: rtw89: chan: add sub-entity swap function to cover replacing (bsc#1227149).\n- wifi: rtw89: chan: move handling from add/remove to assign/unassign for MLO (bsc#1227149).\n- wifi: rtw89: chan: support MCC on Wi-Fi 7 chips (bsc#1227149).\n- wifi: rtw89: chan: tweak bitmap recalc ahead before MLO (bsc#1227149).\n- wifi: rtw89: chan: tweak weight recalc ahead before MLO (bsc#1227149).\n- wifi: rtw89: change naming of BA CAM from V1 to V0_EXT (bsc#1227149).\n- wifi: rtw89: change qutoa to DBCC by default for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: change supported bandwidths of chip_info to bit mask (bsc#1227149).\n- wifi: rtw89: cleanup firmware elements parsing (bsc#1227149).\n- wifi: rtw89: cleanup private data structures (bsc#1227149).\n- wifi: rtw89: cleanup rtw89_iqk_info and related code (bsc#1227149).\n- wifi: rtw89: coex: Add Bluetooth RSSI level information (bsc#1227149).\n- wifi: rtw89: coex: Add Pre-AGC control to enhance Wi-Fi RX performance (bsc#1227149).\n- wifi: rtw89: coex: Add coexistence policy to decrease WiFi packet CRC-ERR (bsc#1227149).\n- wifi: rtw89: coex: Fix wrong Wi-Fi role info and FDDT parameter members (bsc#1227149).\n- wifi: rtw89: coex: Record down Wi-Fi initial mode information (bsc#1227149).\n- wifi: rtw89: coex: Reorder H2C command index to align with firmware (bsc#1227149).\n- wifi: rtw89: coex: Set Bluetooth scan low-priority when Wi-Fi link/scan (bsc#1227149).\n- wifi: rtw89: coex: Still show hardware grant signal info even Wi-Fi is PS (bsc#1227149).\n- wifi: rtw89: coex: To improve Wi-Fi performance while BT is idle (bsc#1227149).\n- wifi: rtw89: coex: Translate antenna configuration from ID to string (bsc#1227149).\n- wifi: rtw89: coex: Update BTG control related logic (bsc#1227149).\n- wifi: rtw89: coex: Update RF parameter control setting logic (bsc#1227149).\n- wifi: rtw89: coex: Update coexistence policy for Wi-Fi LPS (bsc#1227149).\n- wifi: rtw89: coex: When Bluetooth not available do not set power/gain (bsc#1227149).\n- wifi: rtw89: coex: add BTC ctrl_info version 7 and related logic (bsc#1227149).\n- wifi: rtw89: coex: add annotation __counted_by() for struct rtw89_btc_btf_set_slot_table (bsc#1227149).\n- wifi: rtw89: coex: add annotation __counted_by() to struct rtw89_btc_btf_set_mon_reg (bsc#1227149).\n- wifi: rtw89: coex: add init_info H2C command format version 7 (bsc#1227149).\n- wifi: rtw89: coex: add return value to ensure H2C command is success or not (bsc#1227149).\n- wifi: rtw89: coex: fix configuration for shared antenna for 8922A (bsc#1227149).\n- wifi: rtw89: coex: use struct assignment to replace memcpy() to append TDMA content (bsc#1227149).\n- wifi: rtw89: configure PPDU max user by chip (bsc#1227149).\n- wifi: rtw89: consider RX info for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: consolidate registers of mac port to struct (bsc#1227149).\n- wifi: rtw89: correct PHY register offset for PHY-1 (bsc#1227149).\n- wifi: rtw89: correct aSIFSTime for 6GHz band (stable-fixes).\n- wifi: rtw89: correct the DCFO tracking flow to improve CFO compensation (bsc#1227149).\n- wifi: rtw89: debug: add FW log component for scan (bsc#1227149).\n- wifi: rtw89: debug: add debugfs entry to disable dynamic mechanism (bsc#1227149).\n- wifi: rtw89: debug: add to check if debug mask is enabled (bsc#1227149).\n- wifi: rtw89: debug: remove wrapper of rtw89_debug() (bsc#1227149).\n- wifi: rtw89: debug: show txpwr table according to chip gen (bsc#1227149).\n- wifi: rtw89: debug: txpwr table access only valid page according to chip (bsc#1227149).\n- wifi: rtw89: debug: txpwr table supports Wi-Fi 7 chips (bsc#1227149).\n- wifi: rtw89: declare EXT NSS BW of VHT capability (bsc#1227149).\n- wifi: rtw89: declare MCC in interface combination (bsc#1227149).\n- wifi: rtw89: define hardware rate v1 for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: differentiate narrow_bw_ru_dis setting according to chip gen (bsc#1227149).\n- wifi: rtw89: disable RTS when broadcast/multicast (bsc#1227149).\n- wifi: rtw89: download firmware with five times retry (bsc#1227149).\n- wifi: rtw89: drop TIMING_BEACON_ONLY and sync beacon TSF by self (bsc#1227149).\n- wifi: rtw89: enlarge supported length of read_reg debugfs entry (bsc#1227149).\n- wifi: rtw89: extend PHY status parser to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: fix HW scan not aborting properly (git-fixes).\n- wifi: rtw89: fix HW scan timeout due to TSF sync issue (bsc#1227149).\n- wifi: rtw89: fix a width vs precision bug (bsc#1227149).\n- wifi: rtw89: fix disabling concurrent mode TX hang issue (bsc#1227149).\n- wifi: rtw89: fix misbehavior of TX beacon in concurrent mode (bsc#1227149).\n- wifi: rtw89: fix not entering PS mode after AP stops (bsc#1227149).\n- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).\n- wifi: rtw89: fix spelling typo of IQK debug messages (bsc#1227149).\n- wifi: rtw89: fix typo of rtw89_fw_h2c_mcc_macid_bitmap() (bsc#1227149).\n- wifi: rtw89: fw: add H2C command to reset CMAC table for WiFi 7 (bsc#1227149).\n- wifi: rtw89: fw: add H2C command to reset DMAC table for WiFi 7 (bsc#1227149).\n- wifi: rtw89: fw: add H2C command to update security CAM v2 (bsc#1227149).\n- wifi: rtw89: fw: add checking type for variant type of firmware (bsc#1227149).\n- wifi: rtw89: fw: add chip_ops to update CMAC table to associated station (bsc#1227149).\n- wifi: rtw89: fw: add definition of H2C command and C2H event for MRC series (bsc#1227149).\n- wifi: rtw89: fw: add version field to BB MCU firmware element (bsc#1227149).\n- wifi: rtw89: fw: consider checksum length of security data (bsc#1227149).\n- wifi: rtw89: fw: download firmware with key data for secure boot (bsc#1227149).\n- wifi: rtw89: fw: extend JOIN H2C command to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: fw: extend program counter dump for Wi-Fi 7 chip (bsc#1227149).\n- wifi: rtw89: fw: fill CMAC table to associated station for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: fw: generalize download firmware flow by mac_gen pointers (bsc#1227149).\n- wifi: rtw89: fw: implement MRC H2C command functions (bsc#1227149).\n- wifi: rtw89: fw: implement supported functions of download firmware for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: fw: load TX power track tables from fw_element (bsc#1227149).\n- wifi: rtw89: fw: move polling function of firmware path ready to an individual function (bsc#1227149).\n- wifi: rtw89: fw: parse secure section from firmware file (bsc#1227149).\n- wifi: rtw89: fw: propagate an argument include_bb for BB MCU firmware (bsc#1227149).\n- wifi: rtw89: fw: read firmware secure information from efuse (bsc#1227149).\n- wifi: rtw89: fw: refine download flow to support variant firmware suits (bsc#1227149).\n- wifi: rtw89: fw: scan offload prohibit all 6 GHz channel if no 6 GHz sband (bsc#1227149).\n- wifi: rtw89: fw: update TX AMPDU parameter to CMAC table (bsc#1227149).\n- wifi: rtw89: fw: use struct to fill BA CAM H2C commands (bsc#1227149).\n- wifi: rtw89: fw: use struct to fill JOIN H2C command (bsc#1227149).\n- wifi: rtw89: get data rate mode/NSS/MCS v1 from RX descriptor (bsc#1227149).\n- wifi: rtw89: indicate TX power by rate table inside RFE parameter (bsc#1227149).\n- wifi: rtw89: indicate TX shape table inside RFE parameter (bsc#1227149).\n- wifi: rtw89: initialize antenna for antenna diversity (bsc#1227149).\n- wifi: rtw89: initialize multi-channel handling (bsc#1227149).\n- wifi: rtw89: introduce infrastructure of firmware elements (bsc#1227149).\n- wifi: rtw89: introduce realtek ACPI DSM method (bsc#1227149).\n- wifi: rtw89: introduce v1 format of firmware header (bsc#1227149).\n- wifi: rtw89: load BB parameters to PHY-1 (bsc#1227149).\n- wifi: rtw89: load RFK log format string from firmware file (bsc#1227149).\n- wifi: rtw89: load TX power by rate when RFE parms setup (bsc#1227149).\n- wifi: rtw89: load TX power related tables from FW elements (bsc#1227149).\n- wifi: rtw89: mac: Fix spelling mistakes \"notfify\" -\u003e \"notify\" (bsc#1227149).\n- wifi: rtw89: mac: add coexistence helpers {cfg/get}_plt (bsc#1227149).\n- wifi: rtw89: mac: add feature_init to initialize BA CAM V1 (bsc#1227149).\n- wifi: rtw89: mac: add flags to check if CMAC and DMAC are enabled (bsc#1227149).\n- wifi: rtw89: mac: add mac_gen_def::band1_offset to map MAC band1 register address (bsc#1227149).\n- wifi: rtw89: mac: add registers of MU-EDCA parameters for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: add suffix _ax to MAC functions (bsc#1227149).\n- wifi: rtw89: mac: add sys_init and filter option for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: add to access efuse for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: add to get DLE reserved quota (bsc#1227149).\n- wifi: rtw89: mac: check queue empty according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: correct MUEDCA setting for MAC-1 (bsc#1227149).\n- wifi: rtw89: mac: define internal memory address for WiFi 7 chip (bsc#1227149).\n- wifi: rtw89: mac: define register address of rx_filter to generalize code (bsc#1227149).\n- wifi: rtw89: mac: do bf_monitor only if WiFi 6 chips (bsc#1227149).\n- wifi: rtw89: mac: functions to configure hardware engine and quota for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: generalize code to indirectly access WiFi internal memory (bsc#1227149).\n- wifi: rtw89: mac: generalize register of MU-EDCA switch according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: get TX power control register according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: handle C2H receive/done ACK in interrupt context (bsc#1227149).\n- wifi: rtw89: mac: implement MRC C2H event handling (bsc#1227149).\n- wifi: rtw89: mac: implement to configure TX/RX engines for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: mac: move code related to hardware engine to individual functions (bsc#1227149).\n- wifi: rtw89: mac: refine SER setting during WiFi CPU power on (bsc#1227149).\n- wifi: rtw89: mac: reset PHY-1 hardware when going to enable/disable (bsc#1227149).\n- wifi: rtw89: mac: return held quota of DLE when changing MAC-1 (bsc#1227149).\n- wifi: rtw89: mac: set bf_assoc capabilities according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: set bfee_ctrl() according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: update RTS threshold according to chip gen (bsc#1227149).\n- wifi: rtw89: mac: use mac_gen pointer to access about efuse (bsc#1227149).\n- wifi: rtw89: mac: use pointer to access functions of hardware engine and quota (bsc#1227149).\n- wifi: rtw89: mcc: consider and determine BT duration (bsc#1227149).\n- wifi: rtw89: mcc: deal with BT slot change (bsc#1227149).\n- wifi: rtw89: mcc: deal with P2P PS change (bsc#1227149).\n- wifi: rtw89: mcc: deal with beacon NoA if GO exists (bsc#1227149).\n- wifi: rtw89: mcc: decide pattern and calculate parameters (bsc#1227149).\n- wifi: rtw89: mcc: fill fundamental configurations (bsc#1227149).\n- wifi: rtw89: mcc: fix NoA start time when GO is auxiliary (bsc#1227149).\n- wifi: rtw89: mcc: initialize start flow (bsc#1227149).\n- wifi: rtw89: mcc: track beacon offset and update when needed (bsc#1227149).\n- wifi: rtw89: mcc: trigger FW to start/stop MCC (bsc#1227149).\n- wifi: rtw89: mcc: update role bitmap when changed (bsc#1227149).\n- wifi: rtw89: modify the register setting and the flow of CFO tracking (bsc#1227149).\n- wifi: rtw89: move software DCFO compensation setting to proper position (bsc#1227149).\n- wifi: rtw89: only reset BB/RF for existing WiFi 6 chips while starting up (bsc#1227149).\n- wifi: rtw89: packet offload wait for FW response (bsc#1227149).\n- wifi: rtw89: parse EHT information from RX descriptor and PPDU status packet (bsc#1227149).\n- wifi: rtw89: parse TX EHT rate selected by firmware from RA C2H report (bsc#1227149).\n- wifi: rtw89: parse and print out RFK log from C2H events (bsc#1227149).\n- wifi: rtw89: pause/proceed MCC for ROC and HW scan (bsc#1227149).\n- wifi: rtw89: pci: add LTR v2 for WiFi 7 chip (bsc#1227149).\n- wifi: rtw89: pci: add PCI generation information to pci_info for each chip (bsc#1227149).\n- wifi: rtw89: pci: add new RX ring design to determine full RX ring efficiently (bsc#1227149).\n- wifi: rtw89: pci: add pre_deinit to be called after probe complete (bsc#1227149).\n- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).\n- wifi: rtw89: pci: correct interrupt mitigation register for 8852CE (bsc#1227149).\n- wifi: rtw89: pci: define PCI ring address for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).\n- wifi: rtw89: pci: fix interrupt enable mask for HALT C2H of RTL8851B (bsc#1227149).\n- wifi: rtw89: pci: generalize code of PCI control DMA IO for WiFi 7 (bsc#1227149).\n- wifi: rtw89: pci: generalize interrupt status bits of interrupt handlers (bsc#1227149).\n- wifi: rtw89: pci: implement PCI CLK/ASPM/L1SS for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: pci: implement PCI mac_post_init for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: pci: implement PCI mac_pre_init for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: pci: interrupt v2 refine IMR for SER (bsc#1227149).\n- wifi: rtw89: pci: reset BDRAM according to chip gen (bsc#1227149).\n- wifi: rtw89: pci: stop/start DMA for level 1 recovery according to chip gen (bsc#1227149).\n- wifi: rtw89: pci: update SER timer unit and timeout time (bsc#1227149).\n- wifi: rtw89: pci: update interrupt mitigation register for 8922AE (bsc#1227149).\n- wifi: rtw89: pci: use DBI function for 8852AE/8852BE/8851BE (bsc#1227149).\n- wifi: rtw89: pci: use gen_def pointer to configure mac_{pre,post}_init and clear PCI ring index (bsc#1227149).\n- wifi: rtw89: pci: validate RX tag for RXQ and RPQ (bsc#1227149).\n- wifi: rtw89: phy: add BB wrapper of TX power for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: phy: add parser to support RX gain dynamic setting flow (bsc#1227149).\n- wifi: rtw89: phy: add phy_gen_def::cr_base to support WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: phy: change naming related BT coexistence functions (bsc#1227149).\n- wifi: rtw89: phy: dynamically adjust EDCCA threshold (bsc#1227149).\n- wifi: rtw89: phy: extend TX power common stuffs for Wi-Fi 7 chips (bsc#1227149).\n- wifi: rtw89: phy: generalize valid bit of BSS color (bsc#1227149).\n- wifi: rtw89: phy: ignore special data from BB parameter file (bsc#1227149).\n- wifi: rtw89: phy: modify register setting of ENV_MNTR, PHYSTS and DIG (bsc#1227149).\n- wifi: rtw89: phy: move bb_gain_info used by WiFi 6 chips to union (bsc#1227149).\n- wifi: rtw89: phy: print out RFK log with formatted string (bsc#1227149).\n- wifi: rtw89: phy: rate pattern handles HW rate by chip gen (bsc#1227149).\n- wifi: rtw89: phy: refine helpers used for raw TX power (bsc#1227149).\n- wifi: rtw89: phy: set TX power RU limit according to chip gen (bsc#1227149).\n- wifi: rtw89: phy: set TX power by rate according to chip gen (bsc#1227149).\n- wifi: rtw89: phy: set TX power limit according to chip gen (bsc#1227149).\n- wifi: rtw89: phy: set TX power offset according to chip gen (bsc#1227149).\n- wifi: rtw89: phy: set channel_info for WiFi 7 chips (bsc#1227149).\n- wifi: rtw89: prepare scan leaf functions for wifi 7 ICs (bsc#1227149).\n- wifi: rtw89: process regulatory for 6 GHz power type (bsc#1227149).\n- wifi: rtw89: provide functions to configure NoA for beacon update (bsc#1227149).\n- wifi: rtw89: recognize log format from firmware file (bsc#1227149).\n- wifi: rtw89: reference quota mode when setting Tx power (bsc#1227149).\n- wifi: rtw89: refine H2C command that pause transmitting by MAC ID (bsc#1227149).\n- wifi: rtw89: refine add_chan H2C command to encode_bits (bsc#1227149).\n- wifi: rtw89: refine bandwidth 160MHz uplink OFDMA performance (bsc#1227149).\n- wifi: rtw89: refine clearing supported bands to check 2/5 GHz first (bsc#1227149).\n- wifi: rtw89: refine element naming used by queue empty check (bsc#1227149).\n- wifi: rtw89: refine hardware scan C2H events (bsc#1227149).\n- wifi: rtw89: refine packet offload delete flow of 6 GHz probe (bsc#1227149).\n- wifi: rtw89: refine packet offload handling under SER (bsc#1227149).\n- wifi: rtw89: refine remain on channel flow to improve P2P connection (bsc#1227149).\n- wifi: rtw89: refine rtw89_correct_cck_chan() by rtw89_hw_to_nl80211_band() (bsc#1227149).\n- wifi: rtw89: refine uplink trigger based control mechanism (bsc#1227149).\n- wifi: rtw89: regd: configure Thailand in regulation type (bsc#1227149).\n- wifi: rtw89: regd: handle policy of 6 GHz according to BIOS (bsc#1227149).\n- wifi: rtw89: regd: judge 6 GHz according to chip and BIOS (bsc#1227149).\n- wifi: rtw89: regd: judge UNII-4 according to BIOS and chip (bsc#1227149).\n- wifi: rtw89: regd: update regulatory map to R64-R40 (bsc#1227149).\n- wifi: rtw89: regd: update regulatory map to R64-R43 (bsc#1227149).\n- wifi: rtw89: regd: update regulatory map to R65-R44 (bsc#1227149).\n- wifi: rtw89: release bit in rtw89_fw_h2c_del_pkt_offload() (bsc#1227149).\n- wifi: rtw89: return failure if needed firmware elements are not recognized (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger DACK (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger DPK (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger IQK (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger RX DCK (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger TSSI (bsc#1227149).\n- wifi: rtw89: rfk: add H2C command to trigger TXGAPK (bsc#1227149).\n- wifi: rtw89: rfk: add a completion to wait RF calibration report from C2H event (bsc#1227149).\n- wifi: rtw89: rfk: disable driver tracking during MCC (bsc#1227149).\n- wifi: rtw89: rfk: send channel information to firmware for RF calibrations (bsc#1227149).\n- wifi: rtw89: sar: let caller decide the center frequency to query (bsc#1227149).\n- wifi: rtw89: scan offload wait for FW done ACK (bsc#1227149).\n- wifi: rtw89: ser: L1 add pre-M0 and post-M0 states (bsc#1227149).\n- wifi: rtw89: ser: reset total_sta_assoc and tdls_peer when L2 (bsc#1227149).\n- wifi: rtw89: set TX power without precondition during setting channel (bsc#1227149).\n- wifi: rtw89: set capability of TX antenna diversity (bsc#1227149).\n- wifi: rtw89: set entry size of address CAM to H2C field by chip (bsc#1227149).\n- wifi: rtw89: show EHT rate in debugfs (bsc#1227149).\n- wifi: rtw89: support U-NII-4 channels on 5GHz band (bsc#1227149).\n- wifi: rtw89: support firmware log with formatted text (bsc#1227149).\n- wifi: rtw89: suppress the log for specific SER called CMDPSR_FRZTO (bsc#1227149).\n- wifi: rtw89: tweak H2C TX waiting function for SER (bsc#1227149).\n- wifi: rtw89: update DMA function with different generation (bsc#1227149).\n- wifi: rtw89: update ps_state register for chips with different generation (bsc#1227149).\n- wifi: rtw89: update scan C2H messages for wifi 7 IC (bsc#1227149).\n- wifi: rtw89: update suspend/resume for different generation (bsc#1227149).\n- wifi: rtw89: use PLCP information to match BSS_COLOR and AID (bsc#1227149).\n- wifi: rtw89: use chip_info::small_fifo_size to choose debug_mask (bsc#1227149).\n- wifi: rtw89: use flexible array member in rtw89_btc_btf_tlv (bsc#1227149).\n- wifi: rtw89: use struct and le32_get_bits to access RX info (bsc#1227149).\n- wifi: rtw89: use struct and le32_get_bits() to access RX descriptor (bsc#1227149).\n- wifi: rtw89: use struct and le32_get_bits() to access received PHY status IEs (bsc#1227149).\n- wifi: rtw89: use struct rtw89_phy_sts_ie0 instead of macro to access PHY IE0 status (bsc#1227149).\n- wifi: rtw89: use struct to access RA report (bsc#1227149).\n- wifi: rtw89: use struct to access firmware C2H event header (bsc#1227149).\n- wifi: rtw89: use struct to access register-based H2C/C2H (bsc#1227149).\n- wifi: rtw89: use struct to fill H2C command to download beacon frame (bsc#1227149).\n- wifi: rtw89: use struct to parse firmware header (bsc#1227149).\n- wifi: rtw89: use struct to set RA H2C command (bsc#1227149).\n- wifi: rtw89: wow: move release offload packet earlier for WoWLAN mode (bsc#1227149).\n- wifi: rtw89: wow: refine WoWLAN flows of HCI interrupts and low power mode (bsc#1227149).\n- wifi: rtw89: wow: set security engine options for 802.11ax chips only (bsc#1227149).\n- wifi: rtw89: wow: update WoWLAN reason register for different chips (bsc#1227149).\n- wifi: rtw89: wow: update WoWLAN status register for different generation (bsc#1227149).\n- wifi: rtw89: wow: update config mac function with different generation (bsc#1227149).\n- wifi: ti: wlcore: sdio: Drop unused include (bsc#1227149).\n- wifi: virt_wifi: avoid reporting connection success with wrong SSID (git-fixes).\n- wifi: virt_wifi: do not use strlen() in const context (git-fixes).\n- wifi: wcn36xx: Annotate struct wcn36xx_hal_ind_msg with __counted_by (bsc#1227149).\n- wifi: wcn36xx: Convert to platform remove callback returning void (bsc#1227149).\n- wifi: wcn36xx: remove unnecessary (void*) conversions (bsc#1227149).\n- wifi: wext: avoid extra calls to strlen() in ieee80211_bss() (bsc#1227149).\n- wifi: wfx: Use devm_kmemdup to replace devm_kmalloc + memcpy (bsc#1227149).\n- wifi: wfx: allow to send frames during ROC (bsc#1227149).\n- wifi: wfx: fix power_save setting when AP is stopped (bsc#1227149).\n- wifi: wfx: implement wfx_remain_on_channel() (bsc#1227149).\n- wifi: wfx: introduce hif_scan_uniq() (bsc#1227149).\n- wifi: wfx: move wfx_skb_*() out of the header file (bsc#1227149).\n- wifi: wfx: relocate wfx_rate_mask_to_hw() (bsc#1227149).\n- wifi: wfx: scan_lock is global to the device (bsc#1227149).\n- wifi: wfx: simplify exclusion between scan and Rx filters (bsc#1227149).\n- wifi: wil6210: fw: Replace zero-length arrays with DECLARE_FLEX_ARRAY() helper (bsc#1227149).\n- wifi: wil6210: wmi: Replace zero-length array with DECLARE_FLEX_ARRAY() helper (bsc#1227149).\n- wifi: wilc1000: Increase ASSOC response buffer (bsc#1227149).\n- wifi: wilc1000: Remove unused declarations (bsc#1227149).\n- wifi: wilc1000: add SPI commands retry mechanism (bsc#1227149).\n- wifi: wilc1000: add back-off algorithm to balance tx queue packets (bsc#1227149).\n- wifi: wilc1000: add missing read critical sections around vif list traversal (bsc#1227149).\n- wifi: wilc1000: always release SDIO host in wilc_sdio_cmd53() (bsc#1227149).\n- wifi: wilc1000: cleanup struct wilc_conn_info (bsc#1227149).\n- wifi: wilc1000: correct CRC7 calculation (bsc#1227149).\n- wifi: wilc1000: fix declarations ordering (bsc#1227149).\n- wifi: wilc1000: fix driver_handler when committing initial configuration (bsc#1227149).\n- wifi: wilc1000: fix ies_len type in connect path (git-fixes).\n- wifi: wilc1000: fix incorrect power down sequence (bsc#1227149).\n- wifi: wilc1000: remove AKM suite be32 conversion for external auth request (bsc#1227149).\n- wifi: wilc1000: remove setting msg.spi (bsc#1227149).\n- wifi: wilc1000: remove use of has_thrpt_enh3 flag (bsc#1227149).\n- wifi: wilc1000: set preamble size to auto as default in wilc_init_fw_config() (bsc#1227149).\n- wifi: wilc1000: simplify remain on channel support (bsc#1227149).\n- wifi: wilc1000: simplify wilc_scan() (bsc#1227149).\n- wifi: wilc1000: split deeply nested RCU list traversal in dedicated helper (bsc#1227149).\n- wifi: wilc1000: use SRCU instead of RCU for vif list traversal (bsc#1227149).\n- wifi: wilc1000: validate chip id during bus probe (bsc#1227149).\n- wifi: wl1251: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: wl18xx: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: wlcore: boot: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: wlcore: main: replace deprecated strncpy with strscpy (bsc#1227149).\n- wifi: wlcore: sdio: Rate limit wl12xx_sdio_raw_{read,write}() failures warns (bsc#1227149).\n- wifi: wlcore: sdio: Use module_sdio_driver macro to simplify the code (bsc#1227149).\n- wifi: zd1211rw: fix typo \"tranmits\" (bsc#1227149).\n- wifi: zd1211rw: remove __nocast from zd_addr_t (bsc#1227149).\n- wifi: zd1211rw: silence sparse warnings (bsc#1227149).\n- wireguard: netlink: access device through ctx instead of peer (git-fixes).\n- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).\n- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).\n- wlcore: spi: Remove redundant of_match_ptr() (bsc#1227149).\n- work around gcc bugs with \u0027asm goto\u0027 with outputs (git-fixes).\n- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).\n- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).\n- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).\n- x86/amd_nb: Check for invalid SMN reads (git-fixes).\n- x86/apic: Force native_apic_mem_read() to use the MOV instruction (git-fixes).\n- x86/asm: Fix build of UML with KASAN (git-fixes).\n- x86/asm: Remove the __iomem annotation of movdir64b()\u0027s dst argument (git-fixes).\n- x86/bhi: Avoid warning in #DB handler due to BHI mitigation :(git-fixes).\n- x86/boot: Ignore NMIs during very early boot (git-fixes).\n- x86/bugs: Fix BHI retpoline check (git-fixes).\n- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).\n- x86/bugs: Remove default case for fully switched enums (git-fixes).\n- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).\n- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).\n- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).\n- x86/cpu: Provide default cache line size if not enumerated (git-fixes).\n- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).\n- x86/csum: Fix clang -Wuninitialized in csum_partial() (git-fixes).\n- x86/csum: Improve performance of `csum_partial` (git-fixes).\n- x86/csum: Remove unnecessary odd handling (git-fixes).\n- x86/csum: clean up `csum_partial\u0027 further (git-fixes).\n- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).\n- x86/efistub: Call mixed mode boot services on the firmware\u0027s stack (git-fixes).\n- x86/fpu: Fix AMD X86_BUG_FXSAVE_LEAK fixup (git-fixes).\n- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).\n- x86/head/64: Move the __head definition to \u0026lt;asm/init.h\u003e (git-fixes).\n- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).\n- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).\n- x86/insn: Add VEX versions of VPDPBUSD, VPDPBUSDS, VPDPWSSD and VPDPWSSDS (git-fixes).\n- x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes).\n- x86/kconfig: Add as-instr64 macro to properly evaluate AS_WRUSS (git-fixes).\n- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).\n- x86/kexec: Fix bug with call depth tracking (git-fixes).\n- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).\n- x86/mce: Dynamically size space for machine check records (bsc#1222241).\n- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).\n- x86/mce: Mark fatal MCE\u0027s page as poison to avoid panic in the kdump kernel (git-fixes).\n- x86/nmi: Drop unused declaration of proc_nmi_enabled() (git-fixes).\n- x86/nmi: Fix the inverse \"in NMI handler\" check (git-fixes).\n- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).\n- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).\n- x86/purgatory: Switch to the position-independent small code model (git-fixes).\n- x86/resctrl: Read supported bandwidth sources from CPUID (git-fixes).\n- x86/resctrl: Remove redundant variable in mbm_config_write_domain() (git-fixes).\n- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).\n- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).\n- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).\n- x86/sev: Fix position dependent variable references in startup code (git-fixes).\n- x86/shstk: Make return uprobe work with shadow stack (git-fixes).\n- x86/speculation, objtool: Use absolute relocations for annotations (git-fixes).\n- x86/srso: Disentangle rethunk-dependent options (git-fixes).\n- x86/srso: Fix unret validation dependencies (git-fixes).\n- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).\n- x86/srso: Print actual mitigation if requested mitigation isn\u0027t possible (git-fixes).\n- x86/srso: Remove \u0027pred_cmd\u0027 label (git-fixes).\n- x86/srso: Unexport untraining functions (git-fixes).\n- x86/tdx: Preserve shared bit on mprotect() (git-fixes).\n- x86/tsc: Trust initial offset in architectural TSC-adjust MSRs (bsc#1222015 bsc#1226962).\n- x86/uaccess: Fix missed zeroing of ia32 u64 get_user() range checking (git-fixes).\n- x86/xen: Add some null pointer checking to smp.c (git-fixes).\n- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).\n- x86: Stop using weak symbols for __iowrite32_copy() (bsc#1226502)\n- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).\n- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).\n- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).\n- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).\n- xen/events: increment refcnt only if event channel is refcounted (git-fixes).\n- xen/events: modify internal [un]bind interfaces (git-fixes).\n- xen/events: reduce externally visible helper functions (git-fixes).\n- xen/events: remove some simple helpers from events_base.c (git-fixes).\n- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).\n- xen/x86: add extra pages to unpopulated-alloc if available (git-fixes).\n- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).\n- xfs: Add cond_resched to block unmap range and reflink remap path (bsc#1228211).\n- xfs: add lock protection when remove perag from radix tree (git-fixes).\n- xfs: allow extent free intents to be retried (git-fixes).\n- xfs: fix perag leak when growfs fails (git-fixes).\n- xfs: force all buffers to be written during btree bulk load (git-fixes).\n- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).\n- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).\n- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).\n- xfs: transfer recovered intent item ownership in -\u003eiop_recover (git-fixes).\n- xfs: use roundup_pow_of_two instead of ffs during xlog_find_tail (git-fixes).\n- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).\n- xhci: Apply broken streams quirk to Etron EJ188 xHCI host (stable-fixes).\n- xhci: Apply reset resume quirk to Etron EJ188 xHCI host (stable-fixes).\n- xhci: Handle TD clearing for multiple streams case (git-fixes).\n- xhci: Set correct transferred length for cancelled bulk transfers (stable-fixes).\n- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).\n- xhci: add helper that checks for unhandled events on a event ring (git-fixes).\n- xhci: always resume roothubs if xHC was reset during resume (stable-fixes).\n- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).\n- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-14",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_20008-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:20008-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-202520008-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:20008-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-June/021398.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1141539",
"url": "https://bugzilla.suse.com/1141539"
},
{
"category": "self",
"summary": "SUSE Bug 1181674",
"url": "https://bugzilla.suse.com/1181674"
},
{
"category": "self",
"summary": "SUSE Bug 1186716",
"url": "https://bugzilla.suse.com/1186716"
},
{
"category": "self",
"summary": "SUSE Bug 1187716",
"url": "https://bugzilla.suse.com/1187716"
},
{
"category": "self",
"summary": "SUSE Bug 1193599",
"url": "https://bugzilla.suse.com/1193599"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1195775",
"url": "https://bugzilla.suse.com/1195775"
},
{
"category": "self",
"summary": "SUSE Bug 1204562",
"url": "https://bugzilla.suse.com/1204562"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1208593",
"url": "https://bugzilla.suse.com/1208593"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1209834",
"url": "https://bugzilla.suse.com/1209834"
},
{
"category": "self",
"summary": "SUSE Bug 1213573",
"url": "https://bugzilla.suse.com/1213573"
},
{
"category": "self",
"summary": "SUSE Bug 1214852",
"url": "https://bugzilla.suse.com/1214852"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1215587",
"url": "https://bugzilla.suse.com/1215587"
},
{
"category": "self",
"summary": "SUSE Bug 1216196",
"url": "https://bugzilla.suse.com/1216196"
},
{
"category": "self",
"summary": "SUSE Bug 1216358",
"url": "https://bugzilla.suse.com/1216358"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1217169",
"url": "https://bugzilla.suse.com/1217169"
},
{
"category": "self",
"summary": "SUSE Bug 1217384",
"url": "https://bugzilla.suse.com/1217384"
},
{
"category": "self",
"summary": "SUSE Bug 1217408",
"url": "https://bugzilla.suse.com/1217408"
},
{
"category": "self",
"summary": "SUSE Bug 1217481",
"url": "https://bugzilla.suse.com/1217481"
},
{
"category": "self",
"summary": "SUSE Bug 1217489",
"url": "https://bugzilla.suse.com/1217489"
},
{
"category": "self",
"summary": "SUSE Bug 1217750",
"url": "https://bugzilla.suse.com/1217750"
},
{
"category": "self",
"summary": "SUSE Bug 1217912",
"url": "https://bugzilla.suse.com/1217912"
},
{
"category": "self",
"summary": "SUSE Bug 1217959",
"url": "https://bugzilla.suse.com/1217959"
},
{
"category": "self",
"summary": "SUSE Bug 1218205",
"url": "https://bugzilla.suse.com/1218205"
},
{
"category": "self",
"summary": "SUSE Bug 1218336",
"url": "https://bugzilla.suse.com/1218336"
},
{
"category": "self",
"summary": "SUSE Bug 1218442",
"url": "https://bugzilla.suse.com/1218442"
},
{
"category": "self",
"summary": "SUSE Bug 1218447",
"url": "https://bugzilla.suse.com/1218447"
},
{
"category": "self",
"summary": "SUSE Bug 1218562",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "self",
"summary": "SUSE Bug 1218730",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "self",
"summary": "SUSE Bug 1218779",
"url": "https://bugzilla.suse.com/1218779"
},
{
"category": "self",
"summary": "SUSE Bug 1218820",
"url": "https://bugzilla.suse.com/1218820"
},
{
"category": "self",
"summary": "SUSE Bug 1218917",
"url": "https://bugzilla.suse.com/1218917"
},
{
"category": "self",
"summary": "SUSE Bug 1219104",
"url": "https://bugzilla.suse.com/1219104"
},
{
"category": "self",
"summary": "SUSE Bug 1219170",
"url": "https://bugzilla.suse.com/1219170"
},
{
"category": "self",
"summary": "SUSE Bug 1219224",
"url": "https://bugzilla.suse.com/1219224"
},
{
"category": "self",
"summary": "SUSE Bug 1219451",
"url": "https://bugzilla.suse.com/1219451"
},
{
"category": "self",
"summary": "SUSE Bug 1219478",
"url": "https://bugzilla.suse.com/1219478"
},
{
"category": "self",
"summary": "SUSE Bug 1219485",
"url": "https://bugzilla.suse.com/1219485"
},
{
"category": "self",
"summary": "SUSE Bug 1219596",
"url": "https://bugzilla.suse.com/1219596"
},
{
"category": "self",
"summary": "SUSE Bug 1219623",
"url": "https://bugzilla.suse.com/1219623"
},
{
"category": "self",
"summary": "SUSE Bug 1219633",
"url": "https://bugzilla.suse.com/1219633"
},
{
"category": "self",
"summary": "SUSE Bug 1219832",
"url": "https://bugzilla.suse.com/1219832"
},
{
"category": "self",
"summary": "SUSE Bug 1219834",
"url": "https://bugzilla.suse.com/1219834"
},
{
"category": "self",
"summary": "SUSE Bug 1219847",
"url": "https://bugzilla.suse.com/1219847"
},
{
"category": "self",
"summary": "SUSE Bug 1219953",
"url": "https://bugzilla.suse.com/1219953"
},
{
"category": "self",
"summary": "SUSE Bug 1220021",
"url": "https://bugzilla.suse.com/1220021"
},
{
"category": "self",
"summary": "SUSE Bug 1220045",
"url": "https://bugzilla.suse.com/1220045"
},
{
"category": "self",
"summary": "SUSE Bug 1220120",
"url": "https://bugzilla.suse.com/1220120"
},
{
"category": "self",
"summary": "SUSE Bug 1220138",
"url": "https://bugzilla.suse.com/1220138"
},
{
"category": "self",
"summary": "SUSE Bug 1220148",
"url": "https://bugzilla.suse.com/1220148"
},
{
"category": "self",
"summary": "SUSE Bug 1220328",
"url": "https://bugzilla.suse.com/1220328"
},
{
"category": "self",
"summary": "SUSE Bug 1220342",
"url": "https://bugzilla.suse.com/1220342"
},
{
"category": "self",
"summary": "SUSE Bug 1220427",
"url": "https://bugzilla.suse.com/1220427"
},
{
"category": "self",
"summary": "SUSE Bug 1220428",
"url": "https://bugzilla.suse.com/1220428"
},
{
"category": "self",
"summary": "SUSE Bug 1220430",
"url": "https://bugzilla.suse.com/1220430"
},
{
"category": "self",
"summary": "SUSE Bug 1220569",
"url": "https://bugzilla.suse.com/1220569"
},
{
"category": "self",
"summary": "SUSE Bug 1220587",
"url": "https://bugzilla.suse.com/1220587"
},
{
"category": "self",
"summary": "SUSE Bug 1220738",
"url": "https://bugzilla.suse.com/1220738"
},
{
"category": "self",
"summary": "SUSE Bug 1220783",
"url": "https://bugzilla.suse.com/1220783"
},
{
"category": "self",
"summary": "SUSE Bug 1220915",
"url": "https://bugzilla.suse.com/1220915"
},
{
"category": "self",
"summary": "SUSE Bug 1220942",
"url": "https://bugzilla.suse.com/1220942"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221057",
"url": "https://bugzilla.suse.com/1221057"
},
{
"category": "self",
"summary": "SUSE Bug 1221086",
"url": "https://bugzilla.suse.com/1221086"
},
{
"category": "self",
"summary": "SUSE Bug 1221293",
"url": "https://bugzilla.suse.com/1221293"
},
{
"category": "self",
"summary": "SUSE Bug 1221303",
"url": "https://bugzilla.suse.com/1221303"
},
{
"category": "self",
"summary": "SUSE Bug 1221504",
"url": "https://bugzilla.suse.com/1221504"
},
{
"category": "self",
"summary": "SUSE Bug 1221612",
"url": "https://bugzilla.suse.com/1221612"
},
{
"category": "self",
"summary": "SUSE Bug 1221615",
"url": "https://bugzilla.suse.com/1221615"
},
{
"category": "self",
"summary": "SUSE Bug 1221635",
"url": "https://bugzilla.suse.com/1221635"
},
{
"category": "self",
"summary": "SUSE Bug 1221645",
"url": "https://bugzilla.suse.com/1221645"
},
{
"category": "self",
"summary": "SUSE Bug 1221647",
"url": "https://bugzilla.suse.com/1221647"
},
{
"category": "self",
"summary": "SUSE Bug 1221649",
"url": "https://bugzilla.suse.com/1221649"
},
{
"category": "self",
"summary": "SUSE Bug 1221654",
"url": "https://bugzilla.suse.com/1221654"
},
{
"category": "self",
"summary": "SUSE Bug 1221656",
"url": "https://bugzilla.suse.com/1221656"
},
{
"category": "self",
"summary": "SUSE Bug 1221659",
"url": "https://bugzilla.suse.com/1221659"
},
{
"category": "self",
"summary": "SUSE Bug 1221765",
"url": "https://bugzilla.suse.com/1221765"
},
{
"category": "self",
"summary": "SUSE Bug 1221777",
"url": "https://bugzilla.suse.com/1221777"
},
{
"category": "self",
"summary": "SUSE Bug 1221783",
"url": "https://bugzilla.suse.com/1221783"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1221829",
"url": "https://bugzilla.suse.com/1221829"
},
{
"category": "self",
"summary": "SUSE Bug 1221830",
"url": "https://bugzilla.suse.com/1221830"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1221958",
"url": "https://bugzilla.suse.com/1221958"
},
{
"category": "self",
"summary": "SUSE Bug 1222011",
"url": "https://bugzilla.suse.com/1222011"
},
{
"category": "self",
"summary": "SUSE Bug 1222015",
"url": "https://bugzilla.suse.com/1222015"
},
{
"category": "self",
"summary": "SUSE Bug 1222080",
"url": "https://bugzilla.suse.com/1222080"
},
{
"category": "self",
"summary": "SUSE Bug 1222173",
"url": "https://bugzilla.suse.com/1222173"
},
{
"category": "self",
"summary": "SUSE Bug 1222241",
"url": "https://bugzilla.suse.com/1222241"
},
{
"category": "self",
"summary": "SUSE Bug 1222264",
"url": "https://bugzilla.suse.com/1222264"
},
{
"category": "self",
"summary": "SUSE Bug 1222273",
"url": "https://bugzilla.suse.com/1222273"
},
{
"category": "self",
"summary": "SUSE Bug 1222294",
"url": "https://bugzilla.suse.com/1222294"
},
{
"category": "self",
"summary": "SUSE Bug 1222301",
"url": "https://bugzilla.suse.com/1222301"
},
{
"category": "self",
"summary": "SUSE Bug 1222303",
"url": "https://bugzilla.suse.com/1222303"
},
{
"category": "self",
"summary": "SUSE Bug 1222304",
"url": "https://bugzilla.suse.com/1222304"
},
{
"category": "self",
"summary": "SUSE Bug 1222307",
"url": "https://bugzilla.suse.com/1222307"
},
{
"category": "self",
"summary": "SUSE Bug 1222326",
"url": "https://bugzilla.suse.com/1222326"
},
{
"category": "self",
"summary": "SUSE Bug 1222328",
"url": "https://bugzilla.suse.com/1222328"
},
{
"category": "self",
"summary": "SUSE Bug 1222357",
"url": "https://bugzilla.suse.com/1222357"
},
{
"category": "self",
"summary": "SUSE Bug 1222366",
"url": "https://bugzilla.suse.com/1222366"
},
{
"category": "self",
"summary": "SUSE Bug 1222368",
"url": "https://bugzilla.suse.com/1222368"
},
{
"category": "self",
"summary": "SUSE Bug 1222371",
"url": "https://bugzilla.suse.com/1222371"
},
{
"category": "self",
"summary": "SUSE Bug 1222378",
"url": "https://bugzilla.suse.com/1222378"
},
{
"category": "self",
"summary": "SUSE Bug 1222380",
"url": "https://bugzilla.suse.com/1222380"
},
{
"category": "self",
"summary": "SUSE Bug 1222385",
"url": "https://bugzilla.suse.com/1222385"
},
{
"category": "self",
"summary": "SUSE Bug 1222422",
"url": "https://bugzilla.suse.com/1222422"
},
{
"category": "self",
"summary": "SUSE Bug 1222426",
"url": "https://bugzilla.suse.com/1222426"
},
{
"category": "self",
"summary": "SUSE Bug 1222428",
"url": "https://bugzilla.suse.com/1222428"
},
{
"category": "self",
"summary": "SUSE Bug 1222437",
"url": "https://bugzilla.suse.com/1222437"
},
{
"category": "self",
"summary": "SUSE Bug 1222438",
"url": "https://bugzilla.suse.com/1222438"
},
{
"category": "self",
"summary": "SUSE Bug 1222445",
"url": "https://bugzilla.suse.com/1222445"
},
{
"category": "self",
"summary": "SUSE Bug 1222459",
"url": "https://bugzilla.suse.com/1222459"
},
{
"category": "self",
"summary": "SUSE Bug 1222463",
"url": "https://bugzilla.suse.com/1222463"
},
{
"category": "self",
"summary": "SUSE Bug 1222464",
"url": "https://bugzilla.suse.com/1222464"
},
{
"category": "self",
"summary": "SUSE Bug 1222489",
"url": "https://bugzilla.suse.com/1222489"
},
{
"category": "self",
"summary": "SUSE Bug 1222522",
"url": "https://bugzilla.suse.com/1222522"
},
{
"category": "self",
"summary": "SUSE Bug 1222525",
"url": "https://bugzilla.suse.com/1222525"
},
{
"category": "self",
"summary": "SUSE Bug 1222532",
"url": "https://bugzilla.suse.com/1222532"
},
{
"category": "self",
"summary": "SUSE Bug 1222557",
"url": "https://bugzilla.suse.com/1222557"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222563",
"url": "https://bugzilla.suse.com/1222563"
},
{
"category": "self",
"summary": "SUSE Bug 1222585",
"url": "https://bugzilla.suse.com/1222585"
},
{
"category": "self",
"summary": "SUSE Bug 1222588",
"url": "https://bugzilla.suse.com/1222588"
},
{
"category": "self",
"summary": "SUSE Bug 1222596",
"url": "https://bugzilla.suse.com/1222596"
},
{
"category": "self",
"summary": "SUSE Bug 1222606",
"url": "https://bugzilla.suse.com/1222606"
},
{
"category": "self",
"summary": "SUSE Bug 1222608",
"url": "https://bugzilla.suse.com/1222608"
},
{
"category": "self",
"summary": "SUSE Bug 1222613",
"url": "https://bugzilla.suse.com/1222613"
},
{
"category": "self",
"summary": "SUSE Bug 1222615",
"url": "https://bugzilla.suse.com/1222615"
},
{
"category": "self",
"summary": "SUSE Bug 1222617",
"url": "https://bugzilla.suse.com/1222617"
},
{
"category": "self",
"summary": "SUSE Bug 1222618",
"url": "https://bugzilla.suse.com/1222618"
},
{
"category": "self",
"summary": "SUSE Bug 1222619",
"url": "https://bugzilla.suse.com/1222619"
},
{
"category": "self",
"summary": "SUSE Bug 1222622",
"url": "https://bugzilla.suse.com/1222622"
},
{
"category": "self",
"summary": "SUSE Bug 1222624",
"url": "https://bugzilla.suse.com/1222624"
},
{
"category": "self",
"summary": "SUSE Bug 1222627",
"url": "https://bugzilla.suse.com/1222627"
},
{
"category": "self",
"summary": "SUSE Bug 1222630",
"url": "https://bugzilla.suse.com/1222630"
},
{
"category": "self",
"summary": "SUSE Bug 1222635",
"url": "https://bugzilla.suse.com/1222635"
},
{
"category": "self",
"summary": "SUSE Bug 1222654",
"url": "https://bugzilla.suse.com/1222654"
},
{
"category": "self",
"summary": "SUSE Bug 1222721",
"url": "https://bugzilla.suse.com/1222721"
},
{
"category": "self",
"summary": "SUSE Bug 1222727",
"url": "https://bugzilla.suse.com/1222727"
},
{
"category": "self",
"summary": "SUSE Bug 1222768",
"url": "https://bugzilla.suse.com/1222768"
},
{
"category": "self",
"summary": "SUSE Bug 1222769",
"url": "https://bugzilla.suse.com/1222769"
},
{
"category": "self",
"summary": "SUSE Bug 1222771",
"url": "https://bugzilla.suse.com/1222771"
},
{
"category": "self",
"summary": "SUSE Bug 1222775",
"url": "https://bugzilla.suse.com/1222775"
},
{
"category": "self",
"summary": "SUSE Bug 1222777",
"url": "https://bugzilla.suse.com/1222777"
},
{
"category": "self",
"summary": "SUSE Bug 1222779",
"url": "https://bugzilla.suse.com/1222779"
},
{
"category": "self",
"summary": "SUSE Bug 1222780",
"url": "https://bugzilla.suse.com/1222780"
},
{
"category": "self",
"summary": "SUSE Bug 1222782",
"url": "https://bugzilla.suse.com/1222782"
},
{
"category": "self",
"summary": "SUSE Bug 1222793",
"url": "https://bugzilla.suse.com/1222793"
},
{
"category": "self",
"summary": "SUSE Bug 1222799",
"url": "https://bugzilla.suse.com/1222799"
},
{
"category": "self",
"summary": "SUSE Bug 1222801",
"url": "https://bugzilla.suse.com/1222801"
},
{
"category": "self",
"summary": "SUSE Bug 1222809",
"url": "https://bugzilla.suse.com/1222809"
},
{
"category": "self",
"summary": "SUSE Bug 1222810",
"url": "https://bugzilla.suse.com/1222810"
},
{
"category": "self",
"summary": "SUSE Bug 1222893",
"url": "https://bugzilla.suse.com/1222893"
},
{
"category": "self",
"summary": "SUSE Bug 1222968",
"url": "https://bugzilla.suse.com/1222968"
},
{
"category": "self",
"summary": "SUSE Bug 1223007",
"url": "https://bugzilla.suse.com/1223007"
},
{
"category": "self",
"summary": "SUSE Bug 1223010",
"url": "https://bugzilla.suse.com/1223010"
},
{
"category": "self",
"summary": "SUSE Bug 1223011",
"url": "https://bugzilla.suse.com/1223011"
},
{
"category": "self",
"summary": "SUSE Bug 1223015",
"url": "https://bugzilla.suse.com/1223015"
},
{
"category": "self",
"summary": "SUSE Bug 1223016",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "self",
"summary": "SUSE Bug 1223018",
"url": "https://bugzilla.suse.com/1223018"
},
{
"category": "self",
"summary": "SUSE Bug 1223020",
"url": "https://bugzilla.suse.com/1223020"
},
{
"category": "self",
"summary": "SUSE Bug 1223021",
"url": "https://bugzilla.suse.com/1223021"
},
{
"category": "self",
"summary": "SUSE Bug 1223023",
"url": "https://bugzilla.suse.com/1223023"
},
{
"category": "self",
"summary": "SUSE Bug 1223024",
"url": "https://bugzilla.suse.com/1223024"
},
{
"category": "self",
"summary": "SUSE Bug 1223033",
"url": "https://bugzilla.suse.com/1223033"
},
{
"category": "self",
"summary": "SUSE Bug 1223034",
"url": "https://bugzilla.suse.com/1223034"
},
{
"category": "self",
"summary": "SUSE Bug 1223035",
"url": "https://bugzilla.suse.com/1223035"
},
{
"category": "self",
"summary": "SUSE Bug 1223038",
"url": "https://bugzilla.suse.com/1223038"
},
{
"category": "self",
"summary": "SUSE Bug 1223039",
"url": "https://bugzilla.suse.com/1223039"
},
{
"category": "self",
"summary": "SUSE Bug 1223041",
"url": "https://bugzilla.suse.com/1223041"
},
{
"category": "self",
"summary": "SUSE Bug 1223045",
"url": "https://bugzilla.suse.com/1223045"
},
{
"category": "self",
"summary": "SUSE Bug 1223046",
"url": "https://bugzilla.suse.com/1223046"
},
{
"category": "self",
"summary": "SUSE Bug 1223051",
"url": "https://bugzilla.suse.com/1223051"
},
{
"category": "self",
"summary": "SUSE Bug 1223052",
"url": "https://bugzilla.suse.com/1223052"
},
{
"category": "self",
"summary": "SUSE Bug 1223058",
"url": "https://bugzilla.suse.com/1223058"
},
{
"category": "self",
"summary": "SUSE Bug 1223060",
"url": "https://bugzilla.suse.com/1223060"
},
{
"category": "self",
"summary": "SUSE Bug 1223061",
"url": "https://bugzilla.suse.com/1223061"
},
{
"category": "self",
"summary": "SUSE Bug 1223062",
"url": "https://bugzilla.suse.com/1223062"
},
{
"category": "self",
"summary": "SUSE Bug 1223076",
"url": "https://bugzilla.suse.com/1223076"
},
{
"category": "self",
"summary": "SUSE Bug 1223077",
"url": "https://bugzilla.suse.com/1223077"
},
{
"category": "self",
"summary": "SUSE Bug 1223084",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "self",
"summary": "SUSE Bug 1223111",
"url": "https://bugzilla.suse.com/1223111"
},
{
"category": "self",
"summary": "SUSE Bug 1223113",
"url": "https://bugzilla.suse.com/1223113"
},
{
"category": "self",
"summary": "SUSE Bug 1223138",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "self",
"summary": "SUSE Bug 1223143",
"url": "https://bugzilla.suse.com/1223143"
},
{
"category": "self",
"summary": "SUSE Bug 1223187",
"url": "https://bugzilla.suse.com/1223187"
},
{
"category": "self",
"summary": "SUSE Bug 1223189",
"url": "https://bugzilla.suse.com/1223189"
},
{
"category": "self",
"summary": "SUSE Bug 1223190",
"url": "https://bugzilla.suse.com/1223190"
},
{
"category": "self",
"summary": "SUSE Bug 1223191",
"url": "https://bugzilla.suse.com/1223191"
},
{
"category": "self",
"summary": "SUSE Bug 1223198",
"url": "https://bugzilla.suse.com/1223198"
},
{
"category": "self",
"summary": "SUSE Bug 1223202",
"url": "https://bugzilla.suse.com/1223202"
},
{
"category": "self",
"summary": "SUSE Bug 1223265",
"url": "https://bugzilla.suse.com/1223265"
},
{
"category": "self",
"summary": "SUSE Bug 1223285",
"url": "https://bugzilla.suse.com/1223285"
},
{
"category": "self",
"summary": "SUSE Bug 1223315",
"url": "https://bugzilla.suse.com/1223315"
},
{
"category": "self",
"summary": "SUSE Bug 1223338",
"url": "https://bugzilla.suse.com/1223338"
},
{
"category": "self",
"summary": "SUSE Bug 1223369",
"url": "https://bugzilla.suse.com/1223369"
},
{
"category": "self",
"summary": "SUSE Bug 1223380",
"url": "https://bugzilla.suse.com/1223380"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223390",
"url": "https://bugzilla.suse.com/1223390"
},
{
"category": "self",
"summary": "SUSE Bug 1223439",
"url": "https://bugzilla.suse.com/1223439"
},
{
"category": "self",
"summary": "SUSE Bug 1223462",
"url": "https://bugzilla.suse.com/1223462"
},
{
"category": "self",
"summary": "SUSE Bug 1223532",
"url": "https://bugzilla.suse.com/1223532"
},
{
"category": "self",
"summary": "SUSE Bug 1223539",
"url": "https://bugzilla.suse.com/1223539"
},
{
"category": "self",
"summary": "SUSE Bug 1223570",
"url": "https://bugzilla.suse.com/1223570"
},
{
"category": "self",
"summary": "SUSE Bug 1223575",
"url": "https://bugzilla.suse.com/1223575"
},
{
"category": "self",
"summary": "SUSE Bug 1223590",
"url": "https://bugzilla.suse.com/1223590"
},
{
"category": "self",
"summary": "SUSE Bug 1223591",
"url": "https://bugzilla.suse.com/1223591"
},
{
"category": "self",
"summary": "SUSE Bug 1223592",
"url": "https://bugzilla.suse.com/1223592"
},
{
"category": "self",
"summary": "SUSE Bug 1223593",
"url": "https://bugzilla.suse.com/1223593"
},
{
"category": "self",
"summary": "SUSE Bug 1223625",
"url": "https://bugzilla.suse.com/1223625"
},
{
"category": "self",
"summary": "SUSE Bug 1223626",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "self",
"summary": "SUSE Bug 1223627",
"url": "https://bugzilla.suse.com/1223627"
},
{
"category": "self",
"summary": "SUSE Bug 1223629",
"url": "https://bugzilla.suse.com/1223629"
},
{
"category": "self",
"summary": "SUSE Bug 1223631",
"url": "https://bugzilla.suse.com/1223631"
},
{
"category": "self",
"summary": "SUSE Bug 1223632",
"url": "https://bugzilla.suse.com/1223632"
},
{
"category": "self",
"summary": "SUSE Bug 1223633",
"url": "https://bugzilla.suse.com/1223633"
},
{
"category": "self",
"summary": "SUSE Bug 1223634",
"url": "https://bugzilla.suse.com/1223634"
},
{
"category": "self",
"summary": "SUSE Bug 1223637",
"url": "https://bugzilla.suse.com/1223637"
},
{
"category": "self",
"summary": "SUSE Bug 1223638",
"url": "https://bugzilla.suse.com/1223638"
},
{
"category": "self",
"summary": "SUSE Bug 1223641",
"url": "https://bugzilla.suse.com/1223641"
},
{
"category": "self",
"summary": "SUSE Bug 1223642",
"url": "https://bugzilla.suse.com/1223642"
},
{
"category": "self",
"summary": "SUSE Bug 1223643",
"url": "https://bugzilla.suse.com/1223643"
},
{
"category": "self",
"summary": "SUSE Bug 1223644",
"url": "https://bugzilla.suse.com/1223644"
},
{
"category": "self",
"summary": "SUSE Bug 1223645",
"url": "https://bugzilla.suse.com/1223645"
},
{
"category": "self",
"summary": "SUSE Bug 1223646",
"url": "https://bugzilla.suse.com/1223646"
},
{
"category": "self",
"summary": "SUSE Bug 1223648",
"url": "https://bugzilla.suse.com/1223648"
},
{
"category": "self",
"summary": "SUSE Bug 1223649",
"url": "https://bugzilla.suse.com/1223649"
},
{
"category": "self",
"summary": "SUSE Bug 1223650",
"url": "https://bugzilla.suse.com/1223650"
},
{
"category": "self",
"summary": "SUSE Bug 1223651",
"url": "https://bugzilla.suse.com/1223651"
},
{
"category": "self",
"summary": "SUSE Bug 1223652",
"url": "https://bugzilla.suse.com/1223652"
},
{
"category": "self",
"summary": "SUSE Bug 1223653",
"url": "https://bugzilla.suse.com/1223653"
},
{
"category": "self",
"summary": "SUSE Bug 1223654",
"url": "https://bugzilla.suse.com/1223654"
},
{
"category": "self",
"summary": "SUSE Bug 1223655",
"url": "https://bugzilla.suse.com/1223655"
},
{
"category": "self",
"summary": "SUSE Bug 1223657",
"url": "https://bugzilla.suse.com/1223657"
},
{
"category": "self",
"summary": "SUSE Bug 1223660",
"url": "https://bugzilla.suse.com/1223660"
},
{
"category": "self",
"summary": "SUSE Bug 1223661",
"url": "https://bugzilla.suse.com/1223661"
},
{
"category": "self",
"summary": "SUSE Bug 1223663",
"url": "https://bugzilla.suse.com/1223663"
},
{
"category": "self",
"summary": "SUSE Bug 1223664",
"url": "https://bugzilla.suse.com/1223664"
},
{
"category": "self",
"summary": "SUSE Bug 1223665",
"url": "https://bugzilla.suse.com/1223665"
},
{
"category": "self",
"summary": "SUSE Bug 1223666",
"url": "https://bugzilla.suse.com/1223666"
},
{
"category": "self",
"summary": "SUSE Bug 1223667",
"url": "https://bugzilla.suse.com/1223667"
},
{
"category": "self",
"summary": "SUSE Bug 1223668",
"url": "https://bugzilla.suse.com/1223668"
},
{
"category": "self",
"summary": "SUSE Bug 1223669",
"url": "https://bugzilla.suse.com/1223669"
},
{
"category": "self",
"summary": "SUSE Bug 1223670",
"url": "https://bugzilla.suse.com/1223670"
},
{
"category": "self",
"summary": "SUSE Bug 1223671",
"url": "https://bugzilla.suse.com/1223671"
},
{
"category": "self",
"summary": "SUSE Bug 1223675",
"url": "https://bugzilla.suse.com/1223675"
},
{
"category": "self",
"summary": "SUSE Bug 1223677",
"url": "https://bugzilla.suse.com/1223677"
},
{
"category": "self",
"summary": "SUSE Bug 1223678",
"url": "https://bugzilla.suse.com/1223678"
},
{
"category": "self",
"summary": "SUSE Bug 1223679",
"url": "https://bugzilla.suse.com/1223679"
},
{
"category": "self",
"summary": "SUSE Bug 1223686",
"url": "https://bugzilla.suse.com/1223686"
},
{
"category": "self",
"summary": "SUSE Bug 1223692",
"url": "https://bugzilla.suse.com/1223692"
},
{
"category": "self",
"summary": "SUSE Bug 1223693",
"url": "https://bugzilla.suse.com/1223693"
},
{
"category": "self",
"summary": "SUSE Bug 1223695",
"url": "https://bugzilla.suse.com/1223695"
},
{
"category": "self",
"summary": "SUSE Bug 1223696",
"url": "https://bugzilla.suse.com/1223696"
},
{
"category": "self",
"summary": "SUSE Bug 1223698",
"url": "https://bugzilla.suse.com/1223698"
},
{
"category": "self",
"summary": "SUSE Bug 1223699",
"url": "https://bugzilla.suse.com/1223699"
},
{
"category": "self",
"summary": "SUSE Bug 1223705",
"url": "https://bugzilla.suse.com/1223705"
},
{
"category": "self",
"summary": "SUSE Bug 1223709",
"url": "https://bugzilla.suse.com/1223709"
},
{
"category": "self",
"summary": "SUSE Bug 1223711",
"url": "https://bugzilla.suse.com/1223711"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223714",
"url": "https://bugzilla.suse.com/1223714"
},
{
"category": "self",
"summary": "SUSE Bug 1223715",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "self",
"summary": "SUSE Bug 1223717",
"url": "https://bugzilla.suse.com/1223717"
},
{
"category": "self",
"summary": "SUSE Bug 1223718",
"url": "https://bugzilla.suse.com/1223718"
},
{
"category": "self",
"summary": "SUSE Bug 1223723",
"url": "https://bugzilla.suse.com/1223723"
},
{
"category": "self",
"summary": "SUSE Bug 1223725",
"url": "https://bugzilla.suse.com/1223725"
},
{
"category": "self",
"summary": "SUSE Bug 1223728",
"url": "https://bugzilla.suse.com/1223728"
},
{
"category": "self",
"summary": "SUSE Bug 1223731",
"url": "https://bugzilla.suse.com/1223731"
},
{
"category": "self",
"summary": "SUSE Bug 1223732",
"url": "https://bugzilla.suse.com/1223732"
},
{
"category": "self",
"summary": "SUSE Bug 1223734",
"url": "https://bugzilla.suse.com/1223734"
},
{
"category": "self",
"summary": "SUSE Bug 1223735",
"url": "https://bugzilla.suse.com/1223735"
},
{
"category": "self",
"summary": "SUSE Bug 1223737",
"url": "https://bugzilla.suse.com/1223737"
},
{
"category": "self",
"summary": "SUSE Bug 1223738",
"url": "https://bugzilla.suse.com/1223738"
},
{
"category": "self",
"summary": "SUSE Bug 1223739",
"url": "https://bugzilla.suse.com/1223739"
},
{
"category": "self",
"summary": "SUSE Bug 1223740",
"url": "https://bugzilla.suse.com/1223740"
},
{
"category": "self",
"summary": "SUSE Bug 1223741",
"url": "https://bugzilla.suse.com/1223741"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223745",
"url": "https://bugzilla.suse.com/1223745"
},
{
"category": "self",
"summary": "SUSE Bug 1223747",
"url": "https://bugzilla.suse.com/1223747"
},
{
"category": "self",
"summary": "SUSE Bug 1223748",
"url": "https://bugzilla.suse.com/1223748"
},
{
"category": "self",
"summary": "SUSE Bug 1223749",
"url": "https://bugzilla.suse.com/1223749"
},
{
"category": "self",
"summary": "SUSE Bug 1223750",
"url": "https://bugzilla.suse.com/1223750"
},
{
"category": "self",
"summary": "SUSE Bug 1223752",
"url": "https://bugzilla.suse.com/1223752"
},
{
"category": "self",
"summary": "SUSE Bug 1223754",
"url": "https://bugzilla.suse.com/1223754"
},
{
"category": "self",
"summary": "SUSE Bug 1223756",
"url": "https://bugzilla.suse.com/1223756"
},
{
"category": "self",
"summary": "SUSE Bug 1223757",
"url": "https://bugzilla.suse.com/1223757"
},
{
"category": "self",
"summary": "SUSE Bug 1223759",
"url": "https://bugzilla.suse.com/1223759"
},
{
"category": "self",
"summary": "SUSE Bug 1223760",
"url": "https://bugzilla.suse.com/1223760"
},
{
"category": "self",
"summary": "SUSE Bug 1223761",
"url": "https://bugzilla.suse.com/1223761"
},
{
"category": "self",
"summary": "SUSE Bug 1223762",
"url": "https://bugzilla.suse.com/1223762"
},
{
"category": "self",
"summary": "SUSE Bug 1223764",
"url": "https://bugzilla.suse.com/1223764"
},
{
"category": "self",
"summary": "SUSE Bug 1223765",
"url": "https://bugzilla.suse.com/1223765"
},
{
"category": "self",
"summary": "SUSE Bug 1223768",
"url": "https://bugzilla.suse.com/1223768"
},
{
"category": "self",
"summary": "SUSE Bug 1223769",
"url": "https://bugzilla.suse.com/1223769"
},
{
"category": "self",
"summary": "SUSE Bug 1223770",
"url": "https://bugzilla.suse.com/1223770"
},
{
"category": "self",
"summary": "SUSE Bug 1223774",
"url": "https://bugzilla.suse.com/1223774"
},
{
"category": "self",
"summary": "SUSE Bug 1223776",
"url": "https://bugzilla.suse.com/1223776"
},
{
"category": "self",
"summary": "SUSE Bug 1223778",
"url": "https://bugzilla.suse.com/1223778"
},
{
"category": "self",
"summary": "SUSE Bug 1223779",
"url": "https://bugzilla.suse.com/1223779"
},
{
"category": "self",
"summary": "SUSE Bug 1223780",
"url": "https://bugzilla.suse.com/1223780"
},
{
"category": "self",
"summary": "SUSE Bug 1223781",
"url": "https://bugzilla.suse.com/1223781"
},
{
"category": "self",
"summary": "SUSE Bug 1223782",
"url": "https://bugzilla.suse.com/1223782"
},
{
"category": "self",
"summary": "SUSE Bug 1223787",
"url": "https://bugzilla.suse.com/1223787"
},
{
"category": "self",
"summary": "SUSE Bug 1223788",
"url": "https://bugzilla.suse.com/1223788"
},
{
"category": "self",
"summary": "SUSE Bug 1223789",
"url": "https://bugzilla.suse.com/1223789"
},
{
"category": "self",
"summary": "SUSE Bug 1223790",
"url": "https://bugzilla.suse.com/1223790"
},
{
"category": "self",
"summary": "SUSE Bug 1223802",
"url": "https://bugzilla.suse.com/1223802"
},
{
"category": "self",
"summary": "SUSE Bug 1223804",
"url": "https://bugzilla.suse.com/1223804"
},
{
"category": "self",
"summary": "SUSE Bug 1223805",
"url": "https://bugzilla.suse.com/1223805"
},
{
"category": "self",
"summary": "SUSE Bug 1223806",
"url": "https://bugzilla.suse.com/1223806"
},
{
"category": "self",
"summary": "SUSE Bug 1223807",
"url": "https://bugzilla.suse.com/1223807"
},
{
"category": "self",
"summary": "SUSE Bug 1223808",
"url": "https://bugzilla.suse.com/1223808"
},
{
"category": "self",
"summary": "SUSE Bug 1223810",
"url": "https://bugzilla.suse.com/1223810"
},
{
"category": "self",
"summary": "SUSE Bug 1223813",
"url": "https://bugzilla.suse.com/1223813"
},
{
"category": "self",
"summary": "SUSE Bug 1223815",
"url": "https://bugzilla.suse.com/1223815"
},
{
"category": "self",
"summary": "SUSE Bug 1223816",
"url": "https://bugzilla.suse.com/1223816"
},
{
"category": "self",
"summary": "SUSE Bug 1223819",
"url": "https://bugzilla.suse.com/1223819"
},
{
"category": "self",
"summary": "SUSE Bug 1223821",
"url": "https://bugzilla.suse.com/1223821"
},
{
"category": "self",
"summary": "SUSE Bug 1223822",
"url": "https://bugzilla.suse.com/1223822"
},
{
"category": "self",
"summary": "SUSE Bug 1223823",
"url": "https://bugzilla.suse.com/1223823"
},
{
"category": "self",
"summary": "SUSE Bug 1223824",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "self",
"summary": "SUSE Bug 1223826",
"url": "https://bugzilla.suse.com/1223826"
},
{
"category": "self",
"summary": "SUSE Bug 1223827",
"url": "https://bugzilla.suse.com/1223827"
},
{
"category": "self",
"summary": "SUSE Bug 1223828",
"url": "https://bugzilla.suse.com/1223828"
},
{
"category": "self",
"summary": "SUSE Bug 1223829",
"url": "https://bugzilla.suse.com/1223829"
},
{
"category": "self",
"summary": "SUSE Bug 1223831",
"url": "https://bugzilla.suse.com/1223831"
},
{
"category": "self",
"summary": "SUSE Bug 1223834",
"url": "https://bugzilla.suse.com/1223834"
},
{
"category": "self",
"summary": "SUSE Bug 1223836",
"url": "https://bugzilla.suse.com/1223836"
},
{
"category": "self",
"summary": "SUSE Bug 1223837",
"url": "https://bugzilla.suse.com/1223837"
},
{
"category": "self",
"summary": "SUSE Bug 1223838",
"url": "https://bugzilla.suse.com/1223838"
},
{
"category": "self",
"summary": "SUSE Bug 1223842",
"url": "https://bugzilla.suse.com/1223842"
},
{
"category": "self",
"summary": "SUSE Bug 1223843",
"url": "https://bugzilla.suse.com/1223843"
},
{
"category": "self",
"summary": "SUSE Bug 1223844",
"url": "https://bugzilla.suse.com/1223844"
},
{
"category": "self",
"summary": "SUSE Bug 1223847",
"url": "https://bugzilla.suse.com/1223847"
},
{
"category": "self",
"summary": "SUSE Bug 1223863",
"url": "https://bugzilla.suse.com/1223863"
},
{
"category": "self",
"summary": "SUSE Bug 1223869",
"url": "https://bugzilla.suse.com/1223869"
},
{
"category": "self",
"summary": "SUSE Bug 1223870",
"url": "https://bugzilla.suse.com/1223870"
},
{
"category": "self",
"summary": "SUSE Bug 1223871",
"url": "https://bugzilla.suse.com/1223871"
},
{
"category": "self",
"summary": "SUSE Bug 1223872",
"url": "https://bugzilla.suse.com/1223872"
},
{
"category": "self",
"summary": "SUSE Bug 1223874",
"url": "https://bugzilla.suse.com/1223874"
},
{
"category": "self",
"summary": "SUSE Bug 1223944",
"url": "https://bugzilla.suse.com/1223944"
},
{
"category": "self",
"summary": "SUSE Bug 1223945",
"url": "https://bugzilla.suse.com/1223945"
},
{
"category": "self",
"summary": "SUSE Bug 1223946",
"url": "https://bugzilla.suse.com/1223946"
},
{
"category": "self",
"summary": "SUSE Bug 1223991",
"url": "https://bugzilla.suse.com/1223991"
},
{
"category": "self",
"summary": "SUSE Bug 1224049",
"url": "https://bugzilla.suse.com/1224049"
},
{
"category": "self",
"summary": "SUSE Bug 1224076",
"url": "https://bugzilla.suse.com/1224076"
},
{
"category": "self",
"summary": "SUSE Bug 1224096",
"url": "https://bugzilla.suse.com/1224096"
},
{
"category": "self",
"summary": "SUSE Bug 1224098",
"url": "https://bugzilla.suse.com/1224098"
},
{
"category": "self",
"summary": "SUSE Bug 1224099",
"url": "https://bugzilla.suse.com/1224099"
},
{
"category": "self",
"summary": "SUSE Bug 1224137",
"url": "https://bugzilla.suse.com/1224137"
},
{
"category": "self",
"summary": "SUSE Bug 1224166",
"url": "https://bugzilla.suse.com/1224166"
},
{
"category": "self",
"summary": "SUSE Bug 1224174",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "self",
"summary": "SUSE Bug 1224177",
"url": "https://bugzilla.suse.com/1224177"
},
{
"category": "self",
"summary": "SUSE Bug 1224180",
"url": "https://bugzilla.suse.com/1224180"
},
{
"category": "self",
"summary": "SUSE Bug 1224181",
"url": "https://bugzilla.suse.com/1224181"
},
{
"category": "self",
"summary": "SUSE Bug 1224187",
"url": "https://bugzilla.suse.com/1224187"
},
{
"category": "self",
"summary": "SUSE Bug 1224331",
"url": "https://bugzilla.suse.com/1224331"
},
{
"category": "self",
"summary": "SUSE Bug 1224348",
"url": "https://bugzilla.suse.com/1224348"
},
{
"category": "self",
"summary": "SUSE Bug 1224414",
"url": "https://bugzilla.suse.com/1224414"
},
{
"category": "self",
"summary": "SUSE Bug 1224422",
"url": "https://bugzilla.suse.com/1224422"
},
{
"category": "self",
"summary": "SUSE Bug 1224423",
"url": "https://bugzilla.suse.com/1224423"
},
{
"category": "self",
"summary": "SUSE Bug 1224429",
"url": "https://bugzilla.suse.com/1224429"
},
{
"category": "self",
"summary": "SUSE Bug 1224430",
"url": "https://bugzilla.suse.com/1224430"
},
{
"category": "self",
"summary": "SUSE Bug 1224432",
"url": "https://bugzilla.suse.com/1224432"
},
{
"category": "self",
"summary": "SUSE Bug 1224433",
"url": "https://bugzilla.suse.com/1224433"
},
{
"category": "self",
"summary": "SUSE Bug 1224437",
"url": "https://bugzilla.suse.com/1224437"
},
{
"category": "self",
"summary": "SUSE Bug 1224438",
"url": "https://bugzilla.suse.com/1224438"
},
{
"category": "self",
"summary": "SUSE Bug 1224439",
"url": "https://bugzilla.suse.com/1224439"
},
{
"category": "self",
"summary": "SUSE Bug 1224442",
"url": "https://bugzilla.suse.com/1224442"
},
{
"category": "self",
"summary": "SUSE Bug 1224443",
"url": "https://bugzilla.suse.com/1224443"
},
{
"category": "self",
"summary": "SUSE Bug 1224445",
"url": "https://bugzilla.suse.com/1224445"
},
{
"category": "self",
"summary": "SUSE Bug 1224449",
"url": "https://bugzilla.suse.com/1224449"
},
{
"category": "self",
"summary": "SUSE Bug 1224477",
"url": "https://bugzilla.suse.com/1224477"
},
{
"category": "self",
"summary": "SUSE Bug 1224479",
"url": "https://bugzilla.suse.com/1224479"
},
{
"category": "self",
"summary": "SUSE Bug 1224480",
"url": "https://bugzilla.suse.com/1224480"
},
{
"category": "self",
"summary": "SUSE Bug 1224481",
"url": "https://bugzilla.suse.com/1224481"
},
{
"category": "self",
"summary": "SUSE Bug 1224482",
"url": "https://bugzilla.suse.com/1224482"
},
{
"category": "self",
"summary": "SUSE Bug 1224486",
"url": "https://bugzilla.suse.com/1224486"
},
{
"category": "self",
"summary": "SUSE Bug 1224487",
"url": "https://bugzilla.suse.com/1224487"
},
{
"category": "self",
"summary": "SUSE Bug 1224488",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "self",
"summary": "SUSE Bug 1224490",
"url": "https://bugzilla.suse.com/1224490"
},
{
"category": "self",
"summary": "SUSE Bug 1224491",
"url": "https://bugzilla.suse.com/1224491"
},
{
"category": "self",
"summary": "SUSE Bug 1224492",
"url": "https://bugzilla.suse.com/1224492"
},
{
"category": "self",
"summary": "SUSE Bug 1224493",
"url": "https://bugzilla.suse.com/1224493"
},
{
"category": "self",
"summary": "SUSE Bug 1224494",
"url": "https://bugzilla.suse.com/1224494"
},
{
"category": "self",
"summary": "SUSE Bug 1224495",
"url": "https://bugzilla.suse.com/1224495"
},
{
"category": "self",
"summary": "SUSE Bug 1224497",
"url": "https://bugzilla.suse.com/1224497"
},
{
"category": "self",
"summary": "SUSE Bug 1224498",
"url": "https://bugzilla.suse.com/1224498"
},
{
"category": "self",
"summary": "SUSE Bug 1224499",
"url": "https://bugzilla.suse.com/1224499"
},
{
"category": "self",
"summary": "SUSE Bug 1224500",
"url": "https://bugzilla.suse.com/1224500"
},
{
"category": "self",
"summary": "SUSE Bug 1224501",
"url": "https://bugzilla.suse.com/1224501"
},
{
"category": "self",
"summary": "SUSE Bug 1224502",
"url": "https://bugzilla.suse.com/1224502"
},
{
"category": "self",
"summary": "SUSE Bug 1224504",
"url": "https://bugzilla.suse.com/1224504"
},
{
"category": "self",
"summary": "SUSE Bug 1224505",
"url": "https://bugzilla.suse.com/1224505"
},
{
"category": "self",
"summary": "SUSE Bug 1224506",
"url": "https://bugzilla.suse.com/1224506"
},
{
"category": "self",
"summary": "SUSE Bug 1224507",
"url": "https://bugzilla.suse.com/1224507"
},
{
"category": "self",
"summary": "SUSE Bug 1224508",
"url": "https://bugzilla.suse.com/1224508"
},
{
"category": "self",
"summary": "SUSE Bug 1224509",
"url": "https://bugzilla.suse.com/1224509"
},
{
"category": "self",
"summary": "SUSE Bug 1224511",
"url": "https://bugzilla.suse.com/1224511"
},
{
"category": "self",
"summary": "SUSE Bug 1224512",
"url": "https://bugzilla.suse.com/1224512"
},
{
"category": "self",
"summary": "SUSE Bug 1224513",
"url": "https://bugzilla.suse.com/1224513"
},
{
"category": "self",
"summary": "SUSE Bug 1224515",
"url": "https://bugzilla.suse.com/1224515"
},
{
"category": "self",
"summary": "SUSE Bug 1224516",
"url": "https://bugzilla.suse.com/1224516"
},
{
"category": "self",
"summary": "SUSE Bug 1224517",
"url": "https://bugzilla.suse.com/1224517"
},
{
"category": "self",
"summary": "SUSE Bug 1224519",
"url": "https://bugzilla.suse.com/1224519"
},
{
"category": "self",
"summary": "SUSE Bug 1224520",
"url": "https://bugzilla.suse.com/1224520"
},
{
"category": "self",
"summary": "SUSE Bug 1224521",
"url": "https://bugzilla.suse.com/1224521"
},
{
"category": "self",
"summary": "SUSE Bug 1224523",
"url": "https://bugzilla.suse.com/1224523"
},
{
"category": "self",
"summary": "SUSE Bug 1224524",
"url": "https://bugzilla.suse.com/1224524"
},
{
"category": "self",
"summary": "SUSE Bug 1224525",
"url": "https://bugzilla.suse.com/1224525"
},
{
"category": "self",
"summary": "SUSE Bug 1224526",
"url": "https://bugzilla.suse.com/1224526"
},
{
"category": "self",
"summary": "SUSE Bug 1224530",
"url": "https://bugzilla.suse.com/1224530"
},
{
"category": "self",
"summary": "SUSE Bug 1224531",
"url": "https://bugzilla.suse.com/1224531"
},
{
"category": "self",
"summary": "SUSE Bug 1224534",
"url": "https://bugzilla.suse.com/1224534"
},
{
"category": "self",
"summary": "SUSE Bug 1224537",
"url": "https://bugzilla.suse.com/1224537"
},
{
"category": "self",
"summary": "SUSE Bug 1224539",
"url": "https://bugzilla.suse.com/1224539"
},
{
"category": "self",
"summary": "SUSE Bug 1224540",
"url": "https://bugzilla.suse.com/1224540"
},
{
"category": "self",
"summary": "SUSE Bug 1224541",
"url": "https://bugzilla.suse.com/1224541"
},
{
"category": "self",
"summary": "SUSE Bug 1224542",
"url": "https://bugzilla.suse.com/1224542"
},
{
"category": "self",
"summary": "SUSE Bug 1224543",
"url": "https://bugzilla.suse.com/1224543"
},
{
"category": "self",
"summary": "SUSE Bug 1224544",
"url": "https://bugzilla.suse.com/1224544"
},
{
"category": "self",
"summary": "SUSE Bug 1224545",
"url": "https://bugzilla.suse.com/1224545"
},
{
"category": "self",
"summary": "SUSE Bug 1224546",
"url": "https://bugzilla.suse.com/1224546"
},
{
"category": "self",
"summary": "SUSE Bug 1224549",
"url": "https://bugzilla.suse.com/1224549"
},
{
"category": "self",
"summary": "SUSE Bug 1224550",
"url": "https://bugzilla.suse.com/1224550"
},
{
"category": "self",
"summary": "SUSE Bug 1224552",
"url": "https://bugzilla.suse.com/1224552"
},
{
"category": "self",
"summary": "SUSE Bug 1224553",
"url": "https://bugzilla.suse.com/1224553"
},
{
"category": "self",
"summary": "SUSE Bug 1224555",
"url": "https://bugzilla.suse.com/1224555"
},
{
"category": "self",
"summary": "SUSE Bug 1224557",
"url": "https://bugzilla.suse.com/1224557"
},
{
"category": "self",
"summary": "SUSE Bug 1224558",
"url": "https://bugzilla.suse.com/1224558"
},
{
"category": "self",
"summary": "SUSE Bug 1224559",
"url": "https://bugzilla.suse.com/1224559"
},
{
"category": "self",
"summary": "SUSE Bug 1224562",
"url": "https://bugzilla.suse.com/1224562"
},
{
"category": "self",
"summary": "SUSE Bug 1224565",
"url": "https://bugzilla.suse.com/1224565"
},
{
"category": "self",
"summary": "SUSE Bug 1224566",
"url": "https://bugzilla.suse.com/1224566"
},
{
"category": "self",
"summary": "SUSE Bug 1224567",
"url": "https://bugzilla.suse.com/1224567"
},
{
"category": "self",
"summary": "SUSE Bug 1224568",
"url": "https://bugzilla.suse.com/1224568"
},
{
"category": "self",
"summary": "SUSE Bug 1224569",
"url": "https://bugzilla.suse.com/1224569"
},
{
"category": "self",
"summary": "SUSE Bug 1224571",
"url": "https://bugzilla.suse.com/1224571"
},
{
"category": "self",
"summary": "SUSE Bug 1224572",
"url": "https://bugzilla.suse.com/1224572"
},
{
"category": "self",
"summary": "SUSE Bug 1224573",
"url": "https://bugzilla.suse.com/1224573"
},
{
"category": "self",
"summary": "SUSE Bug 1224575",
"url": "https://bugzilla.suse.com/1224575"
},
{
"category": "self",
"summary": "SUSE Bug 1224576",
"url": "https://bugzilla.suse.com/1224576"
},
{
"category": "self",
"summary": "SUSE Bug 1224577",
"url": "https://bugzilla.suse.com/1224577"
},
{
"category": "self",
"summary": "SUSE Bug 1224578",
"url": "https://bugzilla.suse.com/1224578"
},
{
"category": "self",
"summary": "SUSE Bug 1224579",
"url": "https://bugzilla.suse.com/1224579"
},
{
"category": "self",
"summary": "SUSE Bug 1224580",
"url": "https://bugzilla.suse.com/1224580"
},
{
"category": "self",
"summary": "SUSE Bug 1224581",
"url": "https://bugzilla.suse.com/1224581"
},
{
"category": "self",
"summary": "SUSE Bug 1224582",
"url": "https://bugzilla.suse.com/1224582"
},
{
"category": "self",
"summary": "SUSE Bug 1224583",
"url": "https://bugzilla.suse.com/1224583"
},
{
"category": "self",
"summary": "SUSE Bug 1224584",
"url": "https://bugzilla.suse.com/1224584"
},
{
"category": "self",
"summary": "SUSE Bug 1224585",
"url": "https://bugzilla.suse.com/1224585"
},
{
"category": "self",
"summary": "SUSE Bug 1224586",
"url": "https://bugzilla.suse.com/1224586"
},
{
"category": "self",
"summary": "SUSE Bug 1224587",
"url": "https://bugzilla.suse.com/1224587"
},
{
"category": "self",
"summary": "SUSE Bug 1224588",
"url": "https://bugzilla.suse.com/1224588"
},
{
"category": "self",
"summary": "SUSE Bug 1224589",
"url": "https://bugzilla.suse.com/1224589"
},
{
"category": "self",
"summary": "SUSE Bug 1224592",
"url": "https://bugzilla.suse.com/1224592"
},
{
"category": "self",
"summary": "SUSE Bug 1224596",
"url": "https://bugzilla.suse.com/1224596"
},
{
"category": "self",
"summary": "SUSE Bug 1224598",
"url": "https://bugzilla.suse.com/1224598"
},
{
"category": "self",
"summary": "SUSE Bug 1224600",
"url": "https://bugzilla.suse.com/1224600"
},
{
"category": "self",
"summary": "SUSE Bug 1224601",
"url": "https://bugzilla.suse.com/1224601"
},
{
"category": "self",
"summary": "SUSE Bug 1224602",
"url": "https://bugzilla.suse.com/1224602"
},
{
"category": "self",
"summary": "SUSE Bug 1224603",
"url": "https://bugzilla.suse.com/1224603"
},
{
"category": "self",
"summary": "SUSE Bug 1224604",
"url": "https://bugzilla.suse.com/1224604"
},
{
"category": "self",
"summary": "SUSE Bug 1224605",
"url": "https://bugzilla.suse.com/1224605"
},
{
"category": "self",
"summary": "SUSE Bug 1224606",
"url": "https://bugzilla.suse.com/1224606"
},
{
"category": "self",
"summary": "SUSE Bug 1224607",
"url": "https://bugzilla.suse.com/1224607"
},
{
"category": "self",
"summary": "SUSE Bug 1224608",
"url": "https://bugzilla.suse.com/1224608"
},
{
"category": "self",
"summary": "SUSE Bug 1224609",
"url": "https://bugzilla.suse.com/1224609"
},
{
"category": "self",
"summary": "SUSE Bug 1224611",
"url": "https://bugzilla.suse.com/1224611"
},
{
"category": "self",
"summary": "SUSE Bug 1224612",
"url": "https://bugzilla.suse.com/1224612"
},
{
"category": "self",
"summary": "SUSE Bug 1224613",
"url": "https://bugzilla.suse.com/1224613"
},
{
"category": "self",
"summary": "SUSE Bug 1224614",
"url": "https://bugzilla.suse.com/1224614"
},
{
"category": "self",
"summary": "SUSE Bug 1224615",
"url": "https://bugzilla.suse.com/1224615"
},
{
"category": "self",
"summary": "SUSE Bug 1224617",
"url": "https://bugzilla.suse.com/1224617"
},
{
"category": "self",
"summary": "SUSE Bug 1224618",
"url": "https://bugzilla.suse.com/1224618"
},
{
"category": "self",
"summary": "SUSE Bug 1224619",
"url": "https://bugzilla.suse.com/1224619"
},
{
"category": "self",
"summary": "SUSE Bug 1224620",
"url": "https://bugzilla.suse.com/1224620"
},
{
"category": "self",
"summary": "SUSE Bug 1224621",
"url": "https://bugzilla.suse.com/1224621"
},
{
"category": "self",
"summary": "SUSE Bug 1224622",
"url": "https://bugzilla.suse.com/1224622"
},
{
"category": "self",
"summary": "SUSE Bug 1224623",
"url": "https://bugzilla.suse.com/1224623"
},
{
"category": "self",
"summary": "SUSE Bug 1224624",
"url": "https://bugzilla.suse.com/1224624"
},
{
"category": "self",
"summary": "SUSE Bug 1224626",
"url": "https://bugzilla.suse.com/1224626"
},
{
"category": "self",
"summary": "SUSE Bug 1224627",
"url": "https://bugzilla.suse.com/1224627"
},
{
"category": "self",
"summary": "SUSE Bug 1224628",
"url": "https://bugzilla.suse.com/1224628"
},
{
"category": "self",
"summary": "SUSE Bug 1224629",
"url": "https://bugzilla.suse.com/1224629"
},
{
"category": "self",
"summary": "SUSE Bug 1224630",
"url": "https://bugzilla.suse.com/1224630"
},
{
"category": "self",
"summary": "SUSE Bug 1224632",
"url": "https://bugzilla.suse.com/1224632"
},
{
"category": "self",
"summary": "SUSE Bug 1224633",
"url": "https://bugzilla.suse.com/1224633"
},
{
"category": "self",
"summary": "SUSE Bug 1224634",
"url": "https://bugzilla.suse.com/1224634"
},
{
"category": "self",
"summary": "SUSE Bug 1224636",
"url": "https://bugzilla.suse.com/1224636"
},
{
"category": "self",
"summary": "SUSE Bug 1224637",
"url": "https://bugzilla.suse.com/1224637"
},
{
"category": "self",
"summary": "SUSE Bug 1224638",
"url": "https://bugzilla.suse.com/1224638"
},
{
"category": "self",
"summary": "SUSE Bug 1224639",
"url": "https://bugzilla.suse.com/1224639"
},
{
"category": "self",
"summary": "SUSE Bug 1224640",
"url": "https://bugzilla.suse.com/1224640"
},
{
"category": "self",
"summary": "SUSE Bug 1224641",
"url": "https://bugzilla.suse.com/1224641"
},
{
"category": "self",
"summary": "SUSE Bug 1224643",
"url": "https://bugzilla.suse.com/1224643"
},
{
"category": "self",
"summary": "SUSE Bug 1224644",
"url": "https://bugzilla.suse.com/1224644"
},
{
"category": "self",
"summary": "SUSE Bug 1224645",
"url": "https://bugzilla.suse.com/1224645"
},
{
"category": "self",
"summary": "SUSE Bug 1224646",
"url": "https://bugzilla.suse.com/1224646"
},
{
"category": "self",
"summary": "SUSE Bug 1224647",
"url": "https://bugzilla.suse.com/1224647"
},
{
"category": "self",
"summary": "SUSE Bug 1224648",
"url": "https://bugzilla.suse.com/1224648"
},
{
"category": "self",
"summary": "SUSE Bug 1224649",
"url": "https://bugzilla.suse.com/1224649"
},
{
"category": "self",
"summary": "SUSE Bug 1224650",
"url": "https://bugzilla.suse.com/1224650"
},
{
"category": "self",
"summary": "SUSE Bug 1224651",
"url": "https://bugzilla.suse.com/1224651"
},
{
"category": "self",
"summary": "SUSE Bug 1224652",
"url": "https://bugzilla.suse.com/1224652"
},
{
"category": "self",
"summary": "SUSE Bug 1224653",
"url": "https://bugzilla.suse.com/1224653"
},
{
"category": "self",
"summary": "SUSE Bug 1224654",
"url": "https://bugzilla.suse.com/1224654"
},
{
"category": "self",
"summary": "SUSE Bug 1224655",
"url": "https://bugzilla.suse.com/1224655"
},
{
"category": "self",
"summary": "SUSE Bug 1224657",
"url": "https://bugzilla.suse.com/1224657"
},
{
"category": "self",
"summary": "SUSE Bug 1224659",
"url": "https://bugzilla.suse.com/1224659"
},
{
"category": "self",
"summary": "SUSE Bug 1224660",
"url": "https://bugzilla.suse.com/1224660"
},
{
"category": "self",
"summary": "SUSE Bug 1224661",
"url": "https://bugzilla.suse.com/1224661"
},
{
"category": "self",
"summary": "SUSE Bug 1224662",
"url": "https://bugzilla.suse.com/1224662"
},
{
"category": "self",
"summary": "SUSE Bug 1224663",
"url": "https://bugzilla.suse.com/1224663"
},
{
"category": "self",
"summary": "SUSE Bug 1224664",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "self",
"summary": "SUSE Bug 1224665",
"url": "https://bugzilla.suse.com/1224665"
},
{
"category": "self",
"summary": "SUSE Bug 1224666",
"url": "https://bugzilla.suse.com/1224666"
},
{
"category": "self",
"summary": "SUSE Bug 1224667",
"url": "https://bugzilla.suse.com/1224667"
},
{
"category": "self",
"summary": "SUSE Bug 1224668",
"url": "https://bugzilla.suse.com/1224668"
},
{
"category": "self",
"summary": "SUSE Bug 1224670",
"url": "https://bugzilla.suse.com/1224670"
},
{
"category": "self",
"summary": "SUSE Bug 1224671",
"url": "https://bugzilla.suse.com/1224671"
},
{
"category": "self",
"summary": "SUSE Bug 1224672",
"url": "https://bugzilla.suse.com/1224672"
},
{
"category": "self",
"summary": "SUSE Bug 1224673",
"url": "https://bugzilla.suse.com/1224673"
},
{
"category": "self",
"summary": "SUSE Bug 1224674",
"url": "https://bugzilla.suse.com/1224674"
},
{
"category": "self",
"summary": "SUSE Bug 1224675",
"url": "https://bugzilla.suse.com/1224675"
},
{
"category": "self",
"summary": "SUSE Bug 1224676",
"url": "https://bugzilla.suse.com/1224676"
},
{
"category": "self",
"summary": "SUSE Bug 1224677",
"url": "https://bugzilla.suse.com/1224677"
},
{
"category": "self",
"summary": "SUSE Bug 1224678",
"url": "https://bugzilla.suse.com/1224678"
},
{
"category": "self",
"summary": "SUSE Bug 1224679",
"url": "https://bugzilla.suse.com/1224679"
},
{
"category": "self",
"summary": "SUSE Bug 1224680",
"url": "https://bugzilla.suse.com/1224680"
},
{
"category": "self",
"summary": "SUSE Bug 1224681",
"url": "https://bugzilla.suse.com/1224681"
},
{
"category": "self",
"summary": "SUSE Bug 1224682",
"url": "https://bugzilla.suse.com/1224682"
},
{
"category": "self",
"summary": "SUSE Bug 1224683",
"url": "https://bugzilla.suse.com/1224683"
},
{
"category": "self",
"summary": "SUSE Bug 1224685",
"url": "https://bugzilla.suse.com/1224685"
},
{
"category": "self",
"summary": "SUSE Bug 1224686",
"url": "https://bugzilla.suse.com/1224686"
},
{
"category": "self",
"summary": "SUSE Bug 1224687",
"url": "https://bugzilla.suse.com/1224687"
},
{
"category": "self",
"summary": "SUSE Bug 1224688",
"url": "https://bugzilla.suse.com/1224688"
},
{
"category": "self",
"summary": "SUSE Bug 1224692",
"url": "https://bugzilla.suse.com/1224692"
},
{
"category": "self",
"summary": "SUSE Bug 1224696",
"url": "https://bugzilla.suse.com/1224696"
},
{
"category": "self",
"summary": "SUSE Bug 1224697",
"url": "https://bugzilla.suse.com/1224697"
},
{
"category": "self",
"summary": "SUSE Bug 1224698",
"url": "https://bugzilla.suse.com/1224698"
},
{
"category": "self",
"summary": "SUSE Bug 1224699",
"url": "https://bugzilla.suse.com/1224699"
},
{
"category": "self",
"summary": "SUSE Bug 1224701",
"url": "https://bugzilla.suse.com/1224701"
},
{
"category": "self",
"summary": "SUSE Bug 1224703",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "self",
"summary": "SUSE Bug 1224704",
"url": "https://bugzilla.suse.com/1224704"
},
{
"category": "self",
"summary": "SUSE Bug 1224705",
"url": "https://bugzilla.suse.com/1224705"
},
{
"category": "self",
"summary": "SUSE Bug 1224706",
"url": "https://bugzilla.suse.com/1224706"
},
{
"category": "self",
"summary": "SUSE Bug 1224707",
"url": "https://bugzilla.suse.com/1224707"
},
{
"category": "self",
"summary": "SUSE Bug 1224709",
"url": "https://bugzilla.suse.com/1224709"
},
{
"category": "self",
"summary": "SUSE Bug 1224710",
"url": "https://bugzilla.suse.com/1224710"
},
{
"category": "self",
"summary": "SUSE Bug 1224712",
"url": "https://bugzilla.suse.com/1224712"
},
{
"category": "self",
"summary": "SUSE Bug 1224714",
"url": "https://bugzilla.suse.com/1224714"
},
{
"category": "self",
"summary": "SUSE Bug 1224716",
"url": "https://bugzilla.suse.com/1224716"
},
{
"category": "self",
"summary": "SUSE Bug 1224717",
"url": "https://bugzilla.suse.com/1224717"
},
{
"category": "self",
"summary": "SUSE Bug 1224718",
"url": "https://bugzilla.suse.com/1224718"
},
{
"category": "self",
"summary": "SUSE Bug 1224719",
"url": "https://bugzilla.suse.com/1224719"
},
{
"category": "self",
"summary": "SUSE Bug 1224720",
"url": "https://bugzilla.suse.com/1224720"
},
{
"category": "self",
"summary": "SUSE Bug 1224721",
"url": "https://bugzilla.suse.com/1224721"
},
{
"category": "self",
"summary": "SUSE Bug 1224722",
"url": "https://bugzilla.suse.com/1224722"
},
{
"category": "self",
"summary": "SUSE Bug 1224723",
"url": "https://bugzilla.suse.com/1224723"
},
{
"category": "self",
"summary": "SUSE Bug 1224725",
"url": "https://bugzilla.suse.com/1224725"
},
{
"category": "self",
"summary": "SUSE Bug 1224727",
"url": "https://bugzilla.suse.com/1224727"
},
{
"category": "self",
"summary": "SUSE Bug 1224729",
"url": "https://bugzilla.suse.com/1224729"
},
{
"category": "self",
"summary": "SUSE Bug 1224730",
"url": "https://bugzilla.suse.com/1224730"
},
{
"category": "self",
"summary": "SUSE Bug 1224731",
"url": "https://bugzilla.suse.com/1224731"
},
{
"category": "self",
"summary": "SUSE Bug 1224732",
"url": "https://bugzilla.suse.com/1224732"
},
{
"category": "self",
"summary": "SUSE Bug 1224733",
"url": "https://bugzilla.suse.com/1224733"
},
{
"category": "self",
"summary": "SUSE Bug 1224735",
"url": "https://bugzilla.suse.com/1224735"
},
{
"category": "self",
"summary": "SUSE Bug 1224736",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "self",
"summary": "SUSE Bug 1224738",
"url": "https://bugzilla.suse.com/1224738"
},
{
"category": "self",
"summary": "SUSE Bug 1224739",
"url": "https://bugzilla.suse.com/1224739"
},
{
"category": "self",
"summary": "SUSE Bug 1224740",
"url": "https://bugzilla.suse.com/1224740"
},
{
"category": "self",
"summary": "SUSE Bug 1224741",
"url": "https://bugzilla.suse.com/1224741"
},
{
"category": "self",
"summary": "SUSE Bug 1224742",
"url": "https://bugzilla.suse.com/1224742"
},
{
"category": "self",
"summary": "SUSE Bug 1224743",
"url": "https://bugzilla.suse.com/1224743"
},
{
"category": "self",
"summary": "SUSE Bug 1224747",
"url": "https://bugzilla.suse.com/1224747"
},
{
"category": "self",
"summary": "SUSE Bug 1224749",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "self",
"summary": "SUSE Bug 1224751",
"url": "https://bugzilla.suse.com/1224751"
},
{
"category": "self",
"summary": "SUSE Bug 1224759",
"url": "https://bugzilla.suse.com/1224759"
},
{
"category": "self",
"summary": "SUSE Bug 1224763",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "self",
"summary": "SUSE Bug 1224764",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "self",
"summary": "SUSE Bug 1224765",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "self",
"summary": "SUSE Bug 1224766",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "self",
"summary": "SUSE Bug 1224767",
"url": "https://bugzilla.suse.com/1224767"
},
{
"category": "self",
"summary": "SUSE Bug 1224790",
"url": "https://bugzilla.suse.com/1224790"
},
{
"category": "self",
"summary": "SUSE Bug 1224792",
"url": "https://bugzilla.suse.com/1224792"
},
{
"category": "self",
"summary": "SUSE Bug 1224793",
"url": "https://bugzilla.suse.com/1224793"
},
{
"category": "self",
"summary": "SUSE Bug 1224803",
"url": "https://bugzilla.suse.com/1224803"
},
{
"category": "self",
"summary": "SUSE Bug 1224804",
"url": "https://bugzilla.suse.com/1224804"
},
{
"category": "self",
"summary": "SUSE Bug 1224866",
"url": "https://bugzilla.suse.com/1224866"
},
{
"category": "self",
"summary": "SUSE Bug 1224928",
"url": "https://bugzilla.suse.com/1224928"
},
{
"category": "self",
"summary": "SUSE Bug 1224930",
"url": "https://bugzilla.suse.com/1224930"
},
{
"category": "self",
"summary": "SUSE Bug 1224932",
"url": "https://bugzilla.suse.com/1224932"
},
{
"category": "self",
"summary": "SUSE Bug 1224933",
"url": "https://bugzilla.suse.com/1224933"
},
{
"category": "self",
"summary": "SUSE Bug 1224935",
"url": "https://bugzilla.suse.com/1224935"
},
{
"category": "self",
"summary": "SUSE Bug 1224936",
"url": "https://bugzilla.suse.com/1224936"
},
{
"category": "self",
"summary": "SUSE Bug 1224937",
"url": "https://bugzilla.suse.com/1224937"
},
{
"category": "self",
"summary": "SUSE Bug 1224939",
"url": "https://bugzilla.suse.com/1224939"
},
{
"category": "self",
"summary": "SUSE Bug 1224941",
"url": "https://bugzilla.suse.com/1224941"
},
{
"category": "self",
"summary": "SUSE Bug 1224944",
"url": "https://bugzilla.suse.com/1224944"
},
{
"category": "self",
"summary": "SUSE Bug 1224946",
"url": "https://bugzilla.suse.com/1224946"
},
{
"category": "self",
"summary": "SUSE Bug 1224947",
"url": "https://bugzilla.suse.com/1224947"
},
{
"category": "self",
"summary": "SUSE Bug 1224949",
"url": "https://bugzilla.suse.com/1224949"
},
{
"category": "self",
"summary": "SUSE Bug 1224951",
"url": "https://bugzilla.suse.com/1224951"
},
{
"category": "self",
"summary": "SUSE Bug 1224988",
"url": "https://bugzilla.suse.com/1224988"
},
{
"category": "self",
"summary": "SUSE Bug 1224989",
"url": "https://bugzilla.suse.com/1224989"
},
{
"category": "self",
"summary": "SUSE Bug 1224992",
"url": "https://bugzilla.suse.com/1224992"
},
{
"category": "self",
"summary": "SUSE Bug 1224998",
"url": "https://bugzilla.suse.com/1224998"
},
{
"category": "self",
"summary": "SUSE Bug 1225000",
"url": "https://bugzilla.suse.com/1225000"
},
{
"category": "self",
"summary": "SUSE Bug 1225001",
"url": "https://bugzilla.suse.com/1225001"
},
{
"category": "self",
"summary": "SUSE Bug 1225004",
"url": "https://bugzilla.suse.com/1225004"
},
{
"category": "self",
"summary": "SUSE Bug 1225006",
"url": "https://bugzilla.suse.com/1225006"
},
{
"category": "self",
"summary": "SUSE Bug 1225007",
"url": "https://bugzilla.suse.com/1225007"
},
{
"category": "self",
"summary": "SUSE Bug 1225008",
"url": "https://bugzilla.suse.com/1225008"
},
{
"category": "self",
"summary": "SUSE Bug 1225009",
"url": "https://bugzilla.suse.com/1225009"
},
{
"category": "self",
"summary": "SUSE Bug 1225014",
"url": "https://bugzilla.suse.com/1225014"
},
{
"category": "self",
"summary": "SUSE Bug 1225015",
"url": "https://bugzilla.suse.com/1225015"
},
{
"category": "self",
"summary": "SUSE Bug 1225022",
"url": "https://bugzilla.suse.com/1225022"
},
{
"category": "self",
"summary": "SUSE Bug 1225025",
"url": "https://bugzilla.suse.com/1225025"
},
{
"category": "self",
"summary": "SUSE Bug 1225028",
"url": "https://bugzilla.suse.com/1225028"
},
{
"category": "self",
"summary": "SUSE Bug 1225029",
"url": "https://bugzilla.suse.com/1225029"
},
{
"category": "self",
"summary": "SUSE Bug 1225031",
"url": "https://bugzilla.suse.com/1225031"
},
{
"category": "self",
"summary": "SUSE Bug 1225036",
"url": "https://bugzilla.suse.com/1225036"
},
{
"category": "self",
"summary": "SUSE Bug 1225041",
"url": "https://bugzilla.suse.com/1225041"
},
{
"category": "self",
"summary": "SUSE Bug 1225044",
"url": "https://bugzilla.suse.com/1225044"
},
{
"category": "self",
"summary": "SUSE Bug 1225049",
"url": "https://bugzilla.suse.com/1225049"
},
{
"category": "self",
"summary": "SUSE Bug 1225050",
"url": "https://bugzilla.suse.com/1225050"
},
{
"category": "self",
"summary": "SUSE Bug 1225053",
"url": "https://bugzilla.suse.com/1225053"
},
{
"category": "self",
"summary": "SUSE Bug 1225076",
"url": "https://bugzilla.suse.com/1225076"
},
{
"category": "self",
"summary": "SUSE Bug 1225077",
"url": "https://bugzilla.suse.com/1225077"
},
{
"category": "self",
"summary": "SUSE Bug 1225078",
"url": "https://bugzilla.suse.com/1225078"
},
{
"category": "self",
"summary": "SUSE Bug 1225081",
"url": "https://bugzilla.suse.com/1225081"
},
{
"category": "self",
"summary": "SUSE Bug 1225085",
"url": "https://bugzilla.suse.com/1225085"
},
{
"category": "self",
"summary": "SUSE Bug 1225086",
"url": "https://bugzilla.suse.com/1225086"
},
{
"category": "self",
"summary": "SUSE Bug 1225088",
"url": "https://bugzilla.suse.com/1225088"
},
{
"category": "self",
"summary": "SUSE Bug 1225090",
"url": "https://bugzilla.suse.com/1225090"
},
{
"category": "self",
"summary": "SUSE Bug 1225092",
"url": "https://bugzilla.suse.com/1225092"
},
{
"category": "self",
"summary": "SUSE Bug 1225096",
"url": "https://bugzilla.suse.com/1225096"
},
{
"category": "self",
"summary": "SUSE Bug 1225097",
"url": "https://bugzilla.suse.com/1225097"
},
{
"category": "self",
"summary": "SUSE Bug 1225098",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "self",
"summary": "SUSE Bug 1225101",
"url": "https://bugzilla.suse.com/1225101"
},
{
"category": "self",
"summary": "SUSE Bug 1225103",
"url": "https://bugzilla.suse.com/1225103"
},
{
"category": "self",
"summary": "SUSE Bug 1225104",
"url": "https://bugzilla.suse.com/1225104"
},
{
"category": "self",
"summary": "SUSE Bug 1225105",
"url": "https://bugzilla.suse.com/1225105"
},
{
"category": "self",
"summary": "SUSE Bug 1225106",
"url": "https://bugzilla.suse.com/1225106"
},
{
"category": "self",
"summary": "SUSE Bug 1225108",
"url": "https://bugzilla.suse.com/1225108"
},
{
"category": "self",
"summary": "SUSE Bug 1225120",
"url": "https://bugzilla.suse.com/1225120"
},
{
"category": "self",
"summary": "SUSE Bug 1225132",
"url": "https://bugzilla.suse.com/1225132"
},
{
"category": "self",
"summary": "SUSE Bug 1225133",
"url": "https://bugzilla.suse.com/1225133"
},
{
"category": "self",
"summary": "SUSE Bug 1225134",
"url": "https://bugzilla.suse.com/1225134"
},
{
"category": "self",
"summary": "SUSE Bug 1225136",
"url": "https://bugzilla.suse.com/1225136"
},
{
"category": "self",
"summary": "SUSE Bug 1225172",
"url": "https://bugzilla.suse.com/1225172"
},
{
"category": "self",
"summary": "SUSE Bug 1225180",
"url": "https://bugzilla.suse.com/1225180"
},
{
"category": "self",
"summary": "SUSE Bug 1225272",
"url": "https://bugzilla.suse.com/1225272"
},
{
"category": "self",
"summary": "SUSE Bug 1225300",
"url": "https://bugzilla.suse.com/1225300"
},
{
"category": "self",
"summary": "SUSE Bug 1225391",
"url": "https://bugzilla.suse.com/1225391"
},
{
"category": "self",
"summary": "SUSE Bug 1225472",
"url": "https://bugzilla.suse.com/1225472"
},
{
"category": "self",
"summary": "SUSE Bug 1225475",
"url": "https://bugzilla.suse.com/1225475"
},
{
"category": "self",
"summary": "SUSE Bug 1225476",
"url": "https://bugzilla.suse.com/1225476"
},
{
"category": "self",
"summary": "SUSE Bug 1225477",
"url": "https://bugzilla.suse.com/1225477"
},
{
"category": "self",
"summary": "SUSE Bug 1225478",
"url": "https://bugzilla.suse.com/1225478"
},
{
"category": "self",
"summary": "SUSE Bug 1225485",
"url": "https://bugzilla.suse.com/1225485"
},
{
"category": "self",
"summary": "SUSE Bug 1225489",
"url": "https://bugzilla.suse.com/1225489"
},
{
"category": "self",
"summary": "SUSE Bug 1225490",
"url": "https://bugzilla.suse.com/1225490"
},
{
"category": "self",
"summary": "SUSE Bug 1225502",
"url": "https://bugzilla.suse.com/1225502"
},
{
"category": "self",
"summary": "SUSE Bug 1225527",
"url": "https://bugzilla.suse.com/1225527"
},
{
"category": "self",
"summary": "SUSE Bug 1225529",
"url": "https://bugzilla.suse.com/1225529"
},
{
"category": "self",
"summary": "SUSE Bug 1225530",
"url": "https://bugzilla.suse.com/1225530"
},
{
"category": "self",
"summary": "SUSE Bug 1225532",
"url": "https://bugzilla.suse.com/1225532"
},
{
"category": "self",
"summary": "SUSE Bug 1225534",
"url": "https://bugzilla.suse.com/1225534"
},
{
"category": "self",
"summary": "SUSE Bug 1225548",
"url": "https://bugzilla.suse.com/1225548"
},
{
"category": "self",
"summary": "SUSE Bug 1225550",
"url": "https://bugzilla.suse.com/1225550"
},
{
"category": "self",
"summary": "SUSE Bug 1225553",
"url": "https://bugzilla.suse.com/1225553"
},
{
"category": "self",
"summary": "SUSE Bug 1225554",
"url": "https://bugzilla.suse.com/1225554"
},
{
"category": "self",
"summary": "SUSE Bug 1225555",
"url": "https://bugzilla.suse.com/1225555"
},
{
"category": "self",
"summary": "SUSE Bug 1225556",
"url": "https://bugzilla.suse.com/1225556"
},
{
"category": "self",
"summary": "SUSE Bug 1225557",
"url": "https://bugzilla.suse.com/1225557"
},
{
"category": "self",
"summary": "SUSE Bug 1225559",
"url": "https://bugzilla.suse.com/1225559"
},
{
"category": "self",
"summary": "SUSE Bug 1225560",
"url": "https://bugzilla.suse.com/1225560"
},
{
"category": "self",
"summary": "SUSE Bug 1225564",
"url": "https://bugzilla.suse.com/1225564"
},
{
"category": "self",
"summary": "SUSE Bug 1225565",
"url": "https://bugzilla.suse.com/1225565"
},
{
"category": "self",
"summary": "SUSE Bug 1225566",
"url": "https://bugzilla.suse.com/1225566"
},
{
"category": "self",
"summary": "SUSE Bug 1225568",
"url": "https://bugzilla.suse.com/1225568"
},
{
"category": "self",
"summary": "SUSE Bug 1225569",
"url": "https://bugzilla.suse.com/1225569"
},
{
"category": "self",
"summary": "SUSE Bug 1225570",
"url": "https://bugzilla.suse.com/1225570"
},
{
"category": "self",
"summary": "SUSE Bug 1225571",
"url": "https://bugzilla.suse.com/1225571"
},
{
"category": "self",
"summary": "SUSE Bug 1225572",
"url": "https://bugzilla.suse.com/1225572"
},
{
"category": "self",
"summary": "SUSE Bug 1225573",
"url": "https://bugzilla.suse.com/1225573"
},
{
"category": "self",
"summary": "SUSE Bug 1225577",
"url": "https://bugzilla.suse.com/1225577"
},
{
"category": "self",
"summary": "SUSE Bug 1225578",
"url": "https://bugzilla.suse.com/1225578"
},
{
"category": "self",
"summary": "SUSE Bug 1225579",
"url": "https://bugzilla.suse.com/1225579"
},
{
"category": "self",
"summary": "SUSE Bug 1225580",
"url": "https://bugzilla.suse.com/1225580"
},
{
"category": "self",
"summary": "SUSE Bug 1225581",
"url": "https://bugzilla.suse.com/1225581"
},
{
"category": "self",
"summary": "SUSE Bug 1225583",
"url": "https://bugzilla.suse.com/1225583"
},
{
"category": "self",
"summary": "SUSE Bug 1225584",
"url": "https://bugzilla.suse.com/1225584"
},
{
"category": "self",
"summary": "SUSE Bug 1225585",
"url": "https://bugzilla.suse.com/1225585"
},
{
"category": "self",
"summary": "SUSE Bug 1225586",
"url": "https://bugzilla.suse.com/1225586"
},
{
"category": "self",
"summary": "SUSE Bug 1225587",
"url": "https://bugzilla.suse.com/1225587"
},
{
"category": "self",
"summary": "SUSE Bug 1225588",
"url": "https://bugzilla.suse.com/1225588"
},
{
"category": "self",
"summary": "SUSE Bug 1225589",
"url": "https://bugzilla.suse.com/1225589"
},
{
"category": "self",
"summary": "SUSE Bug 1225590",
"url": "https://bugzilla.suse.com/1225590"
},
{
"category": "self",
"summary": "SUSE Bug 1225591",
"url": "https://bugzilla.suse.com/1225591"
},
{
"category": "self",
"summary": "SUSE Bug 1225592",
"url": "https://bugzilla.suse.com/1225592"
},
{
"category": "self",
"summary": "SUSE Bug 1225593",
"url": "https://bugzilla.suse.com/1225593"
},
{
"category": "self",
"summary": "SUSE Bug 1225594",
"url": "https://bugzilla.suse.com/1225594"
},
{
"category": "self",
"summary": "SUSE Bug 1225595",
"url": "https://bugzilla.suse.com/1225595"
},
{
"category": "self",
"summary": "SUSE Bug 1225599",
"url": "https://bugzilla.suse.com/1225599"
},
{
"category": "self",
"summary": "SUSE Bug 1225600",
"url": "https://bugzilla.suse.com/1225600"
},
{
"category": "self",
"summary": "SUSE Bug 1225601",
"url": "https://bugzilla.suse.com/1225601"
},
{
"category": "self",
"summary": "SUSE Bug 1225602",
"url": "https://bugzilla.suse.com/1225602"
},
{
"category": "self",
"summary": "SUSE Bug 1225605",
"url": "https://bugzilla.suse.com/1225605"
},
{
"category": "self",
"summary": "SUSE Bug 1225607",
"url": "https://bugzilla.suse.com/1225607"
},
{
"category": "self",
"summary": "SUSE Bug 1225609",
"url": "https://bugzilla.suse.com/1225609"
},
{
"category": "self",
"summary": "SUSE Bug 1225610",
"url": "https://bugzilla.suse.com/1225610"
},
{
"category": "self",
"summary": "SUSE Bug 1225611",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "self",
"summary": "SUSE Bug 1225616",
"url": "https://bugzilla.suse.com/1225616"
},
{
"category": "self",
"summary": "SUSE Bug 1225618",
"url": "https://bugzilla.suse.com/1225618"
},
{
"category": "self",
"summary": "SUSE Bug 1225640",
"url": "https://bugzilla.suse.com/1225640"
},
{
"category": "self",
"summary": "SUSE Bug 1225642",
"url": "https://bugzilla.suse.com/1225642"
},
{
"category": "self",
"summary": "SUSE Bug 1225681",
"url": "https://bugzilla.suse.com/1225681"
},
{
"category": "self",
"summary": "SUSE Bug 1225692",
"url": "https://bugzilla.suse.com/1225692"
},
{
"category": "self",
"summary": "SUSE Bug 1225694",
"url": "https://bugzilla.suse.com/1225694"
},
{
"category": "self",
"summary": "SUSE Bug 1225695",
"url": "https://bugzilla.suse.com/1225695"
},
{
"category": "self",
"summary": "SUSE Bug 1225696",
"url": "https://bugzilla.suse.com/1225696"
},
{
"category": "self",
"summary": "SUSE Bug 1225698",
"url": "https://bugzilla.suse.com/1225698"
},
{
"category": "self",
"summary": "SUSE Bug 1225699",
"url": "https://bugzilla.suse.com/1225699"
},
{
"category": "self",
"summary": "SUSE Bug 1225702",
"url": "https://bugzilla.suse.com/1225702"
},
{
"category": "self",
"summary": "SUSE Bug 1225704",
"url": "https://bugzilla.suse.com/1225704"
},
{
"category": "self",
"summary": "SUSE Bug 1225705",
"url": "https://bugzilla.suse.com/1225705"
},
{
"category": "self",
"summary": "SUSE Bug 1225708",
"url": "https://bugzilla.suse.com/1225708"
},
{
"category": "self",
"summary": "SUSE Bug 1225710",
"url": "https://bugzilla.suse.com/1225710"
},
{
"category": "self",
"summary": "SUSE Bug 1225711",
"url": "https://bugzilla.suse.com/1225711"
},
{
"category": "self",
"summary": "SUSE Bug 1225712",
"url": "https://bugzilla.suse.com/1225712"
},
{
"category": "self",
"summary": "SUSE Bug 1225714",
"url": "https://bugzilla.suse.com/1225714"
},
{
"category": "self",
"summary": "SUSE Bug 1225715",
"url": "https://bugzilla.suse.com/1225715"
},
{
"category": "self",
"summary": "SUSE Bug 1225717",
"url": "https://bugzilla.suse.com/1225717"
},
{
"category": "self",
"summary": "SUSE Bug 1225719",
"url": "https://bugzilla.suse.com/1225719"
},
{
"category": "self",
"summary": "SUSE Bug 1225720",
"url": "https://bugzilla.suse.com/1225720"
},
{
"category": "self",
"summary": "SUSE Bug 1225722",
"url": "https://bugzilla.suse.com/1225722"
},
{
"category": "self",
"summary": "SUSE Bug 1225723",
"url": "https://bugzilla.suse.com/1225723"
},
{
"category": "self",
"summary": "SUSE Bug 1225726",
"url": "https://bugzilla.suse.com/1225726"
},
{
"category": "self",
"summary": "SUSE Bug 1225728",
"url": "https://bugzilla.suse.com/1225728"
},
{
"category": "self",
"summary": "SUSE Bug 1225731",
"url": "https://bugzilla.suse.com/1225731"
},
{
"category": "self",
"summary": "SUSE Bug 1225732",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "self",
"summary": "SUSE Bug 1225734",
"url": "https://bugzilla.suse.com/1225734"
},
{
"category": "self",
"summary": "SUSE Bug 1225735",
"url": "https://bugzilla.suse.com/1225735"
},
{
"category": "self",
"summary": "SUSE Bug 1225736",
"url": "https://bugzilla.suse.com/1225736"
},
{
"category": "self",
"summary": "SUSE Bug 1225737",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "self",
"summary": "SUSE Bug 1225741",
"url": "https://bugzilla.suse.com/1225741"
},
{
"category": "self",
"summary": "SUSE Bug 1225744",
"url": "https://bugzilla.suse.com/1225744"
},
{
"category": "self",
"summary": "SUSE Bug 1225745",
"url": "https://bugzilla.suse.com/1225745"
},
{
"category": "self",
"summary": "SUSE Bug 1225746",
"url": "https://bugzilla.suse.com/1225746"
},
{
"category": "self",
"summary": "SUSE Bug 1225747",
"url": "https://bugzilla.suse.com/1225747"
},
{
"category": "self",
"summary": "SUSE Bug 1225748",
"url": "https://bugzilla.suse.com/1225748"
},
{
"category": "self",
"summary": "SUSE Bug 1225749",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "self",
"summary": "SUSE Bug 1225750",
"url": "https://bugzilla.suse.com/1225750"
},
{
"category": "self",
"summary": "SUSE Bug 1225752",
"url": "https://bugzilla.suse.com/1225752"
},
{
"category": "self",
"summary": "SUSE Bug 1225753",
"url": "https://bugzilla.suse.com/1225753"
},
{
"category": "self",
"summary": "SUSE Bug 1225756",
"url": "https://bugzilla.suse.com/1225756"
},
{
"category": "self",
"summary": "SUSE Bug 1225757",
"url": "https://bugzilla.suse.com/1225757"
},
{
"category": "self",
"summary": "SUSE Bug 1225758",
"url": "https://bugzilla.suse.com/1225758"
},
{
"category": "self",
"summary": "SUSE Bug 1225759",
"url": "https://bugzilla.suse.com/1225759"
},
{
"category": "self",
"summary": "SUSE Bug 1225760",
"url": "https://bugzilla.suse.com/1225760"
},
{
"category": "self",
"summary": "SUSE Bug 1225761",
"url": "https://bugzilla.suse.com/1225761"
},
{
"category": "self",
"summary": "SUSE Bug 1225762",
"url": "https://bugzilla.suse.com/1225762"
},
{
"category": "self",
"summary": "SUSE Bug 1225763",
"url": "https://bugzilla.suse.com/1225763"
},
{
"category": "self",
"summary": "SUSE Bug 1225765",
"url": "https://bugzilla.suse.com/1225765"
},
{
"category": "self",
"summary": "SUSE Bug 1225766",
"url": "https://bugzilla.suse.com/1225766"
},
{
"category": "self",
"summary": "SUSE Bug 1225767",
"url": "https://bugzilla.suse.com/1225767"
},
{
"category": "self",
"summary": "SUSE Bug 1225769",
"url": "https://bugzilla.suse.com/1225769"
},
{
"category": "self",
"summary": "SUSE Bug 1225770",
"url": "https://bugzilla.suse.com/1225770"
},
{
"category": "self",
"summary": "SUSE Bug 1225773",
"url": "https://bugzilla.suse.com/1225773"
},
{
"category": "self",
"summary": "SUSE Bug 1225775",
"url": "https://bugzilla.suse.com/1225775"
},
{
"category": "self",
"summary": "SUSE Bug 1225805",
"url": "https://bugzilla.suse.com/1225805"
},
{
"category": "self",
"summary": "SUSE Bug 1225810",
"url": "https://bugzilla.suse.com/1225810"
},
{
"category": "self",
"summary": "SUSE Bug 1225815",
"url": "https://bugzilla.suse.com/1225815"
},
{
"category": "self",
"summary": "SUSE Bug 1225820",
"url": "https://bugzilla.suse.com/1225820"
},
{
"category": "self",
"summary": "SUSE Bug 1225823",
"url": "https://bugzilla.suse.com/1225823"
},
{
"category": "self",
"summary": "SUSE Bug 1225827",
"url": "https://bugzilla.suse.com/1225827"
},
{
"category": "self",
"summary": "SUSE Bug 1225829",
"url": "https://bugzilla.suse.com/1225829"
},
{
"category": "self",
"summary": "SUSE Bug 1225830",
"url": "https://bugzilla.suse.com/1225830"
},
{
"category": "self",
"summary": "SUSE Bug 1225834",
"url": "https://bugzilla.suse.com/1225834"
},
{
"category": "self",
"summary": "SUSE Bug 1225835",
"url": "https://bugzilla.suse.com/1225835"
},
{
"category": "self",
"summary": "SUSE Bug 1225839",
"url": "https://bugzilla.suse.com/1225839"
},
{
"category": "self",
"summary": "SUSE Bug 1225840",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "self",
"summary": "SUSE Bug 1225842",
"url": "https://bugzilla.suse.com/1225842"
},
{
"category": "self",
"summary": "SUSE Bug 1225843",
"url": "https://bugzilla.suse.com/1225843"
},
{
"category": "self",
"summary": "SUSE Bug 1225847",
"url": "https://bugzilla.suse.com/1225847"
},
{
"category": "self",
"summary": "SUSE Bug 1225851",
"url": "https://bugzilla.suse.com/1225851"
},
{
"category": "self",
"summary": "SUSE Bug 1225856",
"url": "https://bugzilla.suse.com/1225856"
},
{
"category": "self",
"summary": "SUSE Bug 1225866",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "self",
"summary": "SUSE Bug 1225872",
"url": "https://bugzilla.suse.com/1225872"
},
{
"category": "self",
"summary": "SUSE Bug 1225894",
"url": "https://bugzilla.suse.com/1225894"
},
{
"category": "self",
"summary": "SUSE Bug 1225895",
"url": "https://bugzilla.suse.com/1225895"
},
{
"category": "self",
"summary": "SUSE Bug 1225896",
"url": "https://bugzilla.suse.com/1225896"
},
{
"category": "self",
"summary": "SUSE Bug 1225898",
"url": "https://bugzilla.suse.com/1225898"
},
{
"category": "self",
"summary": "SUSE Bug 1225903",
"url": "https://bugzilla.suse.com/1225903"
},
{
"category": "self",
"summary": "SUSE Bug 1225945",
"url": "https://bugzilla.suse.com/1225945"
},
{
"category": "self",
"summary": "SUSE Bug 1226022",
"url": "https://bugzilla.suse.com/1226022"
},
{
"category": "self",
"summary": "SUSE Bug 1226131",
"url": "https://bugzilla.suse.com/1226131"
},
{
"category": "self",
"summary": "SUSE Bug 1226145",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "self",
"summary": "SUSE Bug 1226149",
"url": "https://bugzilla.suse.com/1226149"
},
{
"category": "self",
"summary": "SUSE Bug 1226155",
"url": "https://bugzilla.suse.com/1226155"
},
{
"category": "self",
"summary": "SUSE Bug 1226158",
"url": "https://bugzilla.suse.com/1226158"
},
{
"category": "self",
"summary": "SUSE Bug 1226163",
"url": "https://bugzilla.suse.com/1226163"
},
{
"category": "self",
"summary": "SUSE Bug 1226202",
"url": "https://bugzilla.suse.com/1226202"
},
{
"category": "self",
"summary": "SUSE Bug 1226211",
"url": "https://bugzilla.suse.com/1226211"
},
{
"category": "self",
"summary": "SUSE Bug 1226212",
"url": "https://bugzilla.suse.com/1226212"
},
{
"category": "self",
"summary": "SUSE Bug 1226213",
"url": "https://bugzilla.suse.com/1226213"
},
{
"category": "self",
"summary": "SUSE Bug 1226226",
"url": "https://bugzilla.suse.com/1226226"
},
{
"category": "self",
"summary": "SUSE Bug 1226457",
"url": "https://bugzilla.suse.com/1226457"
},
{
"category": "self",
"summary": "SUSE Bug 1226502",
"url": "https://bugzilla.suse.com/1226502"
},
{
"category": "self",
"summary": "SUSE Bug 1226503",
"url": "https://bugzilla.suse.com/1226503"
},
{
"category": "self",
"summary": "SUSE Bug 1226513",
"url": "https://bugzilla.suse.com/1226513"
},
{
"category": "self",
"summary": "SUSE Bug 1226514",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "self",
"summary": "SUSE Bug 1226519",
"url": "https://bugzilla.suse.com/1226519"
},
{
"category": "self",
"summary": "SUSE Bug 1226520",
"url": "https://bugzilla.suse.com/1226520"
},
{
"category": "self",
"summary": "SUSE Bug 1226582",
"url": "https://bugzilla.suse.com/1226582"
},
{
"category": "self",
"summary": "SUSE Bug 1226587",
"url": "https://bugzilla.suse.com/1226587"
},
{
"category": "self",
"summary": "SUSE Bug 1226588",
"url": "https://bugzilla.suse.com/1226588"
},
{
"category": "self",
"summary": "SUSE Bug 1226592",
"url": "https://bugzilla.suse.com/1226592"
},
{
"category": "self",
"summary": "SUSE Bug 1226593",
"url": "https://bugzilla.suse.com/1226593"
},
{
"category": "self",
"summary": "SUSE Bug 1226594",
"url": "https://bugzilla.suse.com/1226594"
},
{
"category": "self",
"summary": "SUSE Bug 1226595",
"url": "https://bugzilla.suse.com/1226595"
},
{
"category": "self",
"summary": "SUSE Bug 1226597",
"url": "https://bugzilla.suse.com/1226597"
},
{
"category": "self",
"summary": "SUSE Bug 1226607",
"url": "https://bugzilla.suse.com/1226607"
},
{
"category": "self",
"summary": "SUSE Bug 1226608",
"url": "https://bugzilla.suse.com/1226608"
},
{
"category": "self",
"summary": "SUSE Bug 1226610",
"url": "https://bugzilla.suse.com/1226610"
},
{
"category": "self",
"summary": "SUSE Bug 1226612",
"url": "https://bugzilla.suse.com/1226612"
},
{
"category": "self",
"summary": "SUSE Bug 1226613",
"url": "https://bugzilla.suse.com/1226613"
},
{
"category": "self",
"summary": "SUSE Bug 1226630",
"url": "https://bugzilla.suse.com/1226630"
},
{
"category": "self",
"summary": "SUSE Bug 1226632",
"url": "https://bugzilla.suse.com/1226632"
},
{
"category": "self",
"summary": "SUSE Bug 1226633",
"url": "https://bugzilla.suse.com/1226633"
},
{
"category": "self",
"summary": "SUSE Bug 1226634",
"url": "https://bugzilla.suse.com/1226634"
},
{
"category": "self",
"summary": "SUSE Bug 1226637",
"url": "https://bugzilla.suse.com/1226637"
},
{
"category": "self",
"summary": "SUSE Bug 1226657",
"url": "https://bugzilla.suse.com/1226657"
},
{
"category": "self",
"summary": "SUSE Bug 1226658",
"url": "https://bugzilla.suse.com/1226658"
},
{
"category": "self",
"summary": "SUSE Bug 1226734",
"url": "https://bugzilla.suse.com/1226734"
},
{
"category": "self",
"summary": "SUSE Bug 1226735",
"url": "https://bugzilla.suse.com/1226735"
},
{
"category": "self",
"summary": "SUSE Bug 1226737",
"url": "https://bugzilla.suse.com/1226737"
},
{
"category": "self",
"summary": "SUSE Bug 1226738",
"url": "https://bugzilla.suse.com/1226738"
},
{
"category": "self",
"summary": "SUSE Bug 1226739",
"url": "https://bugzilla.suse.com/1226739"
},
{
"category": "self",
"summary": "SUSE Bug 1226740",
"url": "https://bugzilla.suse.com/1226740"
},
{
"category": "self",
"summary": "SUSE Bug 1226741",
"url": "https://bugzilla.suse.com/1226741"
},
{
"category": "self",
"summary": "SUSE Bug 1226742",
"url": "https://bugzilla.suse.com/1226742"
},
{
"category": "self",
"summary": "SUSE Bug 1226744",
"url": "https://bugzilla.suse.com/1226744"
},
{
"category": "self",
"summary": "SUSE Bug 1226746",
"url": "https://bugzilla.suse.com/1226746"
},
{
"category": "self",
"summary": "SUSE Bug 1226747",
"url": "https://bugzilla.suse.com/1226747"
},
{
"category": "self",
"summary": "SUSE Bug 1226749",
"url": "https://bugzilla.suse.com/1226749"
},
{
"category": "self",
"summary": "SUSE Bug 1226750",
"url": "https://bugzilla.suse.com/1226750"
},
{
"category": "self",
"summary": "SUSE Bug 1226754",
"url": "https://bugzilla.suse.com/1226754"
},
{
"category": "self",
"summary": "SUSE Bug 1226757",
"url": "https://bugzilla.suse.com/1226757"
},
{
"category": "self",
"summary": "SUSE Bug 1226758",
"url": "https://bugzilla.suse.com/1226758"
},
{
"category": "self",
"summary": "SUSE Bug 1226760",
"url": "https://bugzilla.suse.com/1226760"
},
{
"category": "self",
"summary": "SUSE Bug 1226761",
"url": "https://bugzilla.suse.com/1226761"
},
{
"category": "self",
"summary": "SUSE Bug 1226764",
"url": "https://bugzilla.suse.com/1226764"
},
{
"category": "self",
"summary": "SUSE Bug 1226767",
"url": "https://bugzilla.suse.com/1226767"
},
{
"category": "self",
"summary": "SUSE Bug 1226768",
"url": "https://bugzilla.suse.com/1226768"
},
{
"category": "self",
"summary": "SUSE Bug 1226769",
"url": "https://bugzilla.suse.com/1226769"
},
{
"category": "self",
"summary": "SUSE Bug 1226771",
"url": "https://bugzilla.suse.com/1226771"
},
{
"category": "self",
"summary": "SUSE Bug 1226772",
"url": "https://bugzilla.suse.com/1226772"
},
{
"category": "self",
"summary": "SUSE Bug 1226774",
"url": "https://bugzilla.suse.com/1226774"
},
{
"category": "self",
"summary": "SUSE Bug 1226775",
"url": "https://bugzilla.suse.com/1226775"
},
{
"category": "self",
"summary": "SUSE Bug 1226776",
"url": "https://bugzilla.suse.com/1226776"
},
{
"category": "self",
"summary": "SUSE Bug 1226777",
"url": "https://bugzilla.suse.com/1226777"
},
{
"category": "self",
"summary": "SUSE Bug 1226780",
"url": "https://bugzilla.suse.com/1226780"
},
{
"category": "self",
"summary": "SUSE Bug 1226781",
"url": "https://bugzilla.suse.com/1226781"
},
{
"category": "self",
"summary": "SUSE Bug 1226783",
"url": "https://bugzilla.suse.com/1226783"
},
{
"category": "self",
"summary": "SUSE Bug 1226785",
"url": "https://bugzilla.suse.com/1226785"
},
{
"category": "self",
"summary": "SUSE Bug 1226786",
"url": "https://bugzilla.suse.com/1226786"
},
{
"category": "self",
"summary": "SUSE Bug 1226788",
"url": "https://bugzilla.suse.com/1226788"
},
{
"category": "self",
"summary": "SUSE Bug 1226789",
"url": "https://bugzilla.suse.com/1226789"
},
{
"category": "self",
"summary": "SUSE Bug 1226790",
"url": "https://bugzilla.suse.com/1226790"
},
{
"category": "self",
"summary": "SUSE Bug 1226791",
"url": "https://bugzilla.suse.com/1226791"
},
{
"category": "self",
"summary": "SUSE Bug 1226796",
"url": "https://bugzilla.suse.com/1226796"
},
{
"category": "self",
"summary": "SUSE Bug 1226799",
"url": "https://bugzilla.suse.com/1226799"
},
{
"category": "self",
"summary": "SUSE Bug 1226837",
"url": "https://bugzilla.suse.com/1226837"
},
{
"category": "self",
"summary": "SUSE Bug 1226839",
"url": "https://bugzilla.suse.com/1226839"
},
{
"category": "self",
"summary": "SUSE Bug 1226840",
"url": "https://bugzilla.suse.com/1226840"
},
{
"category": "self",
"summary": "SUSE Bug 1226841",
"url": "https://bugzilla.suse.com/1226841"
},
{
"category": "self",
"summary": "SUSE Bug 1226842",
"url": "https://bugzilla.suse.com/1226842"
},
{
"category": "self",
"summary": "SUSE Bug 1226844",
"url": "https://bugzilla.suse.com/1226844"
},
{
"category": "self",
"summary": "SUSE Bug 1226848",
"url": "https://bugzilla.suse.com/1226848"
},
{
"category": "self",
"summary": "SUSE Bug 1226852",
"url": "https://bugzilla.suse.com/1226852"
},
{
"category": "self",
"summary": "SUSE Bug 1226856",
"url": "https://bugzilla.suse.com/1226856"
},
{
"category": "self",
"summary": "SUSE Bug 1226857",
"url": "https://bugzilla.suse.com/1226857"
},
{
"category": "self",
"summary": "SUSE Bug 1226859",
"url": "https://bugzilla.suse.com/1226859"
},
{
"category": "self",
"summary": "SUSE Bug 1226861",
"url": "https://bugzilla.suse.com/1226861"
},
{
"category": "self",
"summary": "SUSE Bug 1226863",
"url": "https://bugzilla.suse.com/1226863"
},
{
"category": "self",
"summary": "SUSE Bug 1226864",
"url": "https://bugzilla.suse.com/1226864"
},
{
"category": "self",
"summary": "SUSE Bug 1226866",
"url": "https://bugzilla.suse.com/1226866"
},
{
"category": "self",
"summary": "SUSE Bug 1226867",
"url": "https://bugzilla.suse.com/1226867"
},
{
"category": "self",
"summary": "SUSE Bug 1226868",
"url": "https://bugzilla.suse.com/1226868"
},
{
"category": "self",
"summary": "SUSE Bug 1226875",
"url": "https://bugzilla.suse.com/1226875"
},
{
"category": "self",
"summary": "SUSE Bug 1226876",
"url": "https://bugzilla.suse.com/1226876"
},
{
"category": "self",
"summary": "SUSE Bug 1226878",
"url": "https://bugzilla.suse.com/1226878"
},
{
"category": "self",
"summary": "SUSE Bug 1226879",
"url": "https://bugzilla.suse.com/1226879"
},
{
"category": "self",
"summary": "SUSE Bug 1226883",
"url": "https://bugzilla.suse.com/1226883"
},
{
"category": "self",
"summary": "SUSE Bug 1226886",
"url": "https://bugzilla.suse.com/1226886"
},
{
"category": "self",
"summary": "SUSE Bug 1226890",
"url": "https://bugzilla.suse.com/1226890"
},
{
"category": "self",
"summary": "SUSE Bug 1226891",
"url": "https://bugzilla.suse.com/1226891"
},
{
"category": "self",
"summary": "SUSE Bug 1226894",
"url": "https://bugzilla.suse.com/1226894"
},
{
"category": "self",
"summary": "SUSE Bug 1226895",
"url": "https://bugzilla.suse.com/1226895"
},
{
"category": "self",
"summary": "SUSE Bug 1226905",
"url": "https://bugzilla.suse.com/1226905"
},
{
"category": "self",
"summary": "SUSE Bug 1226908",
"url": "https://bugzilla.suse.com/1226908"
},
{
"category": "self",
"summary": "SUSE Bug 1226909",
"url": "https://bugzilla.suse.com/1226909"
},
{
"category": "self",
"summary": "SUSE Bug 1226911",
"url": "https://bugzilla.suse.com/1226911"
},
{
"category": "self",
"summary": "SUSE Bug 1226915",
"url": "https://bugzilla.suse.com/1226915"
},
{
"category": "self",
"summary": "SUSE Bug 1226928",
"url": "https://bugzilla.suse.com/1226928"
},
{
"category": "self",
"summary": "SUSE Bug 1226934",
"url": "https://bugzilla.suse.com/1226934"
},
{
"category": "self",
"summary": "SUSE Bug 1226938",
"url": "https://bugzilla.suse.com/1226938"
},
{
"category": "self",
"summary": "SUSE Bug 1226939",
"url": "https://bugzilla.suse.com/1226939"
},
{
"category": "self",
"summary": "SUSE Bug 1226941",
"url": "https://bugzilla.suse.com/1226941"
},
{
"category": "self",
"summary": "SUSE Bug 1226948",
"url": "https://bugzilla.suse.com/1226948"
},
{
"category": "self",
"summary": "SUSE Bug 1226949",
"url": "https://bugzilla.suse.com/1226949"
},
{
"category": "self",
"summary": "SUSE Bug 1226950",
"url": "https://bugzilla.suse.com/1226950"
},
{
"category": "self",
"summary": "SUSE Bug 1226962",
"url": "https://bugzilla.suse.com/1226962"
},
{
"category": "self",
"summary": "SUSE Bug 1226976",
"url": "https://bugzilla.suse.com/1226976"
},
{
"category": "self",
"summary": "SUSE Bug 1226989",
"url": "https://bugzilla.suse.com/1226989"
},
{
"category": "self",
"summary": "SUSE Bug 1226990",
"url": "https://bugzilla.suse.com/1226990"
},
{
"category": "self",
"summary": "SUSE Bug 1226992",
"url": "https://bugzilla.suse.com/1226992"
},
{
"category": "self",
"summary": "SUSE Bug 1226993",
"url": "https://bugzilla.suse.com/1226993"
},
{
"category": "self",
"summary": "SUSE Bug 1226994",
"url": "https://bugzilla.suse.com/1226994"
},
{
"category": "self",
"summary": "SUSE Bug 1226995",
"url": "https://bugzilla.suse.com/1226995"
},
{
"category": "self",
"summary": "SUSE Bug 1226996",
"url": "https://bugzilla.suse.com/1226996"
},
{
"category": "self",
"summary": "SUSE Bug 1227066",
"url": "https://bugzilla.suse.com/1227066"
},
{
"category": "self",
"summary": "SUSE Bug 1227072",
"url": "https://bugzilla.suse.com/1227072"
},
{
"category": "self",
"summary": "SUSE Bug 1227085",
"url": "https://bugzilla.suse.com/1227085"
},
{
"category": "self",
"summary": "SUSE Bug 1227089",
"url": "https://bugzilla.suse.com/1227089"
},
{
"category": "self",
"summary": "SUSE Bug 1227090",
"url": "https://bugzilla.suse.com/1227090"
},
{
"category": "self",
"summary": "SUSE Bug 1227096",
"url": "https://bugzilla.suse.com/1227096"
},
{
"category": "self",
"summary": "SUSE Bug 1227101",
"url": "https://bugzilla.suse.com/1227101"
},
{
"category": "self",
"summary": "SUSE Bug 1227103",
"url": "https://bugzilla.suse.com/1227103"
},
{
"category": "self",
"summary": "SUSE Bug 1227149",
"url": "https://bugzilla.suse.com/1227149"
},
{
"category": "self",
"summary": "SUSE Bug 1227190",
"url": "https://bugzilla.suse.com/1227190"
},
{
"category": "self",
"summary": "SUSE Bug 1227282",
"url": "https://bugzilla.suse.com/1227282"
},
{
"category": "self",
"summary": "SUSE Bug 1227362",
"url": "https://bugzilla.suse.com/1227362"
},
{
"category": "self",
"summary": "SUSE Bug 1227363",
"url": "https://bugzilla.suse.com/1227363"
},
{
"category": "self",
"summary": "SUSE Bug 1227383",
"url": "https://bugzilla.suse.com/1227383"
},
{
"category": "self",
"summary": "SUSE Bug 1227432",
"url": "https://bugzilla.suse.com/1227432"
},
{
"category": "self",
"summary": "SUSE Bug 1227434",
"url": "https://bugzilla.suse.com/1227434"
},
{
"category": "self",
"summary": "SUSE Bug 1227435",
"url": "https://bugzilla.suse.com/1227435"
},
{
"category": "self",
"summary": "SUSE Bug 1227443",
"url": "https://bugzilla.suse.com/1227443"
},
{
"category": "self",
"summary": "SUSE Bug 1227446",
"url": "https://bugzilla.suse.com/1227446"
},
{
"category": "self",
"summary": "SUSE Bug 1227447",
"url": "https://bugzilla.suse.com/1227447"
},
{
"category": "self",
"summary": "SUSE Bug 1227487",
"url": "https://bugzilla.suse.com/1227487"
},
{
"category": "self",
"summary": "SUSE Bug 1227573",
"url": "https://bugzilla.suse.com/1227573"
},
{
"category": "self",
"summary": "SUSE Bug 1227626",
"url": "https://bugzilla.suse.com/1227626"
},
{
"category": "self",
"summary": "SUSE Bug 1227716",
"url": "https://bugzilla.suse.com/1227716"
},
{
"category": "self",
"summary": "SUSE Bug 1227719",
"url": "https://bugzilla.suse.com/1227719"
},
{
"category": "self",
"summary": "SUSE Bug 1227723",
"url": "https://bugzilla.suse.com/1227723"
},
{
"category": "self",
"summary": "SUSE Bug 1227730",
"url": "https://bugzilla.suse.com/1227730"
},
{
"category": "self",
"summary": "SUSE Bug 1227736",
"url": "https://bugzilla.suse.com/1227736"
},
{
"category": "self",
"summary": "SUSE Bug 1227755",
"url": "https://bugzilla.suse.com/1227755"
},
{
"category": "self",
"summary": "SUSE Bug 1227757",
"url": "https://bugzilla.suse.com/1227757"
},
{
"category": "self",
"summary": "SUSE Bug 1227762",
"url": "https://bugzilla.suse.com/1227762"
},
{
"category": "self",
"summary": "SUSE Bug 1227763",
"url": "https://bugzilla.suse.com/1227763"
},
{
"category": "self",
"summary": "SUSE Bug 1227779",
"url": "https://bugzilla.suse.com/1227779"
},
{
"category": "self",
"summary": "SUSE Bug 1227780",
"url": "https://bugzilla.suse.com/1227780"
},
{
"category": "self",
"summary": "SUSE Bug 1227783",
"url": "https://bugzilla.suse.com/1227783"
},
{
"category": "self",
"summary": "SUSE Bug 1227786",
"url": "https://bugzilla.suse.com/1227786"
},
{
"category": "self",
"summary": "SUSE Bug 1227788",
"url": "https://bugzilla.suse.com/1227788"
},
{
"category": "self",
"summary": "SUSE Bug 1227789",
"url": "https://bugzilla.suse.com/1227789"
},
{
"category": "self",
"summary": "SUSE Bug 1227797",
"url": "https://bugzilla.suse.com/1227797"
},
{
"category": "self",
"summary": "SUSE Bug 1227800",
"url": "https://bugzilla.suse.com/1227800"
},
{
"category": "self",
"summary": "SUSE Bug 1227801",
"url": "https://bugzilla.suse.com/1227801"
},
{
"category": "self",
"summary": "SUSE Bug 1227803",
"url": "https://bugzilla.suse.com/1227803"
},
{
"category": "self",
"summary": "SUSE Bug 1227806",
"url": "https://bugzilla.suse.com/1227806"
},
{
"category": "self",
"summary": "SUSE Bug 1227813",
"url": "https://bugzilla.suse.com/1227813"
},
{
"category": "self",
"summary": "SUSE Bug 1227814",
"url": "https://bugzilla.suse.com/1227814"
},
{
"category": "self",
"summary": "SUSE Bug 1227836",
"url": "https://bugzilla.suse.com/1227836"
},
{
"category": "self",
"summary": "SUSE Bug 1227855",
"url": "https://bugzilla.suse.com/1227855"
},
{
"category": "self",
"summary": "SUSE Bug 1227862",
"url": "https://bugzilla.suse.com/1227862"
},
{
"category": "self",
"summary": "SUSE Bug 1227866",
"url": "https://bugzilla.suse.com/1227866"
},
{
"category": "self",
"summary": "SUSE Bug 1227886",
"url": "https://bugzilla.suse.com/1227886"
},
{
"category": "self",
"summary": "SUSE Bug 1227899",
"url": "https://bugzilla.suse.com/1227899"
},
{
"category": "self",
"summary": "SUSE Bug 1227910",
"url": "https://bugzilla.suse.com/1227910"
},
{
"category": "self",
"summary": "SUSE Bug 1227913",
"url": "https://bugzilla.suse.com/1227913"
},
{
"category": "self",
"summary": "SUSE Bug 1227926",
"url": "https://bugzilla.suse.com/1227926"
},
{
"category": "self",
"summary": "SUSE Bug 1228090",
"url": "https://bugzilla.suse.com/1228090"
},
{
"category": "self",
"summary": "SUSE Bug 1228192",
"url": "https://bugzilla.suse.com/1228192"
},
{
"category": "self",
"summary": "SUSE Bug 1228193",
"url": "https://bugzilla.suse.com/1228193"
},
{
"category": "self",
"summary": "SUSE Bug 1228211",
"url": "https://bugzilla.suse.com/1228211"
},
{
"category": "self",
"summary": "SUSE Bug 1228269",
"url": "https://bugzilla.suse.com/1228269"
},
{
"category": "self",
"summary": "SUSE Bug 1228289",
"url": "https://bugzilla.suse.com/1228289"
},
{
"category": "self",
"summary": "SUSE Bug 1228327",
"url": "https://bugzilla.suse.com/1228327"
},
{
"category": "self",
"summary": "SUSE Bug 1228328",
"url": "https://bugzilla.suse.com/1228328"
},
{
"category": "self",
"summary": "SUSE Bug 1228403",
"url": "https://bugzilla.suse.com/1228403"
},
{
"category": "self",
"summary": "SUSE Bug 1228405",
"url": "https://bugzilla.suse.com/1228405"
},
{
"category": "self",
"summary": "SUSE Bug 1228408",
"url": "https://bugzilla.suse.com/1228408"
},
{
"category": "self",
"summary": "SUSE Bug 1228417",
"url": "https://bugzilla.suse.com/1228417"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-47432 page",
"url": "https://www.suse.com/security/cve/CVE-2021-47432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48669 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48772 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-38417 page",
"url": "https://www.suse.com/security/cve/CVE-2023-38417/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47210 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-51780 page",
"url": "https://www.suse.com/security/cve/CVE-2023-51780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52434 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52435 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52458 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52472 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52483 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52503 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52616 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52618 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52622 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52631 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52635 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52640 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52641 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52645 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52647 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52648 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52648/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52649 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52649/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52650 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52650/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52652 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52654 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52655 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52656 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52657 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52658 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52659 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52660 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52661 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52662 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52663 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52664 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52667 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52669 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52670 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52671 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52672 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52672/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52673 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52674 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52675 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52678 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52679 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52680 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52681 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52683 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52686 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52687 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52690 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52691 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52692 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52693 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52694 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52695 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52696 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52697 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52698 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52699 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52735 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52735/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52749 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52749/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52750 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52751 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52753 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52753/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52754 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52754/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52757 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52759 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52762 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52763 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52763/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52764 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52765 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52765/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52766 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52766/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52767 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52768 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52768/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52769 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52771 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52772 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52773 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52774 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52775 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52776 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52776/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52777 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52780 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52781 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52782 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52782/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52783 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52784 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52786 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52787 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52788 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52789 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52791 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52792 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52792/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52794 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52795 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52796 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52798 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52798/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52799 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52800 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52801 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52803 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52804 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52805 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52806 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52807 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52808 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52809 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52810 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52811 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52812 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52813 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52814 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52815 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52816 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52817 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52818 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52818/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52819 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52821 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52825 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52826 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52827 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52829 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52832 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52833 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52834 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52835 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52836 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52837 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52838 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52840 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52841 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52842 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52843 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52844 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52845 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52846 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52847 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52849 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52850 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52851 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52853 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52854 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52855 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52856 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52857 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52858 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52860 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52861 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52862 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52866 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52868 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52869 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52870 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52871 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52871/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52872 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52873 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52873/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52874 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52874/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52875 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52876 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52877 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52878 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52879 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52880 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52881 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52882 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52883 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52884 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6238 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0639 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-22099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-22099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25741 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25741/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26611 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26615 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26623 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26623/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26625 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26625/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26632 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26635 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26636 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26641 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26642 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26643 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26654 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26656 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26657 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26663 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26665 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26671 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26673 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26674 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26676 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26685 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26691 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26692 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26704 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26714 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26726 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26731 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26734 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26734/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26737 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26740 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26742 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26750 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26750/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26758 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26760 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26761 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26764 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26767 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26769 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26772 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26773 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26774 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26780 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26783 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26785 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26786 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26793 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26802 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26813 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26814 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26815 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26816 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26826 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26826/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26832 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26836 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26844 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26846 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26853 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26854 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26856 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26866 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26881 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26920 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26920/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26929 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26929/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26939 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26943 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26959 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26966 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26968 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26970 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26977 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26983 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26988 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26989 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26991 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26992 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27000 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27003 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27022 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27023 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27027 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27028 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27030 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27031 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27036 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27037 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27038 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27038/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27039 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27039/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27040 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27041 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27042 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27043 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27044 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27045 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27046 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27047 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27047/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27048 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27048/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27051 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27052 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27053 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27054 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27059 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27060 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27060/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27064 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27064/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27065 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27067 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27071 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27071/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27072 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27072/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27073 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27073/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27074 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27075 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27076 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27077 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27389 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27391 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27393 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27395 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27396 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27399 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27400 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27401 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27402 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27402/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27404 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27404/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27405 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27410 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27411 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27412 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27412/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27413 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27414 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27416 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27417 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27417/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27418 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27419 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27419/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27431 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27432 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27434 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27435 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27436 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-33619 page",
"url": "https://www.suse.com/security/cve/CVE-2024-33619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34777 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35247 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35247/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35784 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35786 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35795 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35799 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35801 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35803 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35804 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35806 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35808 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35809 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35811 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35812 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35813 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35814 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35815 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35819 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35821 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35823 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35824 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35825 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35827 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35827/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35829 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35830 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35831 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35833 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35835 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35836 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35837 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35838 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35841 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35842 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35843 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35847 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35849 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35850 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35851 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35853 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35854 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35866 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35872 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35875 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35877 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35879 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35880 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35886 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35887 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35890 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35891 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35892 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35892/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35893 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35907 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35908 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35911 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35912 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35916 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35926 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35927 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35942 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35943 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35953 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35959 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35966 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35967 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35970 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35976 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35976/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35977 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35989 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35991 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35992 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36003 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36005 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36010 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36010/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36024 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36026 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36030 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36032 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36281 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36281/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36477 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36477/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36478 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36478/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36479 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36880 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36887 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36890 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36891 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36893 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36897 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36902 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36910 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36911 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36912 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36913 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36916 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36918 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36926 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36941 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36942 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36959 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36967 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36977 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37078 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37078/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37353 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-37354 page",
"url": "https://www.suse.com/security/cve/CVE-2024-37354/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38381 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38381/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38384 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38384/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38385 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38385/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38390 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38390/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38391 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38391/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38539 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38540 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38541 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38543 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38543/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38544 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38544/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38545 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38545/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38546 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38547 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38547/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38549 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38550 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38550/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38551 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38551/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38552 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38552/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38553 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38553/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38554 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38555 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38556 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38556/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38557 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38557/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38558 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38558/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38559 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38559/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38560 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38560/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38562 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38562/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38564 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38564/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38565 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38565/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38566 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38566/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38567 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38567/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38568 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38568/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38569 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38569/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38570 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38570/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38571 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38571/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38572 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38572/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38573 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38573/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38575 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38575/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38578 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38578/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38579 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38579/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38580 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38581 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38581/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38582 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38582/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38583 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38586 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38586/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38587 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38587/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38588 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38590 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38591 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38592 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38594 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38594/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38595 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38595/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38597 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38598 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38599 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38599/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38600 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38602 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38603 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38603/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38604 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38608 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38610 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38610/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38611 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38615 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38615/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38616 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38617 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38618 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38619 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38622 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38622/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38627 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38627/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38628 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38629 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38630 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38630/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38633 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38634 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38635 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38636 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38659 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38661 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38663 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38664 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-38780 page",
"url": "https://www.suse.com/security/cve/CVE-2024-38780/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39276 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39277 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39277/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39291 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39296 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39301 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39301/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39362 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39371 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39463 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39466 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39466/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39468 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39468/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39469 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39471 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39471/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39472 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39473 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39474 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39474/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39475 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39475/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39479 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39479/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39481 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39481/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39482 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39487 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39490 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39490/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39494 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39494/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39496 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39498 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39498/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39502 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39502/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39504 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39504/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-39507 page",
"url": "https://www.suse.com/security/cve/CVE-2024-39507/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40908 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40908/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40953 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40966 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40970 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40998 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40998/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-40999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-40999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41017 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41017/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41090 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-41091 page",
"url": "https://www.suse.com/security/cve/CVE-2024-41091/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-02-03T08:47:04Z",
"generator": {
"date": "2025-02-03T08:47:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:20008-1",
"initial_release_date": "2025-02-03T08:47:04Z",
"revision_history": [
{
"date": "2025-02-03T08:47:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-18.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-18.1.aarch64",
"product_id": "kernel-default-6.4.0-18.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-17.1.1.51.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-17.1.1.51.aarch64",
"product_id": "kernel-default-base-6.4.0-17.1.1.51.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-18.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-18.1.noarch",
"product_id": "kernel-devel-6.4.0-18.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-18.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-18.1.noarch",
"product_id": "kernel-macros-6.4.0-18.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-18.1.noarch",
"product": {
"name": "kernel-source-6.4.0-18.1.noarch",
"product_id": "kernel-source-6.4.0-18.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-18.1.s390x",
"product": {
"name": "kernel-default-6.4.0-18.1.s390x",
"product_id": "kernel-default-6.4.0-18.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-18.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-18.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-18.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-18.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-18.1.x86_64",
"product_id": "kernel-default-6.4.0-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-17.1.1.51.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-17.1.1.51.x86_64",
"product_id": "kernel-default-base-6.4.0-17.1.1.51.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-18.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-18.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-18.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-18.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-18.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-18.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-18.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-18.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-18.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x"
},
"product_reference": "kernel-default-6.4.0-18.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-18.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-17.1.1.51.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-17.1.1.51.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-17.1.1.51.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-17.1.1.51.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-18.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-18.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-18.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-18.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-18.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-18.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-18.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-18.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-18.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-18.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
},
"product_reference": "kernel-source-6.4.0-18.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-47432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-47432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/generic-radix-tree.c: Don\u0027t overflow in peek()\n\nWhen we started spreading new inode numbers throughout most of the 64\nbit inode space, that triggered some corner case bugs, in particular\nsome integer overflows related to the radix tree code. Oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-47432",
"url": "https://www.suse.com/security/cve/CVE-2021-47432"
},
{
"category": "external",
"summary": "SUSE Bug 1225391 for CVE-2021-47432",
"url": "https://bugzilla.suse.com/1225391"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2021-47432"
},
{
"cve": "CVE-2022-48669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries: Fix potential memleak in papr_get_attr()\n\n`buf` is allocated in papr_get_attr(), and krealloc() of `buf`\ncould fail. We need to free the original `buf` in the case of failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48669",
"url": "https://www.suse.com/security/cve/CVE-2022-48669"
},
{
"category": "external",
"summary": "SUSE Bug 1223756 for CVE-2022-48669",
"url": "https://bugzilla.suse.com/1223756"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2022-48669"
},
{
"cve": "CVE-2022-48772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: lgdt3306a: Add a check against null-pointer-def\n\nThe driver should check whether the client provides the platform_data.\n\nThe following log reveals it:\n\n[ 29.610324] BUG: KASAN: null-ptr-deref in kmemdup+0x30/0x40\n[ 29.610730] Read of size 40 at addr 0000000000000000 by task bash/414\n[ 29.612820] Call Trace:\n[ 29.613030] \u003cTASK\u003e\n[ 29.613201] dump_stack_lvl+0x56/0x6f\n[ 29.613496] ? kmemdup+0x30/0x40\n[ 29.613754] print_report.cold+0x494/0x6b7\n[ 29.614082] ? kmemdup+0x30/0x40\n[ 29.614340] kasan_report+0x8a/0x190\n[ 29.614628] ? kmemdup+0x30/0x40\n[ 29.614888] kasan_check_range+0x14d/0x1d0\n[ 29.615213] memcpy+0x20/0x60\n[ 29.615454] kmemdup+0x30/0x40\n[ 29.615700] lgdt3306a_probe+0x52/0x310\n[ 29.616339] i2c_device_probe+0x951/0xa90",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48772",
"url": "https://www.suse.com/security/cve/CVE-2022-48772"
},
{
"category": "external",
"summary": "SUSE Bug 1226976 for CVE-2022-48772",
"url": "https://bugzilla.suse.com/1226976"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2022-48772"
},
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-38417",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-38417"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-38417",
"url": "https://www.suse.com/security/cve/CVE-2023-38417"
},
{
"category": "external",
"summary": "SUSE Bug 1225600 for CVE-2023-38417",
"url": "https://bugzilla.suse.com/1225600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-38417"
},
{
"cve": "CVE-2023-47210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47210"
}
],
"notes": [
{
"category": "general",
"text": "Improper input validation for some Intel(R) PROSet/Wireless WiFi software for linux before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47210",
"url": "https://www.suse.com/security/cve/CVE-2023-47210"
},
{
"category": "external",
"summary": "SUSE Bug 1225601 for CVE-2023-47210",
"url": "https://bugzilla.suse.com/1225601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-47210"
},
{
"cve": "CVE-2023-51780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-51780"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-51780",
"url": "https://www.suse.com/security/cve/CVE-2023-51780"
},
{
"category": "external",
"summary": "SUSE Bug 1218730 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218730"
},
{
"category": "external",
"summary": "SUSE Bug 1218733 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1218733"
},
{
"category": "external",
"summary": "SUSE Bug 1220191 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1220191"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1224298 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224298"
},
{
"category": "external",
"summary": "SUSE Bug 1224878 for CVE-2023-51780",
"url": "https://bugzilla.suse.com/1224878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-51780"
},
{
"cve": "CVE-2023-52434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52434"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential OOBs in smb2_parse_contexts()\n\nValidate offsets and lengths before dereferencing create contexts in\nsmb2_parse_contexts().\n\nThis fixes following oops when accessing invalid create contexts from\nserver:\n\n BUG: unable to handle page fault for address: ffff8881178d8cc3\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 4a01067 P4D 4a01067 PUD 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 3 PID: 1736 Comm: mount.cifs Not tainted 6.7.0-rc4 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n RIP: 0010:smb2_parse_contexts+0xa0/0x3a0 [cifs]\n Code: f8 10 75 13 48 b8 93 ad 25 50 9c b4 11 e7 49 39 06 0f 84 d2 00\n 00 00 8b 45 00 85 c0 74 61 41 29 c5 48 01 c5 41 83 fd 0f 76 55 \u003c0f\u003e b7\n 7d 04 0f b7 45 06 4c 8d 74 3d 00 66 83 f8 04 75 bc ba 04 00\n RSP: 0018:ffffc900007939e0 EFLAGS: 00010216\n RAX: ffffc90000793c78 RBX: ffff8880180cc000 RCX: ffffc90000793c90\n RDX: ffffc90000793cc0 RSI: ffff8880178d8cc0 RDI: ffff8880180cc000\n RBP: ffff8881178d8cbf R08: ffffc90000793c22 R09: 0000000000000000\n R10: ffff8880180cc000 R11: 0000000000000024 R12: 0000000000000000\n R13: 0000000000000020 R14: 0000000000000000 R15: ffffc90000793c22\n FS: 00007f873753cbc0(0000) GS:ffff88806bc00000(0000)\n knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff8881178d8cc3 CR3: 00000000181ca000 CR4: 0000000000750ef0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x181/0x480\n ? search_module_extables+0x19/0x60\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? exc_page_fault+0x1b6/0x1c0\n ? asm_exc_page_fault+0x26/0x30\n ? smb2_parse_contexts+0xa0/0x3a0 [cifs]\n SMB2_open+0x38d/0x5f0 [cifs]\n ? smb2_is_path_accessible+0x138/0x260 [cifs]\n smb2_is_path_accessible+0x138/0x260 [cifs]\n cifs_is_path_remote+0x8d/0x230 [cifs]\n cifs_mount+0x7e/0x350 [cifs]\n cifs_smb3_do_mount+0x128/0x780 [cifs]\n smb3_get_tree+0xd9/0x290 [cifs]\n vfs_get_tree+0x2c/0x100\n ? capable+0x37/0x70\n path_mount+0x2d7/0xb80\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? _raw_spin_unlock_irqrestore+0x44/0x60\n __x64_sys_mount+0x11a/0x150\n do_syscall_64+0x47/0xf0\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n RIP: 0033:0x7f8737657b1e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52434",
"url": "https://www.suse.com/security/cve/CVE-2023-52434"
},
{
"category": "external",
"summary": "SUSE Bug 1220148 for CVE-2023-52434",
"url": "https://bugzilla.suse.com/1220148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52434"
},
{
"cve": "CVE-2023-52435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: prevent mss overflow in skb_segment()\n\nOnce again syzbot is able to crash the kernel in skb_segment() [1]\n\nGSO_BY_FRAGS is a forbidden value, but unfortunately the following\ncomputation in skb_segment() can reach it quite easily :\n\n\tmss = mss * partial_segs;\n\n65535 = 3 * 5 * 17 * 257, so many initial values of mss can lead to\na bad final result.\n\nMake sure to limit segmentation so that the new mss value is smaller\nthan GSO_BY_FRAGS.\n\n[1]\n\ngeneral protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]\nCPU: 1 PID: 5079 Comm: syz-executor993 Not tainted 6.7.0-rc4-syzkaller-00141-g1ae4cd3cbdd0 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/10/2023\nRIP: 0010:skb_segment+0x181d/0x3f30 net/core/skbuff.c:4551\nCode: 83 e3 02 e9 fb ed ff ff e8 90 68 1c f9 48 8b 84 24 f8 00 00 00 48 8d 78 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 08 3c 03 0f 8e 8a 21 00 00 48 8b 84 24 f8 00\nRSP: 0018:ffffc900043473d0 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000010046 RCX: ffffffff886b1597\nRDX: 000000000000000e RSI: ffffffff886b2520 RDI: 0000000000000070\nRBP: ffffc90004347578 R08: 0000000000000005 R09: 000000000000ffff\nR10: 000000000000ffff R11: 0000000000000002 R12: ffff888063202ac0\nR13: 0000000000010000 R14: 000000000000ffff R15: 0000000000000046\nFS: 0000555556e7e380(0000) GS:ffff8880b9900000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020010000 CR3: 0000000027ee2000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003cTASK\u003e\nudp6_ufo_fragment+0xa0e/0xd00 net/ipv6/udp_offload.c:109\nipv6_gso_segment+0x534/0x17e0 net/ipv6/ip6_offload.c:120\nskb_mac_gso_segment+0x290/0x610 net/core/gso.c:53\n__skb_gso_segment+0x339/0x710 net/core/gso.c:124\nskb_gso_segment include/net/gso.h:83 [inline]\nvalidate_xmit_skb+0x36c/0xeb0 net/core/dev.c:3626\n__dev_queue_xmit+0x6f3/0x3d60 net/core/dev.c:4338\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\npacket_xmit+0x257/0x380 net/packet/af_packet.c:276\npacket_snd net/packet/af_packet.c:3087 [inline]\npacket_sendmsg+0x24c6/0x5220 net/packet/af_packet.c:3119\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n__sys_sendto+0x255/0x340 net/socket.c:2190\n__do_sys_sendto net/socket.c:2202 [inline]\n__se_sys_sendto net/socket.c:2198 [inline]\n__x64_sys_sendto+0xe0/0x1b0 net/socket.c:2198\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7f8692032aa9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 d1 19 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff8d685418 EFLAGS: 00000246 ORIG_RAX: 000000000000002c\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f8692032aa9\nRDX: 0000000000010048 RSI: 00000000200000c0 RDI: 0000000000000003\nRBP: 00000000000f4240 R08: 0000000020000540 R09: 0000000000000014\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fff8d685480\nR13: 0000000000000001 R14: 00007fff8d685480 R15: 0000000000000003\n\u003c/TASK\u003e\nModules linked in:\n---[ end trace 0000000000000000 ]---\nRIP: 0010:skb_segment+0x181d/0x3f30 net/core/skbuff.c:4551\nCode: 83 e3 02 e9 fb ed ff ff e8 90 68 1c f9 48 8b 84 24 f8 00 00 00 48 8d 78 70 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 04 02 84 c0 74 08 3c 03 0f 8e 8a 21 00 00 48 8b 84 24 f8 00\nRSP: 0018:ffffc900043473d0 EFLAGS: 00010202\nRAX: dffffc0000000000 RBX: 0000000000010046 RCX: ffffffff886b1597\nRDX: 000000000000000e RSI: ffffffff886b2520 RDI: 0000000000000070\nRBP: ffffc90004347578 R0\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52435",
"url": "https://www.suse.com/security/cve/CVE-2023-52435"
},
{
"category": "external",
"summary": "SUSE Bug 1220138 for CVE-2023-52435",
"url": "https://bugzilla.suse.com/1220138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52435"
},
{
"cve": "CVE-2023-52458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: add check that partition length needs to be aligned with block size\n\nBefore calling add partition or resize partition, there is no check\non whether the length is aligned with the logical block size.\nIf the logical block size of the disk is larger than 512 bytes,\nthen the partition size maybe not the multiple of the logical block size,\nand when the last sector is read, bio_truncate() will adjust the bio size,\nresulting in an IO error if the size of the read command is smaller than\nthe logical block size.If integrity data is supported, this will also\nresult in a null pointer dereference when calling bio_integrity_free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52458",
"url": "https://www.suse.com/security/cve/CVE-2023-52458"
},
{
"category": "external",
"summary": "SUSE Bug 1220428 for CVE-2023-52458",
"url": "https://bugzilla.suse.com/1220428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52458"
},
{
"cve": "CVE-2023-52472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: rsa - add a check for allocation failure\n\nStatic checkers insist that the mpi_alloc() allocation can fail so add\na check to prevent a NULL dereference. Small allocations like this\ncan\u0027t actually fail in current kernels, but adding a check is very\nsimple and makes the static checkers happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52472",
"url": "https://www.suse.com/security/cve/CVE-2023-52472"
},
{
"category": "external",
"summary": "SUSE Bug 1220427 for CVE-2023-52472",
"url": "https://bugzilla.suse.com/1220427"
},
{
"category": "external",
"summary": "SUSE Bug 1220430 for CVE-2023-52472",
"url": "https://bugzilla.suse.com/1220430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2023-52472"
},
{
"cve": "CVE-2023-52483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmctp: perform route lookups under a RCU read-side lock\n\nOur current route lookups (mctp_route_lookup and mctp_route_lookup_null)\ntraverse the net\u0027s route list without the RCU read lock held. This means\nthe route lookup is subject to preemption, resulting in an potential\ngrace period expiry, and so an eventual kfree() while we still have the\nroute pointer.\n\nAdd the proper read-side critical section locks around the route\nlookups, preventing premption and a possible parallel kfree.\n\nThe remaining net-\u003emctp.routes accesses are already under a\nrcu_read_lock, or protected by the RTNL for updates.\n\nBased on an analysis from Sili Luo \u003crootlab@huawei.com\u003e, where\nintroducing a delay in the route lookup could cause a UAF on\nsimultaneous sendmsg() and route deletion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52483",
"url": "https://www.suse.com/security/cve/CVE-2023-52483"
},
{
"category": "external",
"summary": "SUSE Bug 1220738 for CVE-2023-52483",
"url": "https://bugzilla.suse.com/1220738"
},
{
"category": "external",
"summary": "SUSE Bug 1223291 for CVE-2023-52483",
"url": "https://bugzilla.suse.com/1223291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52483"
},
{
"cve": "CVE-2023-52503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: amdtee: fix use-after-free vulnerability in amdtee_close_session\n\nThere is a potential race condition in amdtee_close_session that may\ncause use-after-free in amdtee_open_session. For instance, if a session\nhas refcount == 1, and one thread tries to free this session via:\n\n kref_put(\u0026sess-\u003erefcount, destroy_session);\n\nthe reference count will get decremented, and the next step would be to\ncall destroy_session(). However, if in another thread,\namdtee_open_session() is called before destroy_session() has completed\nexecution, alloc_session() may return \u0027sess\u0027 that will be freed up\nlater in destroy_session() leading to use-after-free in\namdtee_open_session.\n\nTo fix this issue, treat decrement of sess-\u003erefcount and removal of\n\u0027sess\u0027 from session list in destroy_session() as a critical section, so\nthat it is executed atomically.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52503",
"url": "https://www.suse.com/security/cve/CVE-2023-52503"
},
{
"category": "external",
"summary": "SUSE Bug 1220915 for CVE-2023-52503",
"url": "https://bugzilla.suse.com/1220915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52503"
},
{
"cve": "CVE-2023-52616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init\n\nWhen the mpi_ec_ctx structure is initialized, some fields are not\ncleared, causing a crash when referencing the field when the\nstructure was released. Initially, this issue was ignored because\nmemory for mpi_ec_ctx is allocated with the __GFP_ZERO flag.\nFor example, this error will be triggered when calculating the\nZa value for SM2 separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52616",
"url": "https://www.suse.com/security/cve/CVE-2023-52616"
},
{
"category": "external",
"summary": "SUSE Bug 1221612 for CVE-2023-52616",
"url": "https://bugzilla.suse.com/1221612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52616"
},
{
"cve": "CVE-2023-52618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock/rnbd-srv: Check for unlikely string overflow\n\nSince \"dev_search_path\" can technically be as large as PATH_MAX,\nthere was a risk of truncation when copying it and a second string\ninto \"full_path\" since it was also PATH_MAX sized. The W=1 builds were\nreporting this warning:\n\ndrivers/block/rnbd/rnbd-srv.c: In function \u0027process_msg_open.isra\u0027:\ndrivers/block/rnbd/rnbd-srv.c:616:51: warning: \u0027%s\u0027 directive output may be truncated writing up to 254 bytes into a region of size between 0 and 4095 [-Wformat-truncation=]\n 616 | snprintf(full_path, PATH_MAX, \"%s/%s\",\n | ^~\nIn function \u0027rnbd_srv_get_full_path\u0027,\n inlined from \u0027process_msg_open.isra\u0027 at drivers/block/rnbd/rnbd-srv.c:721:14: drivers/block/rnbd/rnbd-srv.c:616:17: note: \u0027snprintf\u0027 output between 2 and 4351 bytes into a destination of size 4096\n 616 | snprintf(full_path, PATH_MAX, \"%s/%s\",\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n 617 | dev_search_path, dev_name);\n | ~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nTo fix this, unconditionally check for truncation (as was already done\nfor the case where \"%SESSNAME%\" was present).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52618",
"url": "https://www.suse.com/security/cve/CVE-2023-52618"
},
{
"category": "external",
"summary": "SUSE Bug 1221615 for CVE-2023-52618",
"url": "https://bugzilla.suse.com/1221615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52618"
},
{
"cve": "CVE-2023-52622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n \u003cTASK\u003e\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE \u003c\u003c MAX_ORDER) / sizeof(struct ext4_new_group_data) ~ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52622",
"url": "https://www.suse.com/security/cve/CVE-2023-52622"
},
{
"category": "external",
"summary": "SUSE Bug 1222080 for CVE-2023-52622",
"url": "https://bugzilla.suse.com/1222080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52622"
},
{
"cve": "CVE-2023-52631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix an NULL dereference bug\n\nThe issue here is when this is called from ntfs_load_attr_list(). The\n\"size\" comes from le32_to_cpu(attr-\u003eres.data_size) so it can\u0027t overflow\non a 64bit systems but on 32bit systems the \"+ 1023\" can overflow and\nthe result is zero. This means that the kmalloc will succeed by\nreturning the ZERO_SIZE_PTR and then the memcpy() will crash with an\nOops on the next line.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52631",
"url": "https://www.suse.com/security/cve/CVE-2023-52631"
},
{
"category": "external",
"summary": "SUSE Bug 1222264 for CVE-2023-52631",
"url": "https://bugzilla.suse.com/1222264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52631"
},
{
"cve": "CVE-2023-52635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Synchronize devfreq_monitor_[start/stop]\n\nThere is a chance if a frequent switch of the governor\ndone in a loop result in timer list corruption where\ntimer cancel being done from two place one from\ncancel_delayed_work_sync() and followed by expire_timers()\ncan be seen from the traces[1].\n\nwhile true\ndo\n echo \"simple_ondemand\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\n echo \"performance\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\ndone\n\nIt looks to be issue with devfreq driver where\ndevice_monitor_[start/stop] need to synchronized so that\ndelayed work should get corrupted while it is either\nbeing queued or running or being cancelled.\n\nLet\u0027s use polling flag and devfreq lock to synchronize the\nqueueing the timer instance twice and work data being\ncorrupted.\n\n[1]\n...\n..\n\u003cidle\u003e-0 [003] 9436.209662: timer_cancel timer=0xffffff80444f0428\n\u003cidle\u003e-0 [003] 9436.209664: timer_expire_entry timer=0xffffff80444f0428 now=0x10022da1c function=__typeid__ZTSFvP10timer_listE_global_addr baseclk=0x10022da1c\n\u003cidle\u003e-0 [003] 9436.209718: timer_expire_exit timer=0xffffff80444f0428\nkworker/u16:6-14217 [003] 9436.209863: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2b now=0x10022da1c flags=182452227\nvendor.xxxyyy.ha-1593 [004] 9436.209888: timer_cancel timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216390: timer_init timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216392: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2c now=0x10022da1d flags=186646532\nvendor.xxxyyy.ha-1593 [005] 9436.220992: timer_cancel timer=0xffffff80444f0428\nxxxyyyTraceManag-7795 [004] 9436.261641: timer_cancel timer=0xffffff80444f0428\n\n[2]\n\n 9436.261653][ C4] Unable to handle kernel paging request at virtual address dead00000000012a\n[ 9436.261664][ C4] Mem abort info:\n[ 9436.261666][ C4] ESR = 0x96000044\n[ 9436.261669][ C4] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 9436.261671][ C4] SET = 0, FnV = 0\n[ 9436.261673][ C4] EA = 0, S1PTW = 0\n[ 9436.261675][ C4] Data abort info:\n[ 9436.261677][ C4] ISV = 0, ISS = 0x00000044\n[ 9436.261680][ C4] CM = 0, WnR = 1\n[ 9436.261682][ C4] [dead00000000012a] address between user and kernel address ranges\n[ 9436.261685][ C4] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 9436.261701][ C4] Skip md ftrace buffer dump for: 0x3a982d0\n...\n\n[ 9436.262138][ C4] CPU: 4 PID: 7795 Comm: TraceManag Tainted: G S W O 5.10.149-android12-9-o-g17f915d29d0c #1\n[ 9436.262141][ C4] Hardware name: Qualcomm Technologies, Inc. (DT)\n[ 9436.262144][ C4] pstate: 22400085 (nzCv daIf +PAN -UAO +TCO BTYPE=--)\n[ 9436.262161][ C4] pc : expire_timers+0x9c/0x438\n[ 9436.262164][ C4] lr : expire_timers+0x2a4/0x438\n[ 9436.262168][ C4] sp : ffffffc010023dd0\n[ 9436.262171][ C4] x29: ffffffc010023df0 x28: ffffffd0636fdc18\n[ 9436.262178][ C4] x27: ffffffd063569dd0 x26: ffffffd063536008\n[ 9436.262182][ C4] x25: 0000000000000001 x24: ffffff88f7c69280\n[ 9436.262185][ C4] x23: 00000000000000e0 x22: dead000000000122\n[ 9436.262188][ C4] x21: 000000010022da29 x20: ffffff8af72b4e80\n[ 9436.262191][ C4] x19: ffffffc010023e50 x18: ffffffc010025038\n[ 9436.262195][ C4] x17: 0000000000000240 x16: 0000000000000201\n[ 9436.262199][ C4] x15: ffffffffffffffff x14: ffffff889f3c3100\n[ 9436.262203][ C4] x13: ffffff889f3c3100 x12: 00000000049f56b8\n[ 9436.262207][ C4] x11: 00000000049f56b8 x10: 00000000ffffffff\n[ 9436.262212][ C4] x9 : ffffffc010023e50 x8 : dead000000000122\n[ 9436.262216][ C4] x7 : ffffffffffffffff x6 : ffffffc0100239d8\n[ 9436.262220][ C4] x5 : 0000000000000000 x4 : 0000000000000101\n[ 9436.262223][ C4] x3 : 0000000000000080 x2 : ffffff8\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52635",
"url": "https://www.suse.com/security/cve/CVE-2023-52635"
},
{
"category": "external",
"summary": "SUSE Bug 1222294 for CVE-2023-52635",
"url": "https://bugzilla.suse.com/1222294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52635"
},
{
"cve": "CVE-2023-52640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix oob in ntfs_listxattr\n\nThe length of name cannot exceed the space occupied by ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52640",
"url": "https://www.suse.com/security/cve/CVE-2023-52640"
},
{
"category": "external",
"summary": "SUSE Bug 1222301 for CVE-2023-52640",
"url": "https://bugzilla.suse.com/1222301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52640"
},
{
"cve": "CVE-2023-52641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame()\n\nIt is preferable to exit through the out: label because\ninternal debugging functions are located there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52641",
"url": "https://www.suse.com/security/cve/CVE-2023-52641"
},
{
"category": "external",
"summary": "SUSE Bug 1222303 for CVE-2023-52641",
"url": "https://bugzilla.suse.com/1222303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52641"
},
{
"cve": "CVE-2023-52645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: mediatek: fix race conditions with genpd\n\nIf the power domains are registered first with genpd and *after that*\nthe driver attempts to power them on in the probe sequence, then it is\npossible that a race condition occurs if genpd tries to power them on\nin the same time.\nThe same is valid for powering them off before unregistering them\nfrom genpd.\nAttempt to fix race conditions by first removing the domains from genpd\nand *after that* powering down domains.\nAlso first power up the domains and *after that* register them\nto genpd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52645",
"url": "https://www.suse.com/security/cve/CVE-2023-52645"
},
{
"category": "external",
"summary": "SUSE Bug 1223033 for CVE-2023-52645",
"url": "https://bugzilla.suse.com/1223033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52645"
},
{
"cve": "CVE-2023-52647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52647"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access\n\nWhen translating source to sink streams in the crossbar subdev, the\ndriver tries to locate the remote subdev connected to the sink pad. The\nremote pad may be NULL, if userspace tries to enable a stream that ends\nat an unconnected crossbar sink. When that occurs, the driver\ndereferences the NULL pad, leading to a crash.\n\nPrevent the crash by checking if the pad is NULL before using it, and\nreturn an error if it is.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52647",
"url": "https://www.suse.com/security/cve/CVE-2023-52647"
},
{
"category": "external",
"summary": "SUSE Bug 1223764 for CVE-2023-52647",
"url": "https://bugzilla.suse.com/1223764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52647"
},
{
"cve": "CVE-2023-52648",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52648"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Unmap the surface before resetting it on a plane state\n\nSwitch to a new plane state requires unreferencing of all held surfaces.\nIn the work required for mob cursors the mapped surfaces started being\ncached but the variable indicating whether the surface is currently\nmapped was not being reset. This leads to crashes as the duplicated\nstate, incorrectly, indicates the that surface is mapped even when\nno surface is present. That\u0027s because after unreferencing the surface\nit\u0027s perfectly possible for the plane to be backed by a bo instead of a\nsurface.\n\nReset the surface mapped flag when unreferencing the plane state surface\nto fix null derefs in cleanup. Fixes crashes in KDE KWin 6.0 on Wayland:\n\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 4 PID: 2533 Comm: kwin_wayland Not tainted 6.7.0-rc3-vmwgfx #2\nHardware name: VMware, Inc. VMware Virtual Platform/440BX Desktop Reference Platform, BIOS 6.00 11/12/2020\nRIP: 0010:vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\nCode: 00 00 00 75 3a 48 83 c4 10 5b 5d c3 cc cc cc cc 48 8b b3 a8 00 00 00 48 c7 c7 99 90 43 c0 e8 93 c5 db ca 48 8b 83 a8 00 00 00 \u003c48\u003e 8b 78 28 e8 e3 f\u003e\nRSP: 0018:ffffb6b98216fa80 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff969d84cdcb00 RCX: 0000000000000027\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff969e75f21600\nRBP: ffff969d4143dc50 R08: 0000000000000000 R09: ffffb6b98216f920\nR10: 0000000000000003 R11: ffff969e7feb3b10 R12: 0000000000000000\nR13: 0000000000000000 R14: 000000000000027b R15: ffff969d49c9fc00\nFS: 00007f1e8f1b4180(0000) GS:ffff969e75f00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000028 CR3: 0000000104006004 CR4: 00000000003706f0\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\n drm_atomic_helper_cleanup_planes+0x9b/0xc0\n commit_tail+0xd1/0x130\n drm_atomic_helper_commit+0x11a/0x140\n drm_atomic_commit+0x97/0xd0\n ? __pfx___drm_printfn_info+0x10/0x10\n drm_atomic_helper_update_plane+0xf5/0x160\n drm_mode_cursor_universal+0x10e/0x270\n drm_mode_cursor_common+0x102/0x230\n ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10\n drm_ioctl_kernel+0xb2/0x110\n drm_ioctl+0x26d/0x4b0\n ? __pfx_drm_mode_cursor2_ioctl+0x10/0x10\n ? __pfx_drm_ioctl+0x10/0x10\n vmw_generic_ioctl+0xa4/0x110 [vmwgfx]\n __x64_sys_ioctl+0x94/0xd0\n do_syscall_64+0x61/0xe0\n ? __x64_sys_ioctl+0xaf/0xd0\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? do_syscall_64+0x70/0xe0\n ? __x64_sys_ioctl+0xaf/0xd0\n ? syscall_exit_to_user_mode+0x2b/0x40\n ? do_syscall_64+0x70/0xe0\n ? exc_page_fault+0x7f/0x180\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\nRIP: 0033:0x7f1e93f279ed\nCode: 04 25 28 00 00 00 48 89 45 c8 31 c0 48 8d 45 10 c7 45 b0 10 00 00 00 48 89 45 b8 48 8d 45 d0 48 89 45 c0 b8 10 00 00 00 0f 05 \u003c89\u003e c2 3d 00 f0 ff f\u003e\nRSP: 002b:00007ffca0faf600 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 000055db876ed2c0 RCX: 00007f1e93f279ed\nRDX: 00007ffca0faf6c0 RSI: 00000000c02464bb RDI: 0000000000000015\nRBP: 00007ffca0faf650 R08: 000055db87184010 R09: 0000000000000007\nR10: 000055db886471a0 R11: 0000000000000246 R12: 00007ffca0faf6c0\nR13: 00000000c02464bb R14: 0000000000000015 R15: 00007ffca0faf790\n \u003c/TASK\u003e\nModules linked in: snd_seq_dummy snd_hrtimer nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_ine\u003e\nCR2: 0000000000000028\n---[ end trace 0000000000000000 ]---\nRIP: 0010:vmw_du_cursor_plane_cleanup_fb+0x124/0x140 [vmwgfx]\nCode: 00 00 00 75 3a 48 83 c4 10 5b 5d c3 cc cc cc cc 48 8b b3 a8 00 00 00 48 c7 c7 99 90 43 c0 e8 93 c5 db ca 48 8b 83 a8 00 00 00 \u003c48\u003e 8b 78 28 e8 e3 f\u003e\nRSP: 0018:ffffb6b98216fa80 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff969d84cdcb00 RCX: 0000000000000027\nRDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff969e75f21600\nRBP: ffff969d4143\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52648",
"url": "https://www.suse.com/security/cve/CVE-2023-52648"
},
{
"category": "external",
"summary": "SUSE Bug 1223765 for CVE-2023-52648",
"url": "https://bugzilla.suse.com/1223765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52648"
},
{
"cve": "CVE-2023-52649",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52649"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vkms: Avoid reading beyond LUT array\n\nWhen the floor LUT index (drm_fixp2int(lut_index) is the last\nindex of the array the ceil LUT index will point to an entry\nbeyond the array. Make sure we guard against it and use the\nvalue of the floor LUT index.\n\nv3:\n - Drop bits from commit description that didn\u0027t contribute\n anything of value",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52649",
"url": "https://www.suse.com/security/cve/CVE-2023-52649"
},
{
"category": "external",
"summary": "SUSE Bug 1223768 for CVE-2023-52649",
"url": "https://bugzilla.suse.com/1223768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52649"
},
{
"cve": "CVE-2023-52650",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52650"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: dsi: Add missing check for of_find_device_by_node\n\nAdd check for the return value of of_find_device_by_node() and return\nthe error if it fails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52650",
"url": "https://www.suse.com/security/cve/CVE-2023-52650"
},
{
"category": "external",
"summary": "SUSE Bug 1223770 for CVE-2023-52650",
"url": "https://bugzilla.suse.com/1223770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52650"
},
{
"cve": "CVE-2023-52652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNTB: fix possible name leak in ntb_register_device()\n\nIf device_register() fails in ntb_register_device(), the device name\nallocated by dev_set_name() should be freed. As per the comment in\ndevice_register(), callers should use put_device() to give up the\nreference in the error path. So fix this by calling put_device() in the\nerror path so that the name can be freed in kobject_cleanup().\n\nAs a result of this, put_device() in the error path of\nntb_register_device() is removed and the actual error is returned.\n\n[mani: reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52652",
"url": "https://www.suse.com/security/cve/CVE-2023-52652"
},
{
"category": "external",
"summary": "SUSE Bug 1223686 for CVE-2023-52652",
"url": "https://bugzilla.suse.com/1223686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52652"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-52654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52654"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: disable sending io_uring over sockets\n\nFile reference cycles have caused lots of problems for io_uring\nin the past, and it still doesn\u0027t work exactly right and races with\nunix_stream_read_generic(). The safest fix would be to completely\ndisallow sending io_uring files via sockets via SCM_RIGHT, so there\nare no possible cycles invloving registered files and thus rendering\nSCM accounting on the io_uring side unnecessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52654",
"url": "https://www.suse.com/security/cve/CVE-2023-52654"
},
{
"category": "external",
"summary": "SUSE Bug 1224099 for CVE-2023-52654",
"url": "https://bugzilla.suse.com/1224099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52654"
},
{
"cve": "CVE-2023-52655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: aqc111: check packet for fixup for true limit\n\nIf a device sends a packet that is inbetween 0\nand sizeof(u64) the value passed to skb_trim()\nas length will wrap around ending up as some very\nlarge value.\n\nThe driver will then proceed to parse the header\nlocated at that position, which will either oops or\nprocess some random value.\n\nThe fix is to check against sizeof(u64) rather than\n0, which the driver currently does. The issue exists\nsince the introduction of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52655",
"url": "https://www.suse.com/security/cve/CVE-2023-52655"
},
{
"category": "external",
"summary": "SUSE Bug 1217169 for CVE-2023-52655",
"url": "https://bugzilla.suse.com/1217169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: drop any code related to SCM_RIGHTS\n\nThis is dead code after we dropped support for passing io_uring fds\nover SCM_RIGHTS, get rid of it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52656",
"url": "https://www.suse.com/security/cve/CVE-2023-52656"
},
{
"category": "external",
"summary": "SUSE Bug 1224187 for CVE-2023-52656",
"url": "https://bugzilla.suse.com/1224187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52656"
},
{
"cve": "CVE-2023-52657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52657"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/pm: resolve reboot exception for si oland\"\n\nThis reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86.\n\nThis causes hangs on SI when DC is enabled and errors on driver\nreboot and power off cycles.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52657",
"url": "https://www.suse.com/security/cve/CVE-2023-52657"
},
{
"category": "external",
"summary": "SUSE Bug 1224722 for CVE-2023-52657",
"url": "https://bugzilla.suse.com/1224722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52657"
},
{
"cve": "CVE-2023-52658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"net/mlx5: Block entering switchdev mode with ns inconsistency\"\n\nThis reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b.\nThe revert is required due to the suspicion it is not good for anything\nand cause crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52658",
"url": "https://www.suse.com/security/cve/CVE-2023-52658"
},
{
"category": "external",
"summary": "SUSE Bug 1224719 for CVE-2023-52658",
"url": "https://bugzilla.suse.com/1224719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52658"
},
{
"cve": "CVE-2023-52659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type\n\nOn 64-bit platforms, the pfn_to_kaddr() macro requires that the input\nvalue is 64 bits in order to ensure that valid address bits don\u0027t get\nlost when shifting that input by PAGE_SHIFT to calculate the physical\naddress to provide a virtual address for.\n\nOne such example is in pvalidate_pages() (used by SEV-SNP guests), where\nthe GFN in the struct used for page-state change requests is a 40-bit\nbit-field, so attempts to pass this GFN field directly into\npfn_to_kaddr() ends up causing guest crashes when dealing with addresses\nabove the 1TB range due to the above.\n\nFix this issue with SEV-SNP guests, as well as any similar cases that\nmight cause issues in current/future code, by using an inline function,\ninstead of a macro, so that the input is implicitly cast to the\nexpected 64-bit input type prior to performing the shift operation.\n\nWhile it might be argued that the issue is on the caller side, other\narchs/macros have taken similar approaches to deal with instances like\nthis, such as ARM explicitly casting the input to phys_addr_t:\n\n e48866647b48 (\"ARM: 8396/1: use phys_addr_t in pfn_to_kaddr()\")\n\nA C inline function is even better though.\n\n[ mingo: Refined the changelog some more \u0026 added __always_inline. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52659",
"url": "https://www.suse.com/security/cve/CVE-2023-52659"
},
{
"category": "external",
"summary": "SUSE Bug 1224442 for CVE-2023-52659",
"url": "https://bugzilla.suse.com/1224442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52659"
},
{
"cve": "CVE-2023-52660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rkisp1: Fix IRQ handling due to shared interrupts\n\nThe driver requests the interrupts as IRQF_SHARED, so the interrupt\nhandlers can be called at any time. If such a call happens while the ISP\nis powered down, the SoC will hang as the driver tries to access the\nISP registers.\n\nThis can be reproduced even without the platform sharing the IRQ line:\nEnable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will\nhang.\n\nFix this by adding a new field, \u0027irqs_enabled\u0027, which is used to bail\nout from the interrupt handler when the ISP is not operational.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52660",
"url": "https://www.suse.com/security/cve/CVE-2023-52660"
},
{
"category": "external",
"summary": "SUSE Bug 1224443 for CVE-2023-52660",
"url": "https://bugzilla.suse.com/1224443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52660"
},
{
"cve": "CVE-2023-52661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe()\n\nIf clk_get_sys(..., \"pll_d2_out0\") fails, the clk_get_sys() call must be\nundone.\n\nAdd the missing clk_put and a new \u0027put_pll_d_out0\u0027 label in the error\nhandling path, and use it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52661",
"url": "https://www.suse.com/security/cve/CVE-2023-52661"
},
{
"category": "external",
"summary": "SUSE Bug 1224445 for CVE-2023-52661",
"url": "https://bugzilla.suse.com/1224445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2023-52661"
},
{
"cve": "CVE-2023-52662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node\n\nWhen ida_alloc_max fails, resources allocated before should be freed,\nincluding *res allocated by kmalloc and ttm_resource_init.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52662",
"url": "https://www.suse.com/security/cve/CVE-2023-52662"
},
{
"category": "external",
"summary": "SUSE Bug 1224449 for CVE-2023-52662",
"url": "https://bugzilla.suse.com/1224449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52662"
},
{
"cve": "CVE-2023-52663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe()\n\nDriver uses kasprintf() to initialize fw_{code,data}_bin members of\nstruct acp_dev_data, but kfree() is never called to deallocate the\nmemory, which results in a memory leak.\n\nFix the issue by switching to devm_kasprintf(). Additionally, ensure the\nallocation was successful by checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52663",
"url": "https://www.suse.com/security/cve/CVE-2023-52663"
},
{
"category": "external",
"summary": "SUSE Bug 1224630 for CVE-2023-52663",
"url": "https://bugzilla.suse.com/1224630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52663"
},
{
"cve": "CVE-2023-52664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: eliminate double free in error handling logic\n\nDriver has a logic leak in ring data allocation/free,\nwhere aq_ring_free could be called multiple times on same ring,\nif system is under stress and got memory allocation error.\n\nRing pointer was used as an indicator of failure, but this is\nnot correct since only ring data is allocated/deallocated.\nRing itself is an array member.\n\nChanging ring allocation functions to return error code directly.\nThis simplifies error handling and eliminates aq_ring_free\non higher layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52664",
"url": "https://www.suse.com/security/cve/CVE-2023-52664"
},
{
"category": "external",
"summary": "SUSE Bug 1224747 for CVE-2023-52664",
"url": "https://bugzilla.suse.com/1224747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52664"
},
{
"cve": "CVE-2023-52667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a potential double-free in fs_any_create_groups\n\nWhen kcalloc() for ft-\u003eg succeeds but kvzalloc() for in fails,\nfs_any_create_groups() will free ft-\u003eg. However, its caller\nfs_any_create_table() will free ft-\u003eg again through calling\nmlx5e_destroy_flow_table(), which will lead to a double-free.\nFix this by setting ft-\u003eg to NULL in fs_any_create_groups().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52667",
"url": "https://www.suse.com/security/cve/CVE-2023-52667"
},
{
"category": "external",
"summary": "SUSE Bug 1224603 for CVE-2023-52667",
"url": "https://bugzilla.suse.com/1224603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52667"
},
{
"cve": "CVE-2023-52669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn\u0027t a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52669",
"url": "https://www.suse.com/security/cve/CVE-2023-52669"
},
{
"category": "external",
"summary": "SUSE Bug 1224637 for CVE-2023-52669",
"url": "https://bugzilla.suse.com/1224637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52669"
},
{
"cve": "CVE-2023-52670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: virtio: Free driver_override when rpmsg_remove()\n\nFree driver_override when rpmsg_remove(), otherwise\nthe following memory leak will occur:\n\nunreferenced object 0xffff0000d55d7080 (size 128):\n comm \"kworker/u8:2\", pid 56, jiffies 4294893188 (age 214.272s)\n hex dump (first 32 bytes):\n 72 70 6d 73 67 5f 6e 73 00 00 00 00 00 00 00 00 rpmsg_ns........\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000009c94c9c1\u003e] __kmem_cache_alloc_node+0x1f8/0x320\n [\u003c000000002300d89b\u003e] __kmalloc_node_track_caller+0x44/0x70\n [\u003c00000000228a60c3\u003e] kstrndup+0x4c/0x90\n [\u003c0000000077158695\u003e] driver_set_override+0xd0/0x164\n [\u003c000000003e9c4ea5\u003e] rpmsg_register_device_override+0x98/0x170\n [\u003c000000001c0c89a8\u003e] rpmsg_ns_register_device+0x24/0x30\n [\u003c000000008bbf8fa2\u003e] rpmsg_probe+0x2e0/0x3ec\n [\u003c00000000e65a68df\u003e] virtio_dev_probe+0x1c0/0x280\n [\u003c00000000443331cc\u003e] really_probe+0xbc/0x2dc\n [\u003c00000000391064b1\u003e] __driver_probe_device+0x78/0xe0\n [\u003c00000000a41c9a5b\u003e] driver_probe_device+0xd8/0x160\n [\u003c000000009c3bd5df\u003e] __device_attach_driver+0xb8/0x140\n [\u003c0000000043cd7614\u003e] bus_for_each_drv+0x7c/0xd4\n [\u003c000000003b929a36\u003e] __device_attach+0x9c/0x19c\n [\u003c00000000a94e0ba8\u003e] device_initial_probe+0x14/0x20\n [\u003c000000003c999637\u003e] bus_probe_device+0xa0/0xac",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52670",
"url": "https://www.suse.com/security/cve/CVE-2023-52670"
},
{
"category": "external",
"summary": "SUSE Bug 1224696 for CVE-2023-52670",
"url": "https://bugzilla.suse.com/1224696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52670"
},
{
"cve": "CVE-2023-52671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix hang/underflow when transitioning to ODM4:1\n\n[Why]\nUnder some circumstances, disabling an OPTC and attempting to reclaim\nits OPP(s) for a different OPTC could cause a hang/underflow due to OPPs\nnot being properly disconnected from the disabled OPTC.\n\n[How]\nEnsure that all OPPs are unassigned from an OPTC when it gets disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52671",
"url": "https://www.suse.com/security/cve/CVE-2023-52671"
},
{
"category": "external",
"summary": "SUSE Bug 1224729 for CVE-2023-52671",
"url": "https://bugzilla.suse.com/1224729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52671"
},
{
"cve": "CVE-2023-52672",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52672"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npipe: wakeup wr_wait after setting max_usage\n\nCommit c73be61cede5 (\"pipe: Add general notification queue support\") a\nregression was introduced that would lock up resized pipes under certain\nconditions. See the reproducer in [1].\n\nThe commit resizing the pipe ring size was moved to a different\nfunction, doing that moved the wakeup for pipe-\u003ewr_wait before actually\nraising pipe-\u003emax_usage. If a pipe was full before the resize occured it\nwould result in the wakeup never actually triggering pipe_write.\n\nSet @max_usage and @nr_accounted before waking writers if this isn\u0027t a\nwatch queue.\n\n[Christian Brauner \u003cbrauner@kernel.org\u003e: rewrite to account for watch queues]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52672",
"url": "https://www.suse.com/security/cve/CVE-2023-52672"
},
{
"category": "external",
"summary": "SUSE Bug 1224614 for CVE-2023-52672",
"url": "https://bugzilla.suse.com/1224614"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52672"
},
{
"cve": "CVE-2023-52673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a debugfs null pointer error\n\n[WHY \u0026 HOW]\nCheck whether get_subvp_en() callback exists before calling it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52673",
"url": "https://www.suse.com/security/cve/CVE-2023-52673"
},
{
"category": "external",
"summary": "SUSE Bug 1224741 for CVE-2023-52673",
"url": "https://bugzilla.suse.com/1224741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52673"
},
{
"cve": "CVE-2023-52674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()\n\nEnsure the value passed to scarlett2_mixer_ctl_put() is between 0 and\nSCARLETT2_MIXER_MAX_VALUE so we don\u0027t attempt to access outside\nscarlett2_mixer_values[].",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52674",
"url": "https://www.suse.com/security/cve/CVE-2023-52674"
},
{
"category": "external",
"summary": "SUSE Bug 1224727 for CVE-2023-52674",
"url": "https://bugzilla.suse.com/1224727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52674"
},
{
"cve": "CVE-2023-52675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/imc-pmu: Add a null pointer check in update_events_in_group()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52675",
"url": "https://www.suse.com/security/cve/CVE-2023-52675"
},
{
"category": "external",
"summary": "SUSE Bug 1224504 for CVE-2023-52675",
"url": "https://bugzilla.suse.com/1224504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52675"
},
{
"cve": "CVE-2023-52676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Guard stack limits against 32bit overflow\n\nThis patch promotes the arithmetic around checking stack bounds to be\ndone in the 64-bit domain, instead of the current 32bit. The arithmetic\nimplies adding together a 64-bit register with a int offset. The\nregister was checked to be below 1\u003c\u003c29 when it was variable, but not\nwhen it was fixed. The offset either comes from an instruction (in which\ncase it is 16 bit), from another register (in which case the caller\nchecked it to be below 1\u003c\u003c29 [1]), or from the size of an argument to a\nkfunc (in which case it can be a u32 [2]). Between the register being\ninconsistently checked to be below 1\u003c\u003c29, and the offset being up to an\nu32, it appears that we were open to overflowing the `int`s which were\ncurrently used for arithmetic.\n\n[1] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L7494-L7498\n[2] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L11904",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52676",
"url": "https://www.suse.com/security/cve/CVE-2023-52676"
},
{
"category": "external",
"summary": "SUSE Bug 1224730 for CVE-2023-52676",
"url": "https://bugzilla.suse.com/1224730"
},
{
"category": "external",
"summary": "SUSE Bug 1226336 for CVE-2023-52676",
"url": "https://bugzilla.suse.com/1226336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52676"
},
{
"cve": "CVE-2023-52678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c\n\nBefore using list_first_entry, make sure to check that list is not\nempty, if list is empty return -ENODATA.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1347 kfd_create_indirect_link_prop() warn: can \u0027gpu_link\u0027 even be NULL?\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1428 kfd_add_peer_prop() warn: can \u0027iolink1\u0027 even be NULL?\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1433 kfd_add_peer_prop() warn: can \u0027iolink2\u0027 even be NULL?",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52678",
"url": "https://www.suse.com/security/cve/CVE-2023-52678"
},
{
"category": "external",
"summary": "SUSE Bug 1224617 for CVE-2023-52678",
"url": "https://bugzilla.suse.com/1224617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52678"
},
{
"cve": "CVE-2023-52679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: Fix double free in of_parse_phandle_with_args_map\n\nIn of_parse_phandle_with_args_map() the inner loop that\niterates through the map entries calls of_node_put(new)\nto free the reference acquired by the previous iteration\nof the inner loop. This assumes that the value of \"new\" is\nNULL on the first iteration of the inner loop.\n\nMake sure that this is true in all iterations of the outer\nloop by setting \"new\" to NULL after its value is assigned to \"cur\".\n\nExtend the unittest to detect the double free and add an additional\ntest case that actually triggers this path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52679",
"url": "https://www.suse.com/security/cve/CVE-2023-52679"
},
{
"category": "external",
"summary": "SUSE Bug 1224508 for CVE-2023-52679",
"url": "https://bugzilla.suse.com/1224508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52679"
},
{
"cve": "CVE-2023-52680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add missing error checks to *_ctl_get()\n\nThe *_ctl_get() functions which call scarlett2_update_*() were not\nchecking the return value. Fix to check the return value and pass to\nthe caller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52680",
"url": "https://www.suse.com/security/cve/CVE-2023-52680"
},
{
"category": "external",
"summary": "SUSE Bug 1224608 for CVE-2023-52680",
"url": "https://bugzilla.suse.com/1224608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52680"
},
{
"cve": "CVE-2023-52681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Free s_fs_info on unmount\n\nNow that we allocate a s_fs_info struct on fs context creation, we\nshould ensure that we free it again when the superblock goes away.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52681",
"url": "https://www.suse.com/security/cve/CVE-2023-52681"
},
{
"category": "external",
"summary": "SUSE Bug 1224505 for CVE-2023-52681",
"url": "https://bugzilla.suse.com/1224505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52681"
},
{
"cve": "CVE-2023-52683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: LPIT: Avoid u32 multiplication overflow\n\nIn lpit_update_residency() there is a possibility of overflow\nin multiplication, if tsc_khz is large enough (\u003e UINT_MAX/1000).\n\nChange multiplication to mul_u32_u32().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52683",
"url": "https://www.suse.com/security/cve/CVE-2023-52683"
},
{
"category": "external",
"summary": "SUSE Bug 1224627 for CVE-2023-52683",
"url": "https://bugzilla.suse.com/1224627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52683"
},
{
"cve": "CVE-2023-52686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_event_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52686",
"url": "https://www.suse.com/security/cve/CVE-2023-52686"
},
{
"category": "external",
"summary": "SUSE Bug 1224682 for CVE-2023-52686",
"url": "https://bugzilla.suse.com/1224682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: safexcel - Add error handling for dma_map_sg() calls\n\nMacro dma_map_sg() may return 0 on error. This patch enables\nchecks in case of the macro failure and ensures unmapping of\npreviously mapped buffers with dma_unmap_sg().\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52687",
"url": "https://www.suse.com/security/cve/CVE-2023-52687"
},
{
"category": "external",
"summary": "SUSE Bug 1224501 for CVE-2023-52687",
"url": "https://bugzilla.suse.com/1224501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52687"
},
{
"cve": "CVE-2023-52690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check to scom_debug_init_one()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\nAdd a null pointer check, and release \u0027ent\u0027 to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52690",
"url": "https://www.suse.com/security/cve/CVE-2023-52690"
},
{
"category": "external",
"summary": "SUSE Bug 1224611 for CVE-2023-52690",
"url": "https://bugzilla.suse.com/1224611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52690"
},
{
"cve": "CVE-2023-52691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev-\u003epm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52691",
"url": "https://www.suse.com/security/cve/CVE-2023-52691"
},
{
"category": "external",
"summary": "SUSE Bug 1224607 for CVE-2023-52691",
"url": "https://bugzilla.suse.com/1224607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52691"
},
{
"cve": "CVE-2023-52692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()\n\nscarlett2_usb_set_config() calls scarlett2_usb_get() but was not\nchecking the result. Return the error if it fails rather than\ncontinuing with an invalid value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52692",
"url": "https://www.suse.com/security/cve/CVE-2023-52692"
},
{
"category": "external",
"summary": "SUSE Bug 1224628 for CVE-2023-52692",
"url": "https://bugzilla.suse.com/1224628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52692"
},
{
"cve": "CVE-2023-52693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: video: check for error while searching for backlight device parent\n\nIf acpi_get_parent() called in acpi_video_dev_register_backlight()\nfails, for example, because acpi_ut_acquire_mutex() fails inside\nacpi_get_parent), this can lead to incorrect (uninitialized)\nacpi_parent handle being passed to acpi_get_pci_dev() for detecting\nthe parent pci device.\n\nCheck acpi_get_parent() result and set parent device only in case of success.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52693",
"url": "https://www.suse.com/security/cve/CVE-2023-52693"
},
{
"category": "external",
"summary": "SUSE Bug 1224686 for CVE-2023-52693",
"url": "https://bugzilla.suse.com/1224686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52693"
},
{
"cve": "CVE-2023-52694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52694"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: tpd12s015: Drop buggy __exit annotation for remove function\n\nWith tpd12s015_remove() marked with __exit this function is discarded\nwhen the driver is compiled as a built-in. The result is that when the\ndriver unbinds there is no cleanup done which results in resource\nleakage or worse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52694",
"url": "https://www.suse.com/security/cve/CVE-2023-52694"
},
{
"category": "external",
"summary": "SUSE Bug 1224598 for CVE-2023-52694",
"url": "https://bugzilla.suse.com/1224598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52694"
},
{
"cve": "CVE-2023-52695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check writeback connectors in create_validate_stream_for_sink\n\n[WHY \u0026 HOW]\nThis is to check connector type to avoid\nunhandled null pointer for writeback connectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52695",
"url": "https://www.suse.com/security/cve/CVE-2023-52695"
},
{
"category": "external",
"summary": "SUSE Bug 1224506 for CVE-2023-52695",
"url": "https://bugzilla.suse.com/1224506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52695"
},
{
"cve": "CVE-2023-52696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_powercap_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52696",
"url": "https://www.suse.com/security/cve/CVE-2023-52696"
},
{
"category": "external",
"summary": "SUSE Bug 1224601 for CVE-2023-52696",
"url": "https://bugzilla.suse.com/1224601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52696"
},
{
"cve": "CVE-2023-52697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx-\u003eheadset_codec_dev = NULL\n\nsof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of\nthem use the same dai name.\nFor example, rt712 and rt713 both use \"rt712-sdca-aif1\" and\nsof_sdw_rt_sdca_jack_exit().\nAs a result, sof_sdw_rt_sdca_jack_exit() will be called twice by\nmc_dailink_exit_loop(). Set ctx-\u003eheadset_codec_dev = NULL; after\nput_device(ctx-\u003eheadset_codec_dev); to avoid ctx-\u003eheadset_codec_dev\nbeing put twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52697",
"url": "https://www.suse.com/security/cve/CVE-2023-52697"
},
{
"category": "external",
"summary": "SUSE Bug 1224596 for CVE-2023-52697",
"url": "https://bugzilla.suse.com/1224596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52697"
},
{
"cve": "CVE-2023-52698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: fix memory leak in netlbl_calipso_add_pass()\n\nIf IPv6 support is disabled at boot (ipv6.disable=1),\nthe calipso_init() -\u003e netlbl_calipso_ops_register() function isn\u0027t called,\nand the netlbl_calipso_ops_get() function always returns NULL.\nIn this case, the netlbl_calipso_add_pass() function allocates memory\nfor the doi_def variable but doesn\u0027t free it with the calipso_doi_free().\n\nBUG: memory leak\nunreferenced object 0xffff888011d68180 (size 64):\n comm \"syz-executor.1\", pid 10746, jiffies 4295410986 (age 17.928s)\n hex dump (first 32 bytes):\n 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c...\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c...\u003e] netlbl_calipso_add_pass net/netlabel/netlabel_calipso.c:76 [inline]\n [\u003c...\u003e] netlbl_calipso_add+0x22e/0x4f0 net/netlabel/netlabel_calipso.c:111\n [\u003c...\u003e] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n [\u003c...\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [\u003c...\u003e] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n [\u003c...\u003e] netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2515\n [\u003c...\u003e] genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n [\u003c...\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [\u003c...\u003e] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1339\n [\u003c...\u003e] netlink_sendmsg+0x90a/0xdf0 net/netlink/af_netlink.c:1934\n [\u003c...\u003e] sock_sendmsg_nosec net/socket.c:651 [inline]\n [\u003c...\u003e] sock_sendmsg+0x157/0x190 net/socket.c:671\n [\u003c...\u003e] ____sys_sendmsg+0x712/0x870 net/socket.c:2342\n [\u003c...\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2396\n [\u003c...\u003e] __sys_sendmsg+0xea/0x1b0 net/socket.c:2429\n [\u003c...\u003e] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [\u003c...\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller\n\n[PM: merged via the LSM tree at Jakub Kicinski request]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52698",
"url": "https://www.suse.com/security/cve/CVE-2023-52698"
},
{
"category": "external",
"summary": "SUSE Bug 1224621 for CVE-2023-52698",
"url": "https://bugzilla.suse.com/1224621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52698"
},
{
"cve": "CVE-2023-52699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsysv: don\u0027t call sb_bread() with pointers_lock held\n\nsyzbot is reporting sleep in atomic context in SysV filesystem [1], for\nsb_bread() is called with rw_spinlock held.\n\nA \"write_lock(\u0026pointers_lock) =\u003e read_lock(\u0026pointers_lock) deadlock\" bug\nand a \"sb_bread() with write_lock(\u0026pointers_lock)\" bug were introduced by\n\"Replace BKL for chain locking with sysvfs-private rwlock\" in Linux 2.5.12.\n\nThen, \"[PATCH] err1-40: sysvfs locking fix\" in Linux 2.6.8 fixed the\nformer bug by moving pointers_lock lock to the callers, but instead\nintroduced a \"sb_bread() with read_lock(\u0026pointers_lock)\" bug (which made\nthis problem easier to hit).\n\nAl Viro suggested that why not to do like get_branch()/get_block()/\nfind_shared() in Minix filesystem does. And doing like that is almost a\nrevert of \"[PATCH] err1-40: sysvfs locking fix\" except that get_branch()\n from with find_shared() is called without write_lock(\u0026pointers_lock).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52699",
"url": "https://www.suse.com/security/cve/CVE-2023-52699"
},
{
"category": "external",
"summary": "SUSE Bug 1224659 for CVE-2023-52699",
"url": "https://bugzilla.suse.com/1224659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52699"
},
{
"cve": "CVE-2023-52735",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52735"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Don\u0027t let sock_map_{close,destroy,unhash} call itself\n\nsock_map proto callbacks should never call themselves by design. Protect\nagainst bugs like [1] and break out of the recursive loop to avoid a stack\noverflow in favor of a resource leak.\n\n[1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52735",
"url": "https://www.suse.com/security/cve/CVE-2023-52735"
},
{
"category": "external",
"summary": "SUSE Bug 1225475 for CVE-2023-52735",
"url": "https://bugzilla.suse.com/1225475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52735"
},
{
"cve": "CVE-2023-52749",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52749"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: Fix null dereference on suspend\n\nA race condition exists where a synchronous (noqueue) transfer can be\nactive during a system suspend. This can cause a null pointer\ndereference exception to occur when the system resumes.\n\nExample order of events leading to the exception:\n1. spi_sync() calls __spi_transfer_message_noqueue() which sets\n ctlr-\u003ecur_msg\n2. Spi transfer begins via spi_transfer_one_message()\n3. System is suspended interrupting the transfer context\n4. System is resumed\n6. spi_controller_resume() calls spi_start_queue() which resets cur_msg\n to NULL\n7. Spi transfer context resumes and spi_finalize_current_message() is\n called which dereferences cur_msg (which is now NULL)\n\nWait for synchronous transfers to complete before suspending by\nacquiring the bus mutex and setting/checking a suspend flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52749",
"url": "https://www.suse.com/security/cve/CVE-2023-52749"
},
{
"category": "external",
"summary": "SUSE Bug 1225476 for CVE-2023-52749",
"url": "https://bugzilla.suse.com/1225476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52749"
},
{
"cve": "CVE-2023-52750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer\n\nPrior to LLVM 15.0.0, LLVM\u0027s integrated assembler would incorrectly\nbyte-swap NOP when compiling for big-endian, and the resulting series of\nbytes happened to match the encoding of FNMADD S21, S30, S0, S0.\n\nThis went unnoticed until commit:\n\n 34f66c4c4d5518c1 (\"arm64: Use a positive cpucap for FP/SIMD\")\n\nPrior to that commit, the kernel would always enable the use of FPSIMD\nearly in boot when __cpu_setup() initialized CPACR_EL1, and so usage of\nFNMADD within the kernel was not detected, but could result in the\ncorruption of user or kernel FPSIMD state.\n\nAfter that commit, the instructions happen to trap during boot prior to\nFPSIMD being detected and enabled, e.g.\n\n| Unhandled 64-bit el1h sync exception on CPU0, ESR 0x000000001fe00000 -- ASIMD\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| pstate: 400000c9 (nZcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n| pc : __pi_strcmp+0x1c/0x150\n| lr : populate_properties+0xe4/0x254\n| sp : ffffd014173d3ad0\n| x29: ffffd014173d3af0 x28: fffffbfffddffcb8 x27: 0000000000000000\n| x26: 0000000000000058 x25: fffffbfffddfe054 x24: 0000000000000008\n| x23: fffffbfffddfe000 x22: fffffbfffddfe000 x21: fffffbfffddfe044\n| x20: ffffd014173d3b70 x19: 0000000000000001 x18: 0000000000000005\n| x17: 0000000000000010 x16: 0000000000000000 x15: 00000000413e7000\n| x14: 0000000000000000 x13: 0000000000001bcc x12: 0000000000000000\n| x11: 00000000d00dfeed x10: ffffd414193f2cd0 x9 : 0000000000000000\n| x8 : 0101010101010101 x7 : ffffffffffffffc0 x6 : 0000000000000000\n| x5 : 0000000000000000 x4 : 0101010101010101 x3 : 000000000000002a\n| x2 : 0000000000000001 x1 : ffffd014171f2988 x0 : fffffbfffddffcb8\n| Kernel panic - not syncing: Unhandled exception\n| CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.0-rc3-00013-g34f66c4c4d55 #1\n| Hardware name: linux,dummy-virt (DT)\n| Call trace:\n| dump_backtrace+0xec/0x108\n| show_stack+0x18/0x2c\n| dump_stack_lvl+0x50/0x68\n| dump_stack+0x18/0x24\n| panic+0x13c/0x340\n| el1t_64_irq_handler+0x0/0x1c\n| el1_abort+0x0/0x5c\n| el1h_64_sync+0x64/0x68\n| __pi_strcmp+0x1c/0x150\n| unflatten_dt_nodes+0x1e8/0x2d8\n| __unflatten_device_tree+0x5c/0x15c\n| unflatten_device_tree+0x38/0x50\n| setup_arch+0x164/0x1e0\n| start_kernel+0x64/0x38c\n| __primary_switched+0xbc/0xc4\n\nRestrict CONFIG_CPU_BIG_ENDIAN to a known good assembler, which is\neither GNU as or LLVM\u0027s IAS 15.0.0 and newer, which contains the linked\ncommit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52750",
"url": "https://www.suse.com/security/cve/CVE-2023-52750"
},
{
"category": "external",
"summary": "SUSE Bug 1225485 for CVE-2023-52750",
"url": "https://bugzilla.suse.com/1225485"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52750"
},
{
"cve": "CVE-2023-52751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52751"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix use-after-free in smb2_query_info_compound()\n\nThe following UAF was triggered when running fstests generic/072 with\nKASAN enabled against Windows Server 2022 and mount options\n\u0027multichannel,max_channels=2,vers=3.1.1,mfsymlinks,noperm\u0027\n\n BUG: KASAN: slab-use-after-free in smb2_query_info_compound+0x423/0x6d0 [cifs]\n Read of size 8 at addr ffff888014941048 by task xfs_io/27534\n\n CPU: 0 PID: 27534 Comm: xfs_io Not tainted 6.6.0-rc7 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n Call Trace:\n dump_stack_lvl+0x4a/0x80\n print_report+0xcf/0x650\n ? srso_alias_return_thunk+0x5/0x7f\n ? srso_alias_return_thunk+0x5/0x7f\n ? __phys_addr+0x46/0x90\n kasan_report+0xda/0x110\n ? smb2_query_info_compound+0x423/0x6d0 [cifs]\n ? smb2_query_info_compound+0x423/0x6d0 [cifs]\n smb2_query_info_compound+0x423/0x6d0 [cifs]\n ? __pfx_smb2_query_info_compound+0x10/0x10 [cifs]\n ? srso_alias_return_thunk+0x5/0x7f\n ? __stack_depot_save+0x39/0x480\n ? kasan_save_stack+0x33/0x60\n ? kasan_set_track+0x25/0x30\n ? ____kasan_slab_free+0x126/0x170\n smb2_queryfs+0xc2/0x2c0 [cifs]\n ? __pfx_smb2_queryfs+0x10/0x10 [cifs]\n ? __pfx___lock_acquire+0x10/0x10\n smb311_queryfs+0x210/0x220 [cifs]\n ? __pfx_smb311_queryfs+0x10/0x10 [cifs]\n ? srso_alias_return_thunk+0x5/0x7f\n ? __lock_acquire+0x480/0x26c0\n ? lock_release+0x1ed/0x640\n ? srso_alias_return_thunk+0x5/0x7f\n ? do_raw_spin_unlock+0x9b/0x100\n cifs_statfs+0x18c/0x4b0 [cifs]\n statfs_by_dentry+0x9b/0xf0\n fd_statfs+0x4e/0xb0\n __do_sys_fstatfs+0x7f/0xe0\n ? __pfx___do_sys_fstatfs+0x10/0x10\n ? srso_alias_return_thunk+0x5/0x7f\n ? lockdep_hardirqs_on_prepare+0x136/0x200\n ? srso_alias_return_thunk+0x5/0x7f\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n Allocated by task 27534:\n kasan_save_stack+0x33/0x60\n kasan_set_track+0x25/0x30\n __kasan_kmalloc+0x8f/0xa0\n open_cached_dir+0x71b/0x1240 [cifs]\n smb2_query_info_compound+0x5c3/0x6d0 [cifs]\n smb2_queryfs+0xc2/0x2c0 [cifs]\n smb311_queryfs+0x210/0x220 [cifs]\n cifs_statfs+0x18c/0x4b0 [cifs]\n statfs_by_dentry+0x9b/0xf0\n fd_statfs+0x4e/0xb0\n __do_sys_fstatfs+0x7f/0xe0\n do_syscall_64+0x3f/0x90\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\n Freed by task 27534:\n kasan_save_stack+0x33/0x60\n kasan_set_track+0x25/0x30\n kasan_save_free_info+0x2b/0x50\n ____kasan_slab_free+0x126/0x170\n slab_free_freelist_hook+0xd0/0x1e0\n __kmem_cache_free+0x9d/0x1b0\n open_cached_dir+0xff5/0x1240 [cifs]\n smb2_query_info_compound+0x5c3/0x6d0 [cifs]\n smb2_queryfs+0xc2/0x2c0 [cifs]\n\nThis is a race between open_cached_dir() and cached_dir_lease_break()\nwhere the cache entry for the open directory handle receives a lease\nbreak while creating it. And before returning from open_cached_dir(),\nwe put the last reference of the new @cfid because of\n!@cfid-\u003ehas_lease.\n\nBesides the UAF, while running xfstests a lot of missed lease breaks\nhave been noticed in tests that run several concurrent statfs(2) calls\non those cached fids\n\n CIFS: VFS: \\\\w22-root1.gandalf.test No task to wake, unknown frame...\n CIFS: VFS: \\\\w22-root1.gandalf.test Cmd: 18 Err: 0x0 Flags: 0x1...\n CIFS: VFS: \\\\w22-root1.gandalf.test smb buf 00000000715bfe83 len 108\n CIFS: VFS: Dump pending requests:\n CIFS: VFS: \\\\w22-root1.gandalf.test No task to wake, unknown frame...\n CIFS: VFS: \\\\w22-root1.gandalf.test Cmd: 18 Err: 0x0 Flags: 0x1...\n CIFS: VFS: \\\\w22-root1.gandalf.test smb buf 000000005aa7316e len 108\n ...\n\nTo fix both, in open_cached_dir() ensure that @cfid-\u003ehas_lease is set\nright before sending out compounded request so that any potential\nlease break will be get processed by demultiplex thread while we\u0027re\nstill caching @cfid. And, if open failed for some reason, re-check\n@cfid-\u003ehas_lease to decide whether or not put lease reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52751",
"url": "https://www.suse.com/security/cve/CVE-2023-52751"
},
{
"category": "external",
"summary": "SUSE Bug 1225489 for CVE-2023-52751",
"url": "https://bugzilla.suse.com/1225489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52751"
},
{
"cve": "CVE-2023-52753",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52753"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Avoid NULL dereference of timing generator\n\n[Why \u0026 How]\nCheck whether assigned timing generator is NULL or not before\naccessing its funcs to prevent NULL dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52753",
"url": "https://www.suse.com/security/cve/CVE-2023-52753"
},
{
"category": "external",
"summary": "SUSE Bug 1225478 for CVE-2023-52753",
"url": "https://bugzilla.suse.com/1225478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52753"
},
{
"cve": "CVE-2023-52754",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52754"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imon: fix access to invalid resource for the second interface\n\nimon driver probes two USB interfaces, and at the probe of the second\ninterface, the driver assumes blindly that the first interface got\nbound with the same imon driver. It\u0027s usually true, but it\u0027s still\npossible that the first interface is bound with another driver via a\nmalformed descriptor. Then it may lead to a memory corruption, as\nspotted by syzkaller; imon driver accesses the data from drvdata as\nstruct imon_context object although it\u0027s a completely different one\nthat was assigned by another driver.\n\nThis patch adds a sanity check -- whether the first interface is\nreally bound with the imon driver or not -- for avoiding the problem\nabove at the probe time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52754",
"url": "https://www.suse.com/security/cve/CVE-2023-52754"
},
{
"category": "external",
"summary": "SUSE Bug 1225490 for CVE-2023-52754",
"url": "https://bugzilla.suse.com/1225490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52754"
},
{
"cve": "CVE-2023-52757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential deadlock when releasing mids\n\nAll release_mid() callers seem to hold a reference of @mid so there is\nno need to call kref_put(\u0026mid-\u003erefcount, __release_mid) under\n@server-\u003emid_lock spinlock. If they don\u0027t, then an use-after-free bug\nwould have occurred anyways.\n\nBy getting rid of such spinlock also fixes a potential deadlock as\nshown below\n\nCPU 0 CPU 1\n------------------------------------------------------------------\ncifs_demultiplex_thread() cifs_debug_data_proc_show()\n release_mid()\n spin_lock(\u0026server-\u003emid_lock);\n spin_lock(\u0026cifs_tcp_ses_lock)\n\t\t\t\t spin_lock(\u0026server-\u003emid_lock)\n __release_mid()\n smb2_find_smb_tcon()\n spin_lock(\u0026cifs_tcp_ses_lock) *deadlock*",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52757",
"url": "https://www.suse.com/security/cve/CVE-2023-52757"
},
{
"category": "external",
"summary": "SUSE Bug 1225548 for CVE-2023-52757",
"url": "https://bugzilla.suse.com/1225548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52757"
},
{
"cve": "CVE-2023-52759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52759"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52759",
"url": "https://www.suse.com/security/cve/CVE-2023-52759"
},
{
"category": "external",
"summary": "SUSE Bug 1225560 for CVE-2023-52759",
"url": "https://bugzilla.suse.com/1225560"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52759"
},
{
"cve": "CVE-2023-52762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52762"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio-blk: fix implicit overflow on virtio_max_dma_size\n\nThe following codes have an implicit conversion from size_t to u32:\n(u32)max_size = (size_t)virtio_max_dma_size(vdev);\n\nThis may lead overflow, Ex (size_t)4G -\u003e (u32)0. Once\nvirtio_max_dma_size() has a larger size than U32_MAX, use U32_MAX\ninstead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52762",
"url": "https://www.suse.com/security/cve/CVE-2023-52762"
},
{
"category": "external",
"summary": "SUSE Bug 1225573 for CVE-2023-52762",
"url": "https://bugzilla.suse.com/1225573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52762"
},
{
"cve": "CVE-2023-52763",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52763"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data.\n\nThe `i3c_master_bus_init` function may attach the I2C devices before the\nI3C bus initialization. In this flow, the DAT `alloc_entry`` will be used\nbefore the DAT `init`. Additionally, if the `i3c_master_bus_init` fails,\nthe DAT `cleanup` will execute before the device is detached, which will\nexecue DAT `free_entry` function. The above scenario can cause the driver\nto use DAT_data when it is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52763",
"url": "https://www.suse.com/security/cve/CVE-2023-52763"
},
{
"category": "external",
"summary": "SUSE Bug 1225570 for CVE-2023-52763",
"url": "https://bugzilla.suse.com/1225570"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52763"
},
{
"cve": "CVE-2023-52764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: gspca: cpia1: shift-out-of-bounds in set_flicker\n\nSyzkaller reported the following issue:\nUBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27\nshift exponent 245 is too large for 32-bit type \u0027int\u0027\n\nWhen the value of the variable \"sd-\u003eparams.exposure.gain\" exceeds the\nnumber of bits in an integer, a shift-out-of-bounds error is reported. It\nis triggered because the variable \"currentexp\" cannot be left-shifted by\nmore than the number of bits in an integer. In order to avoid invalid\nrange during left-shift, the conditional expression is added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52764",
"url": "https://www.suse.com/security/cve/CVE-2023-52764"
},
{
"category": "external",
"summary": "SUSE Bug 1225571 for CVE-2023-52764",
"url": "https://bugzilla.suse.com/1225571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52764"
},
{
"cve": "CVE-2023-52765",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52765"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmfd: qcom-spmi-pmic: Fix revid implementation\n\nThe Qualcomm SPMI PMIC revid implementation is broken in multiple ways.\n\nFirst, it assumes that just because the sibling base device has been\nregistered that means that it is also bound to a driver, which may not\nbe the case (e.g. due to probe deferral or asynchronous probe). This\ncould trigger a NULL-pointer dereference when attempting to access the\ndriver data of the unbound device.\n\nSecond, it accesses driver data of a sibling device directly and without\nany locking, which means that the driver data may be freed while it is\nbeing accessed (e.g. on driver unbind).\n\nThird, it leaks a struct device reference to the sibling device which is\nlooked up using the spmi_device_from_of() every time a function (child)\ndevice is calling the revid function (e.g. on probe).\n\nFix this mess by reimplementing the revid lookup so that it is done only\nat probe of the PMIC device; the base device fetches the revid info from\nthe hardware, while any secondary SPMI device fetches the information\nfrom the base device and caches it so that it can be accessed safely\nfrom its children. If the base device has not been probed yet then probe\nof a secondary device is deferred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52765",
"url": "https://www.suse.com/security/cve/CVE-2023-52765"
},
{
"category": "external",
"summary": "SUSE Bug 1225029 for CVE-2023-52765",
"url": "https://bugzilla.suse.com/1225029"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52765"
},
{
"cve": "CVE-2023-52766",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52766"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler\n\nDo not loop over ring headers in hci_dma_irq_handler() that are not\nallocated and enabled in hci_dma_init(). Otherwise out of bounds access\nwill occur from rings-\u003eheaders[i] access when i \u003e= number of allocated\nring headers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52766",
"url": "https://www.suse.com/security/cve/CVE-2023-52766"
},
{
"category": "external",
"summary": "SUSE Bug 1230620 for CVE-2023-52766",
"url": "https://bugzilla.suse.com/1230620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52766"
},
{
"cve": "CVE-2023-52767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: fix NULL deref on tls_sw_splice_eof() with empty record\n\nsyzkaller discovered that if tls_sw_splice_eof() is executed as part of\nsendfile() when the plaintext/ciphertext sk_msg are empty, the send path\ngets confused because the empty ciphertext buffer does not have enough\nspace for the encryption overhead. This causes tls_push_record() to go on\nthe `split = true` path (which is only supposed to be used when interacting\nwith an attached BPF program), and then get further confused and hit the\ntls_merge_open_record() path, which then assumes that there must be at\nleast one populated buffer element, leading to a NULL deref.\n\nIt is possible to have empty plaintext/ciphertext buffers if we previously\nbailed from tls_sw_sendmsg_locked() via the tls_trim_both_msgs() path.\ntls_sw_push_pending_record() already handles this case correctly; let\u0027s do\nthe same check in tls_sw_splice_eof().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52767",
"url": "https://www.suse.com/security/cve/CVE-2023-52767"
},
{
"category": "external",
"summary": "SUSE Bug 1224998 for CVE-2023-52767",
"url": "https://bugzilla.suse.com/1224998"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52767"
},
{
"cve": "CVE-2023-52768",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52768"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: use vmm_table as array in wilc struct\n\nEnabling KASAN and running some iperf tests raises some memory issues with\nvmm_table:\n\nBUG: KASAN: slab-out-of-bounds in wilc_wlan_handle_txq+0x6ac/0xdb4\nWrite of size 4 at addr c3a61540 by task wlan0-tx/95\n\nKASAN detects that we are writing data beyond range allocated to vmm_table.\nThere is indeed a mismatch between the size passed to allocator in\nwilc_wlan_init, and the range of possible indexes used later: allocation\nsize is missing a multiplication by sizeof(u32)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52768",
"url": "https://www.suse.com/security/cve/CVE-2023-52768"
},
{
"category": "external",
"summary": "SUSE Bug 1225004 for CVE-2023-52768",
"url": "https://bugzilla.suse.com/1225004"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52768"
},
{
"cve": "CVE-2023-52769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix htt mlo-offset event locking\n\nThe ath12k active pdevs are protected by RCU but the htt mlo-offset\nevent handling code calling ath12k_mac_get_ar_by_pdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52769",
"url": "https://www.suse.com/security/cve/CVE-2023-52769"
},
{
"category": "external",
"summary": "SUSE Bug 1225001 for CVE-2023-52769",
"url": "https://bugzilla.suse.com/1225001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52769"
},
{
"cve": "CVE-2023-52771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/port: Fix delete_endpoint() vs parent unregistration race\n\nThe CXL subsystem, at cxl_mem -\u003eprobe() time, establishes a lineage of\nports (struct cxl_port objects) between an endpoint and the root of a\nCXL topology. Each port including the endpoint port is attached to the\ncxl_port driver.\n\nGiven that setup, it follows that when either any port in that lineage\ngoes through a cxl_port -\u003eremove() event, or the memdev goes through a\ncxl_mem -\u003eremove() event. The hierarchy below the removed port, or the\nentire hierarchy if the memdev is removed needs to come down.\n\nThe delete_endpoint() callback is careful to check whether it is being\ncalled to tear down the hierarchy, or if it is only being called to\nteardown the memdev because an ancestor port is going through\n-\u003eremove().\n\nThat care needs to take the device_lock() of the endpoint\u0027s parent.\nWhich requires 2 bugs to be fixed:\n\n1/ A reference on the parent is needed to prevent use-after-free\n scenarios like this signature:\n\n BUG: spinlock bad magic on CPU#0, kworker/u56:0/11\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20230524-3.fc38 05/24/2023\n Workqueue: cxl_port detach_memdev [cxl_core]\n RIP: 0010:spin_bug+0x65/0xa0\n Call Trace:\n do_raw_spin_lock+0x69/0xa0\n __mutex_lock+0x695/0xb80\n delete_endpoint+0xad/0x150 [cxl_core]\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1d2/0x210\n detach_memdev+0x15/0x20 [cxl_core]\n process_one_work+0x1e3/0x4c0\n worker_thread+0x1dd/0x3d0\n\n2/ In the case of RCH topologies, the parent device that needs to be\n locked is not always @port-\u003edev as returned by cxl_mem_find_port(), use\n endpoint-\u003edev.parent instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52771",
"url": "https://www.suse.com/security/cve/CVE-2023-52771"
},
{
"category": "external",
"summary": "SUSE Bug 1225007 for CVE-2023-52771",
"url": "https://bugzilla.suse.com/1225007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52771"
},
{
"cve": "CVE-2023-52772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: fix use-after-free in unix_stream_read_actor()\n\nsyzbot reported the following crash [1]\n\nAfter releasing unix socket lock, u-\u003eoob_skb can be changed\nby another thread. We must temporarily increase skb refcount\nto make sure this other thread will not free the skb under us.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nRead of size 4 at addr ffff88801f3b9cc4 by task syz-executor107/5297\n\nCPU: 1 PID: 5297 Comm: syz-executor107 Not tainted 6.6.0-syzkaller-15910-gb8e3a87a627b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:364 [inline]\nprint_report+0xc4/0x620 mm/kasan/report.c:475\nkasan_report+0xda/0x110 mm/kasan/report.c:588\nunix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nunix_stream_recv_urg net/unix/af_unix.c:2587 [inline]\nunix_stream_read_generic+0x19a5/0x2480 net/unix/af_unix.c:2666\nunix_stream_recvmsg+0x189/0x1b0 net/unix/af_unix.c:2903\nsock_recvmsg_nosec net/socket.c:1044 [inline]\nsock_recvmsg+0xe2/0x170 net/socket.c:1066\n____sys_recvmsg+0x21f/0x5c0 net/socket.c:2803\n___sys_recvmsg+0x115/0x1a0 net/socket.c:2845\n__sys_recvmsg+0x114/0x1e0 net/socket.c:2875\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7fc67492c559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fc6748ab228 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007fc67492c559\nRDX: 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004\nRBP: 00007fc6749b6348 R08: 00007fc6748ab6c0 R09: 00007fc6748ab6c0\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6749b6340\nR13: 00007fc6749b634c R14: 00007ffe9fac52a0 R15: 00007ffe9fac5388\n\u003c/TASK\u003e\n\nAllocated by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n__kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:328\nkasan_slab_alloc include/linux/kasan.h:188 [inline]\nslab_post_alloc_hook mm/slab.h:763 [inline]\nslab_alloc_node mm/slub.c:3478 [inline]\nkmem_cache_alloc_node+0x180/0x3c0 mm/slub.c:3523\n__alloc_skb+0x287/0x330 net/core/skbuff.c:641\nalloc_skb include/linux/skbuff.h:1286 [inline]\nalloc_skb_with_frags+0xe4/0x710 net/core/skbuff.c:6331\nsock_alloc_send_pskb+0x7e4/0x970 net/core/sock.c:2780\nsock_alloc_send_skb include/net/sock.h:1884 [inline]\nqueue_oob net/unix/af_unix.c:2147 [inline]\nunix_stream_sendmsg+0xb5f/0x10a0 net/unix/af_unix.c:2301\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n____sys_sendmsg+0x6ac/0x940 net/socket.c:2584\n___sys_sendmsg+0x135/0x1d0 net/socket.c:2638\n__sys_sendmsg+0x117/0x1e0 net/socket.c:2667\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\nkasan_save_free_info+0x2b/0x40 mm/kasan/generic.c:522\n____kasan_slab_free mm/kasan/common.c:236 [inline]\n____kasan_slab_free+0x15b/0x1b0 mm/kasan/common.c:200\nkasan_slab_free include/linux/kasan.h:164 [inline]\nslab_free_hook mm/slub.c:1800 [inline]\nslab_free_freelist_hook+0x114/0x1e0 mm/slub.c:1826\nslab_free mm/slub.c:3809 [inline]\nkmem_cache_free+0xf8/0x340 mm/slub.c:3831\nkfree_skbmem+0xef/0x1b0 net/core/skbuff.c:1015\n__kfree_skb net/core/skbuff.c:1073 [inline]\nconsume_skb net/core/skbuff.c:1288 [inline]\nconsume_skb+0xdf/0x170 net/core/skbuff.c:1282\nqueue_oob net/unix/af_unix.c:2178 [inline]\nu\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52772",
"url": "https://www.suse.com/security/cve/CVE-2023-52772"
},
{
"category": "external",
"summary": "SUSE Bug 1224989 for CVE-2023-52772",
"url": "https://bugzilla.suse.com/1224989"
},
{
"category": "external",
"summary": "SUSE Bug 1224991 for CVE-2023-52772",
"url": "https://bugzilla.suse.com/1224991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52772"
},
{
"cve": "CVE-2023-52773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()\n\nWhen ddc_service_construct() is called, it explicitly checks both the\nlink type and whether there is something on the link which will\ndictate whether the pin is marked as hw_supported.\n\nIf the pin isn\u0027t set or the link is not set (such as from\nunloading/reloading amdgpu in an IGT test) then fail the\namdgpu_dm_i2c_xfer() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52773",
"url": "https://www.suse.com/security/cve/CVE-2023-52773"
},
{
"category": "external",
"summary": "SUSE Bug 1225041 for CVE-2023-52773",
"url": "https://bugzilla.suse.com/1225041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52773"
},
{
"cve": "CVE-2023-52774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52774"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: protect device queue against concurrent access\n\nIn dasd_profile_start() the amount of requests on the device queue are\ncounted. The access to the device queue is unprotected against\nconcurrent access. With a lot of parallel I/O, especially with alias\ndevices enabled, the device queue can change while dasd_profile_start()\nis accessing the queue. In the worst case this leads to a kernel panic\ndue to incorrect pointer accesses.\n\nFix this by taking the device lock before accessing the queue and\ncounting the requests. Additionally the check for a valid profile data\npointer can be done earlier to avoid unnecessary locking in a hot path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52774",
"url": "https://www.suse.com/security/cve/CVE-2023-52774"
},
{
"category": "external",
"summary": "SUSE Bug 1225572 for CVE-2023-52774",
"url": "https://bugzilla.suse.com/1225572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52774"
},
{
"cve": "CVE-2023-52775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: avoid data corruption caused by decline\n\nWe found a data corruption issue during testing of SMC-R on Redis\napplications.\n\nThe benchmark has a low probability of reporting a strange error as\nshown below.\n\n\"Error: Protocol error, got \"\\xe2\" as reply type byte\"\n\nFinally, we found that the retrieved error data was as follows:\n\n0xE2 0xD4 0xC3 0xD9 0x04 0x00 0x2C 0x20 0xA6 0x56 0x00 0x16 0x3E 0x0C\n0xCB 0x04 0x02 0x01 0x00 0x00 0x20 0x00 0x00 0x00 0x00 0x00 0x00 0x00\n0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0xE2\n\nIt is quite obvious that this is a SMC DECLINE message, which means that\nthe applications received SMC protocol message.\nWe found that this was caused by the following situations:\n\nclient server\n | clc proposal\n -------------\u003e\n | clc accept\n \u003c-------------\n | clc confirm\n -------------\u003e\nwait llc confirm\n\t\t\tsend llc confirm\n |failed llc confirm\n | x------\n(after 2s)timeout\n wait llc confirm rsp\n\nwait decline\n\n(after 1s) timeout\n (after 2s) timeout\n | decline\n --------------\u003e\n | decline\n \u003c--------------\n\nAs a result, a decline message was sent in the implementation, and this\nmessage was read from TCP by the already-fallback connection.\n\nThis patch double the client timeout as 2x of the server value,\nWith this simple change, the Decline messages should never cross or\ncollide (during Confirm link timeout).\n\nThis issue requires an immediate solution, since the protocol updates\ninvolve a more long-term solution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52775",
"url": "https://www.suse.com/security/cve/CVE-2023-52775"
},
{
"category": "external",
"summary": "SUSE Bug 1225088 for CVE-2023-52775",
"url": "https://bugzilla.suse.com/1225088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52775"
},
{
"cve": "CVE-2023-52776",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52776"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix dfs-radar and temperature event locking\n\nThe ath12k active pdevs are protected by RCU but the DFS-radar and\ntemperature event handling code calling ath12k_mac_get_ar_by_pdev_id()\nwas not marked as a read-side critical section.\n\nMark the code in question as RCU read-side critical sections to avoid\nany potential use-after-free issues.\n\nNote that the temperature event handler looks like a place holder\ncurrently but would still trigger an RCU lockdep splat.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52776",
"url": "https://www.suse.com/security/cve/CVE-2023-52776"
},
{
"category": "external",
"summary": "SUSE Bug 1225090 for CVE-2023-52776",
"url": "https://bugzilla.suse.com/1225090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52776"
},
{
"cve": "CVE-2023-52777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix gtk offload status event locking\n\nThe ath11k active pdevs are protected by RCU but the gtk offload status\nevent handling code calling ath11k_mac_get_arvif_by_vdev_id() was not\nmarked as a read-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52777",
"url": "https://www.suse.com/security/cve/CVE-2023-52777"
},
{
"category": "external",
"summary": "SUSE Bug 1224992 for CVE-2023-52777",
"url": "https://bugzilla.suse.com/1224992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52777"
},
{
"cve": "CVE-2023-52780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvneta: fix calls to page_pool_get_stats\n\nCalling page_pool_get_stats in the mvneta driver without checks\nleads to kernel crashes.\nFirst the page pool is only available if the bm is not used.\nThe page pool is also not allocated when the port is stopped.\nIt can also be not allocated in case of errors.\n\nThe current implementation leads to the following crash calling\nethstats on a port that is down or when calling it at the wrong moment:\n\nble to handle kernel NULL pointer dereference at virtual address 00000070\n[00000070] *pgd=00000000\nInternal error: Oops: 5 [#1] SMP ARM\nHardware name: Marvell Armada 380/385 (Device Tree)\nPC is at page_pool_get_stats+0x18/0x1cc\nLR is at mvneta_ethtool_get_stats+0xa0/0xe0 [mvneta]\npc : [\u003cc0b413cc\u003e] lr : [\u003cbf0a98d8\u003e] psr: a0000013\nsp : f1439d48 ip : f1439dc0 fp : 0000001d\nr10: 00000100 r9 : c4816b80 r8 : f0d75150\nr7 : bf0b400c r6 : c238f000 r5 : 00000000 r4 : f1439d68\nr3 : c2091040 r2 : ffffffd8 r1 : f1439d68 r0 : 00000000\nFlags: NzCv IRQs on FIQs on Mode SVC_32 ISA ARM Segment none\nControl: 10c5387d Table: 066b004a DAC: 00000051\nRegister r0 information: NULL pointer\nRegister r1 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nRegister r2 information: non-paged memory\nRegister r3 information: slab kmalloc-2k start c2091000 pointer offset 64 size 2048\nRegister r4 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nRegister r5 information: NULL pointer\nRegister r6 information: slab kmalloc-cg-4k start c238f000 pointer offset 0 size 4096\nRegister r7 information: 15-page vmalloc region starting at 0xbf0a8000 allocated at load_module+0xa30/0x219c\nRegister r8 information: 1-page vmalloc region starting at 0xf0d75000 allocated at ethtool_get_stats+0x138/0x208\nRegister r9 information: slab task_struct start c4816b80 pointer offset 0\nRegister r10 information: non-paged memory\nRegister r11 information: non-paged memory\nRegister r12 information: 2-page vmalloc region starting at 0xf1438000 allocated at kernel_clone+0x9c/0x390\nProcess snmpd (pid: 733, stack limit = 0x38de3a88)\nStack: (0xf1439d48 to 0xf143a000)\n9d40: 000000c0 00000001 c238f000 bf0b400c f0d75150 c4816b80\n9d60: 00000100 bf0a98d8 00000000 00000000 00000000 00000000 00000000 00000000\n9d80: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9da0: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9dc0: 00000dc0 5335509c 00000035 c238f000 bf0b2214 01067f50 f0d75000 c0b9b9c8\n9de0: 0000001d 00000035 c2212094 5335509c c4816b80 c238f000 c5ad6e00 01067f50\n9e00: c1b0be80 c4816b80 00014813 c0b9d7f0 00000000 00000000 0000001d 0000001d\n9e20: 00000000 00001200 00000000 00000000 c216ed90 c73943b8 00000000 00000000\n9e40: 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000\n9e60: 00000000 c0ad9034 00000000 00000000 00000000 00000000 00000000 00000000\n9e80: 00000000 00000000 00000000 5335509c c1b0be80 f1439ee4 00008946 c1b0be80\n9ea0: 01067f50 f1439ee3 00000000 00000046 b6d77ae0 c0b383f0 00008946 becc83e8\n9ec0: c1b0be80 00000051 0000000b c68ca480 c7172d00 c0ad8ff0 f1439ee3 cf600e40\n9ee0: 01600e40 32687465 00000000 00000000 00000000 01067f50 00000000 00000000\n9f00: 00000000 5335509c 00008946 00008946 00000000 c68ca480 becc83e8 c05e2de0\n9f20: f1439fb0 c03002f0 00000006 5ac3c35a c4816b80 00000006 b6d77ae0 c030caf0\n9f40: c4817350 00000014 f1439e1c 0000000c 00000000 00000051 01000000 00000014\n9f60: 00003fec f1439edc 00000001 c0372abc b6d77ae0 c0372abc cf600e40 5335509c\n9f80: c21e6800 01015c9c 0000000b 00008946 00000036 c03002f0 c4816b80 00000036\n9fa0: b6d77ae0 c03000c0 01015c9c 0000000b 0000000b 00008946 becc83e8 00000000\n9fc0: 01015c9c 0000000b 00008946 00000036 00000035 010678a0 b6d797ec b6d77ae0\n9fe0: b6dbf738 becc838c b6d186d7 b6baa858 40000030 0000000b 00000000 00000000\n page_pool_get_s\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52780",
"url": "https://www.suse.com/security/cve/CVE-2023-52780"
},
{
"category": "external",
"summary": "SUSE Bug 1224933 for CVE-2023-52780",
"url": "https://bugzilla.suse.com/1224933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52780"
},
{
"cve": "CVE-2023-52781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52781"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: config: fix iteration issue in \u0027usb_get_bos_descriptor()\u0027\n\nThe BOS descriptor defines a root descriptor and is the base descriptor for\naccessing a family of related descriptors.\n\nFunction \u0027usb_get_bos_descriptor()\u0027 encounters an iteration issue when\nskipping the \u0027USB_DT_DEVICE_CAPABILITY\u0027 descriptor type. This results in\nthe same descriptor being read repeatedly.\n\nTo address this issue, a \u0027goto\u0027 statement is introduced to ensure that the\npointer and the amount read is updated correctly. This ensures that the\nfunction iterates to the next descriptor instead of reading the same\ndescriptor repeatedly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52781",
"url": "https://www.suse.com/security/cve/CVE-2023-52781"
},
{
"category": "external",
"summary": "SUSE Bug 1225092 for CVE-2023-52781",
"url": "https://bugzilla.suse.com/1225092"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52781"
},
{
"cve": "CVE-2023-52782",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52782"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Track xmit submission to PTP WQ after populating metadata map\n\nEnsure the skb is available in metadata mapping to skbs before tracking the\nmetadata index for detecting undelivered CQEs. If the metadata index is put\nin the tracking list before putting the skb in the map, the metadata index\nmight be used for detecting undelivered CQEs before the relevant skb is\navailable in the map, which can lead to a null-ptr-deref.\n\nLog:\n general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN\n KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]\n CPU: 0 PID: 1243 Comm: kworker/0:2 Not tainted 6.6.0-rc4+ #108\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\n Workqueue: events mlx5e_rx_dim_work [mlx5_core]\n RIP: 0010:mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core]\n Code: 8c 24 38 cc ff ff 4c 8d 3c c1 4c 89 f9 48 c1 e9 03 42 80 3c 31 00 0f 85 97 0f 00 00 4d 8b 3f 49 8d 7f 28 48 89 f9 48 c1 e9 03 \u003c42\u003e 80 3c 31 00 0f 85 8b 0f 00 00 49 8b 47 28 48 85 c0 0f 84 05 07\n RSP: 0018:ffff8884d3c09c88 EFLAGS: 00010206\n RAX: 0000000000000069 RBX: ffff8881160349d8 RCX: 0000000000000005\n RDX: ffffed10218f48cf RSI: 0000000000000004 RDI: 0000000000000028\n RBP: ffff888122707700 R08: 0000000000000001 R09: ffffed109a781383\n R10: 0000000000000003 R11: 0000000000000003 R12: ffff88810c7a7a40\n R13: ffff888122707700 R14: dffffc0000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8884d3c00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f4f878dd6e0 CR3: 000000014d108002 CR4: 0000000000370eb0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n Call Trace:\n \u003cIRQ\u003e\n ? die_addr+0x3c/0xa0\n ? exc_general_protection+0x144/0x210\n ? asm_exc_general_protection+0x22/0x30\n ? mlx5e_ptp_napi_poll+0x9a4/0x2290 [mlx5_core]\n ? mlx5e_ptp_napi_poll+0x8f6/0x2290 [mlx5_core]\n __napi_poll.constprop.0+0xa4/0x580\n net_rx_action+0x460/0xb80\n ? _raw_spin_unlock_irqrestore+0x32/0x60\n ? __napi_poll.constprop.0+0x580/0x580\n ? tasklet_action_common.isra.0+0x2ef/0x760\n __do_softirq+0x26c/0x827\n irq_exit_rcu+0xc2/0x100\n common_interrupt+0x7f/0xa0\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_common_interrupt+0x22/0x40\n RIP: 0010:__kmem_cache_alloc_node+0xb/0x330\n Code: 41 5d 41 5e 41 5f c3 8b 44 24 14 8b 4c 24 10 09 c8 eb d5 e8 b7 43 ca 01 0f 1f 80 00 00 00 00 0f 1f 44 00 00 55 48 89 e5 41 57 \u003c41\u003e 56 41 89 d6 41 55 41 89 f5 41 54 49 89 fc 53 48 83 e4 f0 48 83\n RSP: 0018:ffff88812c4079c0 EFLAGS: 00000246\n RAX: 1ffffffff083c7fe RBX: ffff888100042dc0 RCX: 0000000000000218\n RDX: 00000000ffffffff RSI: 0000000000000dc0 RDI: ffff888100042dc0\n RBP: ffff88812c4079c8 R08: ffffffffa0289f96 R09: ffffed1025880ea9\n R10: ffff888138839f80 R11: 0000000000000002 R12: 0000000000000dc0\n R13: 0000000000000100 R14: 000000000000008c R15: ffff8881271fc450\n ? cmd_exec+0x796/0x2200 [mlx5_core]\n kmalloc_trace+0x26/0xc0\n cmd_exec+0x796/0x2200 [mlx5_core]\n mlx5_cmd_do+0x22/0xc0 [mlx5_core]\n mlx5_cmd_exec+0x17/0x30 [mlx5_core]\n mlx5_core_modify_cq_moderation+0x139/0x1b0 [mlx5_core]\n ? mlx5_add_cq_to_tasklet+0x280/0x280 [mlx5_core]\n ? lockdep_set_lock_cmp_fn+0x190/0x190\n ? process_one_work+0x659/0x1220\n mlx5e_rx_dim_work+0x9d/0x100 [mlx5_core]\n process_one_work+0x730/0x1220\n ? lockdep_hardirqs_on_prepare+0x400/0x400\n ? max_active_store+0xf0/0xf0\n ? assign_work+0x168/0x240\n worker_thread+0x70f/0x12d0\n ? __kthread_parkme+0xd1/0x1d0\n ? process_one_work+0x1220/0x1220\n kthread+0x2d9/0x3b0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x70\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_as\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52782",
"url": "https://www.suse.com/security/cve/CVE-2023-52782"
},
{
"category": "external",
"summary": "SUSE Bug 1225103 for CVE-2023-52782",
"url": "https://bugzilla.suse.com/1225103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52782"
},
{
"cve": "CVE-2023-52783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52783"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wangxun: fix kernel panic due to null pointer\n\nWhen the device uses a custom subsystem vendor ID, the function\nwx_sw_init() returns before the memory of \u0027wx-\u003emac_table\u0027 is allocated.\nThe null pointer will causes the kernel panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52783",
"url": "https://www.suse.com/security/cve/CVE-2023-52783"
},
{
"category": "external",
"summary": "SUSE Bug 1225104 for CVE-2023-52783",
"url": "https://bugzilla.suse.com/1225104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52783"
},
{
"cve": "CVE-2023-52784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: stop the device in bond_setup_by_slave()\n\nCommit 9eed321cde22 (\"net: lapbether: only support ethernet devices\")\nhas been able to keep syzbot away from net/lapb, until today.\n\nIn the following splat [1], the issue is that a lapbether device has\nbeen created on a bonding device without members. Then adding a non\nARPHRD_ETHER member forced the bonding master to change its type.\n\nThe fix is to make sure we call dev_close() in bond_setup_by_slave()\nso that the potential linked lapbether devices (or any other devices\nhaving assumptions on the physical device) are removed.\n\nA similar bug has been addressed in commit 40baec225765\n(\"bonding: fix panic on non-ARPHRD_ETHER enslave failure\")\n\n[1]\nskbuff: skb_under_panic: text:ffff800089508810 len:44 put:40 head:ffff0000c78e7c00 data:ffff0000c78e7bea tail:0x16 end:0x140 dev:bond0\nkernel BUG at net/core/skbuff.c:192 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6007 Comm: syz-executor383 Not tainted 6.6.0-rc3-syzkaller-gbf6547d8715b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : skb_panic net/core/skbuff.c:188 [inline]\npc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nlr : skb_panic net/core/skbuff.c:188 [inline]\nlr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nsp : ffff800096a06aa0\nx29: ffff800096a06ab0 x28: ffff800096a06ba0 x27: dfff800000000000\nx26: ffff0000ce9b9b50 x25: 0000000000000016 x24: ffff0000c78e7bea\nx23: ffff0000c78e7c00 x22: 000000000000002c x21: 0000000000000140\nx20: 0000000000000028 x19: ffff800089508810 x18: ffff800096a06100\nx17: 0000000000000000 x16: ffff80008a629a3c x15: 0000000000000001\nx14: 1fffe00036837a32 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000201 x10: 0000000000000000 x9 : cb50b496c519aa00\nx8 : cb50b496c519aa00 x7 : 0000000000000001 x6 : 0000000000000001\nx5 : ffff800096a063b8 x4 : ffff80008e280f80 x3 : ffff8000805ad11c\nx2 : 0000000000000001 x1 : 0000000100000201 x0 : 0000000000000086\nCall trace:\nskb_panic net/core/skbuff.c:188 [inline]\nskb_under_panic+0x13c/0x140 net/core/skbuff.c:202\nskb_push+0xf0/0x108 net/core/skbuff.c:2446\nip6gre_header+0xbc/0x738 net/ipv6/ip6_gre.c:1384\ndev_hard_header include/linux/netdevice.h:3136 [inline]\nlapbeth_data_transmit+0x1c4/0x298 drivers/net/wan/lapbether.c:257\nlapb_data_transmit+0x8c/0xb0 net/lapb/lapb_iface.c:447\nlapb_transmit_buffer+0x178/0x204 net/lapb/lapb_out.c:149\nlapb_send_control+0x220/0x320 net/lapb/lapb_subr.c:251\n__lapb_disconnect_request+0x9c/0x17c net/lapb/lapb_iface.c:326\nlapb_device_event+0x288/0x4e0 net/lapb/lapb_iface.c:492\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nlapbeth_device_event+0x2e4/0x958 drivers/net/wan/lapbether.c:466\nnotifier_call_chain+0x1a4/0x510 kernel/notifier.c:93\nraw_notifier_call_chain+0x3c/0x50 kernel/notifier.c:461\ncall_netdevice_notifiers_info net/core/dev.c:1970 [inline]\ncall_netdevice_notifiers_extack net/core/dev.c:2008 [inline]\ncall_netdevice_notifiers net/core/dev.c:2022 [inline]\n__dev_close_many+0x1b8/0x3c4 net/core/dev.c:1508\ndev_close_many+0x1e0/0x470 net/core/dev.c:1559\ndev_close+0x174/0x250 net/core/dev.c:1585\nbond_enslave+0x2298/0x30cc drivers/net/bonding/bond_main.c:2332\nbond_do_ioctl+0x268/0xc64 drivers/net/bonding/bond_main.c:4539\ndev_ifsioc+0x754/0x9ac\ndev_ioctl+0x4d8/0xd34 net/core/dev_ioctl.c:786\nsock_do_ioctl+0x1d4/0x2d0 net/socket.c:1217\nsock_ioctl+0x4e8/0x834 net/socket.c:1322\nvfs_ioctl fs/ioctl.c:51 [inline]\n__do_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52784",
"url": "https://www.suse.com/security/cve/CVE-2023-52784"
},
{
"category": "external",
"summary": "SUSE Bug 1224946 for CVE-2023-52784",
"url": "https://bugzilla.suse.com/1224946"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52784"
},
{
"cve": "CVE-2023-52786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix racy may inline data check in dio write\n\nsyzbot reports that the following warning from ext4_iomap_begin()\ntriggers as of the commit referenced below:\n\n if (WARN_ON_ONCE(ext4_has_inline_data(inode)))\n return -ERANGE;\n\nThis occurs during a dio write, which is never expected to encounter\nan inode with inline data. To enforce this behavior,\next4_dio_write_iter() checks the current inline state of the inode\nand clears the MAY_INLINE_DATA state flag to either fall back to\nbuffered writes, or enforce that any other writers in progress on\nthe inode are not allowed to create inline data.\n\nThe problem is that the check for existing inline data and the state\nflag can span a lock cycle. For example, if the ilock is originally\nlocked shared and subsequently upgraded to exclusive, another writer\nmay have reacquired the lock and created inline data before the dio\nwrite task acquires the lock and proceeds.\n\nThe commit referenced below loosens the lock requirements to allow\nsome forms of unaligned dio writes to occur under shared lock, but\nAFAICT the inline data check was technically already racy for any\ndio write that would have involved a lock cycle. Regardless, lift\nclearing of the state bit to the same lock critical section that\nchecks for preexisting inline data on the inode to close the race.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52786",
"url": "https://www.suse.com/security/cve/CVE-2023-52786"
},
{
"category": "external",
"summary": "SUSE Bug 1224939 for CVE-2023-52786",
"url": "https://bugzilla.suse.com/1224939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2023-52786"
},
{
"cve": "CVE-2023-52787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52787"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: make sure active queue usage is held for bio_integrity_prep()\n\nblk_integrity_unregister() can come if queue usage counter isn\u0027t held\nfor one bio with integrity prepared, so this request may be completed with\ncalling profile-\u003ecomplete_fn, then kernel panic.\n\nAnother constraint is that bio_integrity_prep() needs to be called\nbefore bio merge.\n\nFix the issue by:\n\n- call bio_integrity_prep() with one queue usage counter grabbed reliably\n\n- call bio_integrity_prep() before bio merge",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52787",
"url": "https://www.suse.com/security/cve/CVE-2023-52787"
},
{
"category": "external",
"summary": "SUSE Bug 1225105 for CVE-2023-52787",
"url": "https://bugzilla.suse.com/1225105"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52787"
},
{
"cve": "CVE-2023-52788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52788"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni915/perf: Fix NULL deref bugs with drm_dbg() calls\n\nWhen i915 perf interface is not available dereferencing it will lead to\nNULL dereferences.\n\nAs returning -ENOTSUPP is pretty clear return when perf interface is not\navailable.\n\n[tursulin: added stable tag]\n(cherry picked from commit 36f27350ff745bd228ab04d7845dfbffc177a889)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52788",
"url": "https://www.suse.com/security/cve/CVE-2023-52788"
},
{
"category": "external",
"summary": "SUSE Bug 1225106 for CVE-2023-52788",
"url": "https://bugzilla.suse.com/1225106"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52788"
},
{
"cve": "CVE-2023-52789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: vcc: Add check for kstrdup() in vcc_probe()\n\nAdd check for the return value of kstrdup() and return the error, if it\nfails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52789",
"url": "https://www.suse.com/security/cve/CVE-2023-52789"
},
{
"category": "external",
"summary": "SUSE Bug 1225180 for CVE-2023-52789",
"url": "https://bugzilla.suse.com/1225180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52789"
},
{
"cve": "CVE-2023-52791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: core: Run atomic i2c xfer when !preemptible\n\nSince bae1d3a05a8b, i2c transfers are non-atomic if preemption is\ndisabled. However, non-atomic i2c transfers require preemption (e.g. in\nwait_for_completion() while waiting for the DMA).\n\npanic() calls preempt_disable_notrace() before calling\nemergency_restart(). Therefore, if an i2c device is used for the\nrestart, the xfer should be atomic. This avoids warnings like:\n\n[ 12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0\n[ 12.676926] Voluntary context switch within RCU read-side critical section!\n...\n[ 12.742376] schedule_timeout from wait_for_completion_timeout+0x90/0x114\n[ 12.749179] wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70\n...\n[ 12.994527] atomic_notifier_call_chain from machine_restart+0x34/0x58\n[ 13.001050] machine_restart from panic+0x2a8/0x32c\n\nUse !preemptible() instead, which is basically the same check as\npre-v5.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52791",
"url": "https://www.suse.com/security/cve/CVE-2023-52791"
},
{
"category": "external",
"summary": "SUSE Bug 1225108 for CVE-2023-52791",
"url": "https://bugzilla.suse.com/1225108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52791"
},
{
"cve": "CVE-2023-52792",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52792"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/region: Do not try to cleanup after cxl_region_setup_targets() fails\n\nCommit 5e42bcbc3fef (\"cxl/region: decrement -\u003enr_targets on error in\ncxl_region_attach()\") tried to avoid \u0027eiw\u0027 initialization errors when\n-\u003enr_targets exceeded 16, by just decrementing -\u003enr_targets when\ncxl_region_setup_targets() failed.\n\nCommit 86987c766276 (\"cxl/region: Cleanup target list on attach error\")\nextended that cleanup to also clear cxled-\u003epos and p-\u003etargets[pos]. The\ninitialization error was incidentally fixed separately by:\nCommit 8d4285425714 (\"cxl/region: Fix port setup uninitialized variable\nwarnings\") which was merged a few days after 5e42bcbc3fef.\n\nBut now the original cleanup when cxl_region_setup_targets() fails\nprevents endpoint and switch decoder resources from being reused:\n\n1) the cleanup does not set the decoder\u0027s region to NULL, which results\n in future dpa_size_store() calls returning -EBUSY\n2) the decoder is not properly freed, which results in future commit\n errors associated with the upstream switch\n\nNow that the initialization errors were fixed separately, the proper\ncleanup for this case is to just return immediately. Then the resources\nassociated with this target get cleanup up as normal when the failed\nregion is deleted.\n\nThe -\u003enr_targets decrement in the error case also helped prevent\na p-\u003etargets[] array overflow, so add a new check to prevent against\nthat overflow.\n\nTested by trying to create an invalid region for a 2 switch * 2 endpoint\ntopology, and then following up with creating a valid region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52792",
"url": "https://www.suse.com/security/cve/CVE-2023-52792"
},
{
"category": "external",
"summary": "SUSE Bug 1225477 for CVE-2023-52792",
"url": "https://bugzilla.suse.com/1225477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52792"
},
{
"cve": "CVE-2023-52794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: intel: powerclamp: fix mismatch in get function for max_idle\n\nKASAN reported this\n\n [ 444.853098] BUG: KASAN: global-out-of-bounds in param_get_int+0x77/0x90\n [ 444.853111] Read of size 4 at addr ffffffffc16c9220 by task cat/2105\n ...\n [ 444.853442] The buggy address belongs to the variable:\n [ 444.853443] max_idle+0x0/0xffffffffffffcde0 [intel_powerclamp]\n\nThere is a mismatch between the param_get_int and the definition of\nmax_idle. Replacing param_get_int with param_get_byte resolves this\nissue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52794",
"url": "https://www.suse.com/security/cve/CVE-2023-52794"
},
{
"category": "external",
"summary": "SUSE Bug 1225028 for CVE-2023-52794",
"url": "https://bugzilla.suse.com/1225028"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2023-52794"
},
{
"cve": "CVE-2023-52795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvhost-vdpa: fix use after free in vhost_vdpa_probe()\n\nThe put_device() calls vhost_vdpa_release_dev() which calls\nida_simple_remove() and frees \"v\". So this call to\nida_simple_remove() is a use after free and a double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52795",
"url": "https://www.suse.com/security/cve/CVE-2023-52795"
},
{
"category": "external",
"summary": "SUSE Bug 1225085 for CVE-2023-52795",
"url": "https://bugzilla.suse.com/1225085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52795"
},
{
"cve": "CVE-2023-52796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipvlan: add ipvlan_route_v6_outbound() helper\n\nInspired by syzbot reports using a stack of multiple ipvlan devices.\n\nReduce stack size needed in ipvlan_process_v6_outbound() by moving\nthe flowi6 struct used for the route lookup in an non inlined\nhelper. ipvlan_route_v6_outbound() needs 120 bytes on the stack,\nimmediately reclaimed.\n\nAlso make sure ipvlan_process_v4_outbound() is not inlined.\n\nWe might also have to lower MAX_NEST_DEV, because only syzbot uses\nsetups with more than four stacked devices.\n\nBUG: TASK stack guard page was hit at ffffc9000e803ff8 (stack is ffffc9000e804000..ffffc9000e808000)\nstack guard page: 0000 [#1] SMP KASAN\nCPU: 0 PID: 13442 Comm: syz-executor.4 Not tainted 6.1.52-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nRIP: 0010:kasan_check_range+0x4/0x2a0 mm/kasan/generic.c:188\nCode: 48 01 c6 48 89 c7 e8 db 4e c1 03 31 c0 5d c3 cc 0f 0b eb 02 0f 0b b8 ea ff ff ff 5d c3 cc 00 00 cc cc 00 00 cc cc 55 48 89 e5 \u003c41\u003e 57 41 56 41 55 41 54 53 b0 01 48 85 f6 0f 84 a4 01 00 00 48 89\nRSP: 0018:ffffc9000e804000 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff817e5bf2\nRDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff887c6568\nRBP: ffffc9000e804000 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: dffffc0000000001 R12: 1ffff92001d0080c\nR13: dffffc0000000000 R14: ffffffff87e6b100 R15: 0000000000000000\nFS: 00007fd0c55826c0(0000) GS:ffff8881f6800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000e803ff8 CR3: 0000000170ef7000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\u003c#DF\u003e\n\u003c/#DF\u003e\n\u003cTASK\u003e\n[\u003cffffffff81f281d1\u003e] __kasan_check_read+0x11/0x20 mm/kasan/shadow.c:31\n[\u003cffffffff817e5bf2\u003e] instrument_atomic_read include/linux/instrumented.h:72 [inline]\n[\u003cffffffff817e5bf2\u003e] _test_bit include/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\n[\u003cffffffff817e5bf2\u003e] cpumask_test_cpu include/linux/cpumask.h:506 [inline]\n[\u003cffffffff817e5bf2\u003e] cpu_online include/linux/cpumask.h:1092 [inline]\n[\u003cffffffff817e5bf2\u003e] trace_lock_acquire include/trace/events/lock.h:24 [inline]\n[\u003cffffffff817e5bf2\u003e] lock_acquire+0xe2/0x590 kernel/locking/lockdep.c:5632\n[\u003cffffffff8563221e\u003e] rcu_lock_acquire+0x2e/0x40 include/linux/rcupdate.h:306\n[\u003cffffffff8561464d\u003e] rcu_read_lock include/linux/rcupdate.h:747 [inline]\n[\u003cffffffff8561464d\u003e] ip6_pol_route+0x15d/0x1440 net/ipv6/route.c:2221\n[\u003cffffffff85618120\u003e] ip6_pol_route_output+0x50/0x80 net/ipv6/route.c:2606\n[\u003cffffffff856f65b5\u003e] pol_lookup_func include/net/ip6_fib.h:584 [inline]\n[\u003cffffffff856f65b5\u003e] fib6_rule_lookup+0x265/0x620 net/ipv6/fib6_rules.c:116\n[\u003cffffffff85618009\u003e] ip6_route_output_flags_noref+0x2d9/0x3a0 net/ipv6/route.c:2638\n[\u003cffffffff8561821a\u003e] ip6_route_output_flags+0xca/0x340 net/ipv6/route.c:2651\n[\u003cffffffff838bd5a3\u003e] ip6_route_output include/net/ip6_route.h:100 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_v6_outbound drivers/net/ipvlan/ipvlan_core.c:473 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_process_outbound drivers/net/ipvlan/ipvlan_core.c:529 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_xmit_mode_l3 drivers/net/ipvlan/ipvlan_core.c:602 [inline]\n[\u003cffffffff838bd5a3\u003e] ipvlan_queue_xmit+0xc33/0x1be0 drivers/net/ipvlan/ipvlan_core.c:677\n[\u003cffffffff838c2909\u003e] ipvlan_start_xmit+0x49/0x100 drivers/net/ipvlan/ipvlan_main.c:229\n[\u003cffffffff84d03900\u003e] netdev_start_xmit include/linux/netdevice.h:4966 [inline]\n[\u003cffffffff84d03900\u003e] xmit_one net/core/dev.c:3644 [inline]\n[\u003cffffffff84d03900\u003e] dev_hard_start_xmit+0x320/0x980 net/core/dev.c:3660\n[\u003cffffffff84d080e2\u003e] __dev_queue_xmit+0x16b2/0x3370 net/core/dev.c:4324\n[\u003cffffffff855ce4cd\u003e] dev_queue_xmit include/linux/netdevice.h:3067 [inline]\n[\u003cffffffff855ce4cd\u003e] neigh_hh_output include/net/neighbour.h:529 [inline]\n[\u003cf\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52796",
"url": "https://www.suse.com/security/cve/CVE-2023-52796"
},
{
"category": "external",
"summary": "SUSE Bug 1224930 for CVE-2023-52796",
"url": "https://bugzilla.suse.com/1224930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52796"
},
{
"cve": "CVE-2023-52798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52798"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix dfs radar event locking\n\nThe ath11k active pdevs are protected by RCU but the DFS radar event\nhandling code calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52798",
"url": "https://www.suse.com/security/cve/CVE-2023-52798"
},
{
"category": "external",
"summary": "SUSE Bug 1224947 for CVE-2023-52798",
"url": "https://bugzilla.suse.com/1224947"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52798"
},
{
"cve": "CVE-2023-52799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in dbFindLeaf\n\nCurrently while searching for dmtree_t for sufficient free blocks there\nis an array out of bounds while getting element in tp-\u003edm_stree. To add\nthe required check for out of bound we first need to determine the type\nof dmtree. Thus added an extra parameter to dbFindLeaf so that the type\nof tree can be determined and the required check can be applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52799",
"url": "https://www.suse.com/security/cve/CVE-2023-52799"
},
{
"category": "external",
"summary": "SUSE Bug 1225472 for CVE-2023-52799",
"url": "https://bugzilla.suse.com/1225472"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52799"
},
{
"cve": "CVE-2023-52800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: fix htt pktlog locking\n\nThe ath11k active pdevs are protected by RCU but the htt pktlog handling\ncode calling ath11k_mac_get_ar_by_pdev_id() was not marked as a\nread-side critical section.\n\nMark the code in question as an RCU read-side critical section to avoid\nany potential use-after-free issues.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52800",
"url": "https://www.suse.com/security/cve/CVE-2023-52800"
},
{
"category": "external",
"summary": "SUSE Bug 1230600 for CVE-2023-52800",
"url": "https://bugzilla.suse.com/1230600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52800"
},
{
"cve": "CVE-2023-52801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix missing update of domains_itree after splitting iopt_area\n\nIn iopt_area_split(), if the original iopt_area has filled a domain and is\nlinked to domains_itree, pages_nodes have to be properly\nreinserted. Otherwise the domains_itree becomes corrupted and we will UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52801",
"url": "https://www.suse.com/security/cve/CVE-2023-52801"
},
{
"category": "external",
"summary": "SUSE Bug 1225006 for CVE-2023-52801",
"url": "https://bugzilla.suse.com/1225006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52801"
},
{
"cve": "CVE-2023-52803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix RPC client cleaned up the freed pipefs dentries\n\nRPC client pipefs dentries cleanup is in separated rpc_remove_pipedir()\nworkqueue,which takes care about pipefs superblock locking.\nIn some special scenarios, when kernel frees the pipefs sb of the\ncurrent client and immediately alloctes a new pipefs sb,\nrpc_remove_pipedir function would misjudge the existence of pipefs\nsb which is not the one it used to hold. As a result,\nthe rpc_remove_pipedir would clean the released freed pipefs dentries.\n\nTo fix this issue, rpc_remove_pipedir should check whether the\ncurrent pipefs sb is consistent with the original pipefs sb.\n\nThis error can be catched by KASAN:\n=========================================================\n[ 250.497700] BUG: KASAN: slab-use-after-free in dget_parent+0x195/0x200\n[ 250.498315] Read of size 4 at addr ffff88800a2ab804 by task kworker/0:18/106503\n[ 250.500549] Workqueue: events rpc_free_client_work\n[ 250.501001] Call Trace:\n[ 250.502880] kasan_report+0xb6/0xf0\n[ 250.503209] ? dget_parent+0x195/0x200\n[ 250.503561] dget_parent+0x195/0x200\n[ 250.503897] ? __pfx_rpc_clntdir_depopulate+0x10/0x10\n[ 250.504384] rpc_rmdir_depopulate+0x1b/0x90\n[ 250.504781] rpc_remove_client_dir+0xf5/0x150\n[ 250.505195] rpc_free_client_work+0xe4/0x230\n[ 250.505598] process_one_work+0x8ee/0x13b0\n...\n[ 22.039056] Allocated by task 244:\n[ 22.039390] kasan_save_stack+0x22/0x50\n[ 22.039758] kasan_set_track+0x25/0x30\n[ 22.040109] __kasan_slab_alloc+0x59/0x70\n[ 22.040487] kmem_cache_alloc_lru+0xf0/0x240\n[ 22.040889] __d_alloc+0x31/0x8e0\n[ 22.041207] d_alloc+0x44/0x1f0\n[ 22.041514] __rpc_lookup_create_exclusive+0x11c/0x140\n[ 22.041987] rpc_mkdir_populate.constprop.0+0x5f/0x110\n[ 22.042459] rpc_create_client_dir+0x34/0x150\n[ 22.042874] rpc_setup_pipedir_sb+0x102/0x1c0\n[ 22.043284] rpc_client_register+0x136/0x4e0\n[ 22.043689] rpc_new_client+0x911/0x1020\n[ 22.044057] rpc_create_xprt+0xcb/0x370\n[ 22.044417] rpc_create+0x36b/0x6c0\n...\n[ 22.049524] Freed by task 0:\n[ 22.049803] kasan_save_stack+0x22/0x50\n[ 22.050165] kasan_set_track+0x25/0x30\n[ 22.050520] kasan_save_free_info+0x2b/0x50\n[ 22.050921] __kasan_slab_free+0x10e/0x1a0\n[ 22.051306] kmem_cache_free+0xa5/0x390\n[ 22.051667] rcu_core+0x62c/0x1930\n[ 22.051995] __do_softirq+0x165/0x52a\n[ 22.052347]\n[ 22.052503] Last potentially related work creation:\n[ 22.052952] kasan_save_stack+0x22/0x50\n[ 22.053313] __kasan_record_aux_stack+0x8e/0xa0\n[ 22.053739] __call_rcu_common.constprop.0+0x6b/0x8b0\n[ 22.054209] dentry_free+0xb2/0x140\n[ 22.054540] __dentry_kill+0x3be/0x540\n[ 22.054900] shrink_dentry_list+0x199/0x510\n[ 22.055293] shrink_dcache_parent+0x190/0x240\n[ 22.055703] do_one_tree+0x11/0x40\n[ 22.056028] shrink_dcache_for_umount+0x61/0x140\n[ 22.056461] generic_shutdown_super+0x70/0x590\n[ 22.056879] kill_anon_super+0x3a/0x60\n[ 22.057234] rpc_kill_sb+0x121/0x200",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52803",
"url": "https://www.suse.com/security/cve/CVE-2023-52803"
},
{
"category": "external",
"summary": "SUSE Bug 1225008 for CVE-2023-52803",
"url": "https://bugzilla.suse.com/1225008"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52803"
},
{
"cve": "CVE-2023-52804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add validity check for db_maxag and db_agpref\n\nBoth db_maxag and db_agpref are used as the index of the\ndb_agfree array, but there is currently no validity check for\ndb_maxag and db_agpref, which can lead to errors.\n\nThe following is related bug reported by Syzbot:\n\nUBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:639:20\nindex 7936 is out of range for type \u0027atomic_t[128]\u0027\n\nAdd checking that the values of db_maxag and db_agpref are valid\nindexes for the db_agfree array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52804",
"url": "https://www.suse.com/security/cve/CVE-2023-52804"
},
{
"category": "external",
"summary": "SUSE Bug 1225550 for CVE-2023-52804",
"url": "https://bugzilla.suse.com/1225550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52804"
},
{
"cve": "CVE-2023-52805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: fix array-index-out-of-bounds in diAlloc\n\nCurrently there is not check against the agno of the iag while\nallocating new inodes to avoid fragmentation problem. Added the check\nwhich is required.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52805",
"url": "https://www.suse.com/security/cve/CVE-2023-52805"
},
{
"category": "external",
"summary": "SUSE Bug 1225553 for CVE-2023-52805",
"url": "https://bugzilla.suse.com/1225553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52805"
},
{
"cve": "CVE-2023-52806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: Fix possible null-ptr-deref when assigning a stream\n\nWhile AudioDSP drivers assign streams exclusively of HOST or LINK type,\nnothing blocks a user to attempt to assign a COUPLED stream. As\nsupplied substream instance may be a stub, what is the case when\ncode-loading, such scenario ends with null-ptr-deref.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52806",
"url": "https://www.suse.com/security/cve/CVE-2023-52806"
},
{
"category": "external",
"summary": "SUSE Bug 1225554 for CVE-2023-52806",
"url": "https://bugzilla.suse.com/1225554"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52806"
},
{
"cve": "CVE-2023-52807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs\n\nThe hns3 driver define an array of string to show the coalesce\ninfo, but if the kernel adds a new mode or a new state,\nout-of-bounds access may occur when coalesce info is read via\ndebugfs, this patch fix the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52807",
"url": "https://www.suse.com/security/cve/CVE-2023-52807"
},
{
"category": "external",
"summary": "SUSE Bug 1225097 for CVE-2023-52807",
"url": "https://bugzilla.suse.com/1225097"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52807"
},
{
"cve": "CVE-2023-52808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs\n\nIf init debugfs failed during device registration due to memory allocation\nfailure, debugfs_remove_recursive() is called, after which debugfs_dir is\nnot set to NULL. debugfs_remove_recursive() will be called again during\ndevice removal. As a result, illegal pointer is accessed.\n\n[ 1665.467244] hisi_sas_v3_hw 0000:b4:02.0: failed to init debugfs!\n...\n[ 1669.836708] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000a0\n[ 1669.872669] pc : down_write+0x24/0x70\n[ 1669.876315] lr : down_write+0x1c/0x70\n[ 1669.879961] sp : ffff000036f53a30\n[ 1669.883260] x29: ffff000036f53a30 x28: ffffa027c31549f8\n[ 1669.888547] x27: ffffa027c3140000 x26: 0000000000000000\n[ 1669.893834] x25: ffffa027bf37c270 x24: ffffa027bf37c270\n[ 1669.899122] x23: ffff0000095406b8 x22: ffff0000095406a8\n[ 1669.904408] x21: 0000000000000000 x20: ffffa027bf37c310\n[ 1669.909695] x19: 00000000000000a0 x18: ffff8027dcd86f10\n[ 1669.914982] x17: 0000000000000000 x16: 0000000000000000\n[ 1669.920268] x15: 0000000000000000 x14: ffffa0274014f870\n[ 1669.925555] x13: 0000000000000040 x12: 0000000000000228\n[ 1669.930842] x11: 0000000000000020 x10: 0000000000000bb0\n[ 1669.936129] x9 : ffff000036f537f0 x8 : ffff80273088ca10\n[ 1669.941416] x7 : 000000000000001d x6 : 00000000ffffffff\n[ 1669.946702] x5 : ffff000008a36310 x4 : ffff80273088be00\n[ 1669.951989] x3 : ffff000009513e90 x2 : 0000000000000000\n[ 1669.957276] x1 : 00000000000000a0 x0 : ffffffff00000001\n[ 1669.962563] Call trace:\n[ 1669.965000] down_write+0x24/0x70\n[ 1669.968301] debugfs_remove_recursive+0x5c/0x1b0\n[ 1669.972905] hisi_sas_debugfs_exit+0x24/0x30 [hisi_sas_main]\n[ 1669.978541] hisi_sas_v3_remove+0x130/0x150 [hisi_sas_v3_hw]\n[ 1669.984175] pci_device_remove+0x48/0xd8\n[ 1669.988082] device_release_driver_internal+0x1b4/0x250\n[ 1669.993282] device_release_driver+0x28/0x38\n[ 1669.997534] pci_stop_bus_device+0x84/0xb8\n[ 1670.001611] pci_stop_and_remove_bus_device_locked+0x24/0x40\n[ 1670.007244] remove_store+0xfc/0x140\n[ 1670.010802] dev_attr_store+0x44/0x60\n[ 1670.014448] sysfs_kf_write+0x58/0x80\n[ 1670.018095] kernfs_fop_write+0xe8/0x1f0\n[ 1670.022000] __vfs_write+0x60/0x190\n[ 1670.025472] vfs_write+0xac/0x1c0\n[ 1670.028771] ksys_write+0x6c/0xd8\n[ 1670.032071] __arm64_sys_write+0x24/0x30\n[ 1670.035977] el0_svc_common+0x78/0x130\n[ 1670.039710] el0_svc_handler+0x38/0x78\n[ 1670.043442] el0_svc+0x8/0xc\n\nTo fix this, set debugfs_dir to NULL after debugfs_remove_recursive().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52808",
"url": "https://www.suse.com/security/cve/CVE-2023-52808"
},
{
"category": "external",
"summary": "SUSE Bug 1225555 for CVE-2023-52808",
"url": "https://bugzilla.suse.com/1225555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52808"
},
{
"cve": "CVE-2023-52809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup()\n\nfc_lport_ptp_setup() did not check the return value of fc_rport_create()\nwhich can return NULL and would cause a NULL pointer dereference. Address\nthis issue by checking return value of fc_rport_create() and log error\nmessage on fc_rport_create() failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52809",
"url": "https://www.suse.com/security/cve/CVE-2023-52809"
},
{
"category": "external",
"summary": "SUSE Bug 1225556 for CVE-2023-52809",
"url": "https://bugzilla.suse.com/1225556"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52809"
},
{
"cve": "CVE-2023-52810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/jfs: Add check for negative db_l2nbperpage\n\nl2nbperpage is log2(number of blks per page), and the minimum legal\nvalue should be 0, not negative.\n\nIn the case of l2nbperpage being negative, an error will occur\nwhen subsequently used as shift exponent.\n\nSyzbot reported this bug:\n\nUBSAN: shift-out-of-bounds in fs/jfs/jfs_dmap.c:799:12\nshift exponent -16777216 is negative",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52810",
"url": "https://www.suse.com/security/cve/CVE-2023-52810"
},
{
"category": "external",
"summary": "SUSE Bug 1225557 for CVE-2023-52810",
"url": "https://bugzilla.suse.com/1225557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52810"
},
{
"cve": "CVE-2023-52811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Remove BUG_ON in the case of an empty event pool\n\nIn practice the driver should never send more commands than are allocated\nto a queue\u0027s event pool. In the unlikely event that this happens, the code\nasserts a BUG_ON, and in the case that the kernel is not configured to\ncrash on panic returns a junk event pointer from the empty event list\ncausing things to spiral from there. This BUG_ON is a historical artifact\nof the ibmvfc driver first being upstreamed, and it is well known now that\nthe use of BUG_ON is bad practice except in the most unrecoverable\nscenario. There is nothing about this scenario that prevents the driver\nfrom recovering and carrying on.\n\nRemove the BUG_ON in question from ibmvfc_get_event() and return a NULL\npointer in the case of an empty event pool. Update all call sites to\nibmvfc_get_event() to check for a NULL pointer and perfrom the appropriate\nfailure or recovery action.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52811",
"url": "https://www.suse.com/security/cve/CVE-2023-52811"
},
{
"category": "external",
"summary": "SUSE Bug 1225559 for CVE-2023-52811",
"url": "https://bugzilla.suse.com/1225559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52811"
},
{
"cve": "CVE-2023-52812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52812"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: check num of link levels when update pcie param\n\nIn SR-IOV environment, the value of pcie_table-\u003enum_of_link_levels will\nbe 0, and num_of_levels - 1 will cause array index out of bounds",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52812",
"url": "https://www.suse.com/security/cve/CVE-2023-52812"
},
{
"category": "external",
"summary": "SUSE Bug 1225564 for CVE-2023-52812",
"url": "https://bugzilla.suse.com/1225564"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52812"
},
{
"cve": "CVE-2023-52813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\n\nWe found a hungtask bug in test_aead_vec_cfg as follows:\n\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nCall trace:\n __switch_to+0x98/0xe0\n __schedule+0x6c4/0xf40\n schedule+0xd8/0x1b4\n schedule_timeout+0x474/0x560\n wait_for_common+0x368/0x4e0\n wait_for_completion+0x20/0x30\n wait_for_completion+0x20/0x30\n test_aead_vec_cfg+0xab4/0xd50\n test_aead+0x144/0x1f0\n alg_test_aead+0xd8/0x1e0\n alg_test+0x634/0x890\n cryptomgr_test+0x40/0x70\n kthread+0x1e0/0x220\n ret_from_fork+0x10/0x18\n Kernel panic - not syncing: hung_task: blocked tasks\n\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\nwait_for_completion(\u0026wait-\u003ecompletion) in test_aead_vec_cfg. In normal\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\nreturn err is 0 for padata_do_parallel. But, when pinst-\u003eflags is\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\nwon\u0027t call aead_request_complete(). Therefore, test_aead_vec_cfg will\nhung at wait_for_completion(\u0026wait-\u003ecompletion), which will cause\nhungtask.\n\nThe problem comes as following:\n(padata_do_parallel) |\n rcu_read_lock_bh(); |\n err = -EINVAL; | (padata_replace)\n | pinst-\u003eflags |= PADATA_RESET;\n err = -EBUSY |\n if (pinst-\u003eflags \u0026 PADATA_RESET) |\n rcu_read_unlock_bh() |\n return err\n\nIn order to resolve the problem, we replace the return err -EBUSY with\n-EAGAIN, which means parallel_data is changing, and the caller should call\nit again.\n\nv3:\nremove retry and just change the return err.\nv2:\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\npcrypt_aead_decrypt to solve the hungtask.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52813",
"url": "https://www.suse.com/security/cve/CVE-2023-52813"
},
{
"category": "external",
"summary": "SUSE Bug 1225527 for CVE-2023-52813",
"url": "https://bugzilla.suse.com/1225527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52813"
},
{
"cve": "CVE-2023-52814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential null pointer derefernce\n\nThe amdgpu_ras_get_context may return NULL if device\nnot support ras feature, so add check before using.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52814",
"url": "https://www.suse.com/security/cve/CVE-2023-52814"
},
{
"category": "external",
"summary": "SUSE Bug 1225565 for CVE-2023-52814",
"url": "https://bugzilla.suse.com/1225565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52814"
},
{
"cve": "CVE-2023-52815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/vkms: fix a possible null pointer dereference\n\nIn amdgpu_vkms_conn_get_modes(), the return value of drm_cvt_mode()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_cvt_mode(). Add a check to avoid null pointer\ndereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52815",
"url": "https://www.suse.com/security/cve/CVE-2023-52815"
},
{
"category": "external",
"summary": "SUSE Bug 1225568 for CVE-2023-52815",
"url": "https://bugzilla.suse.com/1225568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52815"
},
{
"cve": "CVE-2023-52816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix shift out-of-bounds issue\n\n[ 567.613292] shift exponent 255 is too large for 64-bit type \u0027long unsigned int\u0027\n[ 567.614498] CPU: 5 PID: 238 Comm: kworker/5:1 Tainted: G OE 6.2.0-34-generic #34~22.04.1-Ubuntu\n[ 567.614502] Hardware name: AMD Splinter/Splinter-RPL, BIOS WS43927N_871 09/25/2023\n[ 567.614504] Workqueue: events send_exception_work_handler [amdgpu]\n[ 567.614748] Call Trace:\n[ 567.614750] \u003cTASK\u003e\n[ 567.614753] dump_stack_lvl+0x48/0x70\n[ 567.614761] dump_stack+0x10/0x20\n[ 567.614763] __ubsan_handle_shift_out_of_bounds+0x156/0x310\n[ 567.614769] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.614773] ? update_sd_lb_stats.constprop.0+0xf2/0x3c0\n[ 567.614780] svm_range_split_by_granularity.cold+0x2b/0x34 [amdgpu]\n[ 567.615047] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.615052] svm_migrate_to_ram+0x185/0x4d0 [amdgpu]\n[ 567.615286] do_swap_page+0x7b6/0xa30\n[ 567.615291] ? srso_alias_return_thunk+0x5/0x7f\n[ 567.615294] ? __free_pages+0x119/0x130\n[ 567.615299] handle_pte_fault+0x227/0x280\n[ 567.615303] __handle_mm_fault+0x3c0/0x720\n[ 567.615311] handle_mm_fault+0x119/0x330\n[ 567.615314] ? lock_mm_and_find_vma+0x44/0x250\n[ 567.615318] do_user_addr_fault+0x1a9/0x640\n[ 567.615323] exc_page_fault+0x81/0x1b0\n[ 567.615328] asm_exc_page_fault+0x27/0x30\n[ 567.615332] RIP: 0010:__get_user_8+0x1c/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52816",
"url": "https://www.suse.com/security/cve/CVE-2023-52816"
},
{
"category": "external",
"summary": "SUSE Bug 1225529 for CVE-2023-52816",
"url": "https://bugzilla.suse.com/1225529"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52816"
},
{
"cve": "CVE-2023-52817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL\n\nIn certain types of chips, such as VEGA20, reading the amdgpu_regs_smc file could result in an abnormal null pointer access when the smc_rreg pointer is NULL. Below are the steps to reproduce this issue and the corresponding exception log:\n\n1. Navigate to the directory: /sys/kernel/debug/dri/0\n2. Execute command: cat amdgpu_regs_smc\n3. Exception Log::\n[4005007.702554] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[4005007.702562] #PF: supervisor instruction fetch in kernel mode\n[4005007.702567] #PF: error_code(0x0010) - not-present page\n[4005007.702570] PGD 0 P4D 0\n[4005007.702576] Oops: 0010 [#1] SMP NOPTI\n[4005007.702581] CPU: 4 PID: 62563 Comm: cat Tainted: G OE 5.15.0-43-generic #46-Ubunt u\n[4005007.702590] RIP: 0010:0x0\n[4005007.702598] Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6.\n[4005007.702600] RSP: 0018:ffffa82b46d27da0 EFLAGS: 00010206\n[4005007.702605] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffa82b46d27e68\n[4005007.702609] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff9940656e0000\n[4005007.702612] RBP: ffffa82b46d27dd8 R08: 0000000000000000 R09: ffff994060c07980\n[4005007.702615] R10: 0000000000020000 R11: 0000000000000000 R12: 00007f5e06753000\n[4005007.702618] R13: ffff9940656e0000 R14: ffffa82b46d27e68 R15: 00007f5e06753000\n[4005007.702622] FS: 00007f5e0755b740(0000) GS:ffff99479d300000(0000) knlGS:0000000000000000\n[4005007.702626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[4005007.702629] CR2: ffffffffffffffd6 CR3: 00000003253fc000 CR4: 00000000003506e0\n[4005007.702633] Call Trace:\n[4005007.702636] \u003cTASK\u003e\n[4005007.702640] amdgpu_debugfs_regs_smc_read+0xb0/0x120 [amdgpu]\n[4005007.703002] full_proxy_read+0x5c/0x80\n[4005007.703011] vfs_read+0x9f/0x1a0\n[4005007.703019] ksys_read+0x67/0xe0\n[4005007.703023] __x64_sys_read+0x19/0x20\n[4005007.703028] do_syscall_64+0x5c/0xc0\n[4005007.703034] ? do_user_addr_fault+0x1e3/0x670\n[4005007.703040] ? exit_to_user_mode_prepare+0x37/0xb0\n[4005007.703047] ? irqentry_exit_to_user_mode+0x9/0x20\n[4005007.703052] ? irqentry_exit+0x19/0x30\n[4005007.703057] ? exc_page_fault+0x89/0x160\n[4005007.703062] ? asm_exc_page_fault+0x8/0x30\n[4005007.703068] entry_SYSCALL_64_after_hwframe+0x44/0xae\n[4005007.703075] RIP: 0033:0x7f5e07672992\n[4005007.703079] Code: c0 e9 b2 fe ff ff 50 48 8d 3d fa b2 0c 00 e8 c5 1d 02 00 0f 1f 44 00 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 56 c3 0f 1f 44 00 00 48 83 e c 28 48 89 54 24\n[4005007.703083] RSP: 002b:00007ffe03097898 EFLAGS: 00000246 ORIG_RAX: 0000000000000000\n[4005007.703088] RAX: ffffffffffffffda RBX: 0000000000020000 RCX: 00007f5e07672992\n[4005007.703091] RDX: 0000000000020000 RSI: 00007f5e06753000 RDI: 0000000000000003\n[4005007.703094] RBP: 00007f5e06753000 R08: 00007f5e06752010 R09: 00007f5e06752010\n[4005007.703096] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000022000\n[4005007.703099] R13: 0000000000000003 R14: 0000000000020000 R15: 0000000000020000\n[4005007.703105] \u003c/TASK\u003e\n[4005007.703107] Modules linked in: nf_tables libcrc32c nfnetlink algif_hash af_alg binfmt_misc nls_ iso8859_1 ipmi_ssif ast intel_rapl_msr intel_rapl_common drm_vram_helper drm_ttm_helper amd64_edac t tm edac_mce_amd kvm_amd ccp mac_hid k10temp kvm acpi_ipmi ipmi_si rapl sch_fq_codel ipmi_devintf ipm i_msghandler msr parport_pc ppdev lp parport mtd pstore_blk efi_pstore ramoops pstore_zone reed_solo mon ip_tables x_tables autofs4 ib_uverbs ib_core amdgpu(OE) amddrm_ttm_helper(OE) amdttm(OE) iommu_v 2 amd_sched(OE) amdkcl(OE) drm_kms_helper syscopyarea sysfillrect sysimgblt fb_sys_fops cec rc_core drm igb ahci xhci_pci libahci i2c_piix4 i2c_algo_bit xhci_pci_renesas dca\n[4005007.703184] CR2: 0000000000000000\n[4005007.703188] ---[ en\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52817",
"url": "https://www.suse.com/security/cve/CVE-2023-52817"
},
{
"category": "external",
"summary": "SUSE Bug 1225569 for CVE-2023-52817",
"url": "https://bugzilla.suse.com/1225569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52817"
},
{
"cve": "CVE-2023-52818",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52818"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for SMU7\n\nFor pptable structs that use flexible array sizes, use flexible arrays.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52818",
"url": "https://www.suse.com/security/cve/CVE-2023-52818"
},
{
"category": "external",
"summary": "SUSE Bug 1225530 for CVE-2023-52818",
"url": "https://bugzilla.suse.com/1225530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52818"
},
{
"cve": "CVE-2023-52819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga\n\nFor pptable structs that use flexible array sizes, use flexible arrays.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52819",
"url": "https://www.suse.com/security/cve/CVE-2023-52819"
},
{
"category": "external",
"summary": "SUSE Bug 1225532 for CVE-2023-52819",
"url": "https://bugzilla.suse.com/1225532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52819"
},
{
"cve": "CVE-2023-52821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel: fix a possible null pointer dereference\n\nIn versatile_panel_get_modes(), the return value of drm_mode_duplicate()\nis assigned to mode, which will lead to a NULL pointer dereference\non failure of drm_mode_duplicate(). Add a check to avoid npd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52821",
"url": "https://www.suse.com/security/cve/CVE-2023-52821"
},
{
"category": "external",
"summary": "SUSE Bug 1225022 for CVE-2023-52821",
"url": "https://bugzilla.suse.com/1225022"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52821"
},
{
"cve": "CVE-2023-52825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix a race condition of vram buffer unref in svm code\n\nprange-\u003esvm_bo unref can happen in both mmu callback and a callback after\nmigrate to system ram. Both are async call in different tasks. Sync svm_bo\nunref operation to avoid random \"use-after-free\".",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52825",
"url": "https://www.suse.com/security/cve/CVE-2023-52825"
},
{
"category": "external",
"summary": "SUSE Bug 1225076 for CVE-2023-52825",
"url": "https://bugzilla.suse.com/1225076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52825"
},
{
"cve": "CVE-2023-52826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panel/panel-tpo-tpg110: fix a possible null pointer dereference\n\nIn tpg110_get_modes(), the return value of drm_mode_duplicate() is\nassigned to mode, which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate(). Add a check to avoid npd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52826",
"url": "https://www.suse.com/security/cve/CVE-2023-52826"
},
{
"category": "external",
"summary": "SUSE Bug 1225077 for CVE-2023-52826",
"url": "https://bugzilla.suse.com/1225077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52826"
},
{
"cve": "CVE-2023-52827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52827"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats()\n\nlen is extracted from HTT message and could be an unexpected value in\ncase errors happen, so add validation before using to avoid possible\nout-of-bound read in the following message iteration and parsing.\n\nThe same issue also applies to ppdu_info-\u003eppdu_stats.common.num_users,\nso validate it before using too.\n\nThese are found during code review.\n\nCompile test only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52827",
"url": "https://www.suse.com/security/cve/CVE-2023-52827"
},
{
"category": "external",
"summary": "SUSE Bug 1225078 for CVE-2023-52827",
"url": "https://bugzilla.suse.com/1225078"
},
{
"category": "external",
"summary": "SUSE Bug 1227321 for CVE-2023-52827",
"url": "https://bugzilla.suse.com/1227321"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52827"
},
{
"cve": "CVE-2023-52829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps()\n\nreg_cap.phy_id is extracted from WMI event and could be an unexpected value\nin case some errors happen. As a result out-of-bound write may occur to\nsoc-\u003ehal_reg_cap. Fix it by validating reg_cap.phy_id before using it.\n\nThis is found during code review.\n\nCompile tested only.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52829",
"url": "https://www.suse.com/security/cve/CVE-2023-52829"
},
{
"category": "external",
"summary": "SUSE Bug 1225081 for CVE-2023-52829",
"url": "https://bugzilla.suse.com/1225081"
},
{
"category": "external",
"summary": "SUSE Bug 1227474 for CVE-2023-52829",
"url": "https://bugzilla.suse.com/1227474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52829"
},
{
"cve": "CVE-2023-52832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: don\u0027t return unset power in ieee80211_get_tx_power()\n\nWe can get a UBSAN warning if ieee80211_get_tx_power() returns the\nINT_MIN value mac80211 internally uses for \"unset power level\".\n\n UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5\n -2147483648 * 100 cannot be represented in type \u0027int\u0027\n CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE\n Call Trace:\n dump_stack+0x74/0x92\n ubsan_epilogue+0x9/0x50\n handle_overflow+0x8d/0xd0\n __ubsan_handle_mul_overflow+0xe/0x10\n nl80211_send_iface+0x688/0x6b0 [cfg80211]\n [...]\n cfg80211_register_wdev+0x78/0xb0 [cfg80211]\n cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211]\n [...]\n ieee80211_if_add+0x60e/0x8f0 [mac80211]\n ieee80211_register_hw+0xda5/0x1170 [mac80211]\n\nIn this case, simply return an error instead, to indicate\nthat no data is available.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52832",
"url": "https://www.suse.com/security/cve/CVE-2023-52832"
},
{
"category": "external",
"summary": "SUSE Bug 1225577 for CVE-2023-52832",
"url": "https://bugzilla.suse.com/1225577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52832"
},
{
"cve": "CVE-2023-52833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btusb: Add date-\u003eevt_skb is NULL check\n\nfix crash because of null pointers\n\n[ 6104.969662] BUG: kernel NULL pointer dereference, address: 00000000000000c8\n[ 6104.969667] #PF: supervisor read access in kernel mode\n[ 6104.969668] #PF: error_code(0x0000) - not-present page\n[ 6104.969670] PGD 0 P4D 0\n[ 6104.969673] Oops: 0000 [#1] SMP NOPTI\n[ 6104.969684] RIP: 0010:btusb_mtk_hci_wmt_sync+0x144/0x220 [btusb]\n[ 6104.969688] RSP: 0018:ffffb8d681533d48 EFLAGS: 00010246\n[ 6104.969689] RAX: 0000000000000000 RBX: ffff8ad560bb2000 RCX: 0000000000000006\n[ 6104.969691] RDX: 0000000000000000 RSI: ffffb8d681533d08 RDI: 0000000000000000\n[ 6104.969692] RBP: ffffb8d681533d70 R08: 0000000000000001 R09: 0000000000000001\n[ 6104.969694] R10: 0000000000000001 R11: 00000000fa83b2da R12: ffff8ad461d1d7c0\n[ 6104.969695] R13: 0000000000000000 R14: ffff8ad459618c18 R15: ffffb8d681533d90\n[ 6104.969697] FS: 00007f5a1cab9d40(0000) GS:ffff8ad578200000(0000) knlGS:00000\n[ 6104.969699] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 6104.969700] CR2: 00000000000000c8 CR3: 000000018620c001 CR4: 0000000000760ef0\n[ 6104.969701] PKRU: 55555554\n[ 6104.969702] Call Trace:\n[ 6104.969708] btusb_mtk_shutdown+0x44/0x80 [btusb]\n[ 6104.969732] hci_dev_do_close+0x470/0x5c0 [bluetooth]\n[ 6104.969748] hci_rfkill_set_block+0x56/0xa0 [bluetooth]\n[ 6104.969753] rfkill_set_block+0x92/0x160\n[ 6104.969755] rfkill_fop_write+0x136/0x1e0\n[ 6104.969759] __vfs_write+0x18/0x40\n[ 6104.969761] vfs_write+0xdf/0x1c0\n[ 6104.969763] ksys_write+0xb1/0xe0\n[ 6104.969765] __x64_sys_write+0x1a/0x20\n[ 6104.969769] do_syscall_64+0x51/0x180\n[ 6104.969771] entry_SYSCALL_64_after_hwframe+0x44/0xa9\n[ 6104.969773] RIP: 0033:0x7f5a21f18fef\n[ 6104.9] RSP: 002b:00007ffeefe39010 EFLAGS: 00000293 ORIG_RAX: 0000000000000001\n[ 6104.969780] RAX: ffffffffffffffda RBX: 000055c10a7560a0 RCX: 00007f5a21f18fef\n[ 6104.969781] RDX: 0000000000000008 RSI: 00007ffeefe39060 RDI: 0000000000000012\n[ 6104.969782] RBP: 00007ffeefe39060 R08: 0000000000000000 R09: 0000000000000017\n[ 6104.969784] R10: 00007ffeefe38d97 R11: 0000000000000293 R12: 0000000000000002\n[ 6104.969785] R13: 00007ffeefe39220 R14: 00007ffeefe391a0 R15: 000055c10a72acf0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52833",
"url": "https://www.suse.com/security/cve/CVE-2023-52833"
},
{
"category": "external",
"summary": "SUSE Bug 1225595 for CVE-2023-52833",
"url": "https://bugzilla.suse.com/1225595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52833"
},
{
"cve": "CVE-2023-52834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\natl1c: Work around the DMA RX overflow issue\n\nThis is based on alx driver commit 881d0327db37 (\"net: alx: Work around\nthe DMA RX overflow issue\").\n\nThe alx and atl1c drivers had RX overflow error which was why a custom\nallocator was created to avoid certain addresses. The simpler workaround\nthen created for alx driver, but not for atl1c due to lack of tester.\n\nInstead of using a custom allocator, check the allocated skb address and\nuse skb_reserve() to move away from problematic 0x...fc0 address.\n\nTested on AR8131 on Acer 4540.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52834",
"url": "https://www.suse.com/security/cve/CVE-2023-52834"
},
{
"category": "external",
"summary": "SUSE Bug 1225599 for CVE-2023-52834",
"url": "https://bugzilla.suse.com/1225599"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52834"
},
{
"cve": "CVE-2023-52835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nperf/core: Bail out early if the request AUX area is out of bound\n\nWhen perf-record with a large AUX area, e.g 4GB, it fails with:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)\n\nand it reveals a WARNING with __alloc_pages():\n\n\t------------[ cut here ]------------\n\tWARNING: CPU: 44 PID: 17573 at mm/page_alloc.c:5568 __alloc_pages+0x1ec/0x248\n\tCall trace:\n\t __alloc_pages+0x1ec/0x248\n\t __kmalloc_large_node+0xc0/0x1f8\n\t __kmalloc_node+0x134/0x1e8\n\t rb_alloc_aux+0xe0/0x298\n\t perf_mmap+0x440/0x660\n\t mmap_region+0x308/0x8a8\n\t do_mmap+0x3c0/0x528\n\t vm_mmap_pgoff+0xf4/0x1b8\n\t ksys_mmap_pgoff+0x18c/0x218\n\t __arm64_sys_mmap+0x38/0x58\n\t invoke_syscall+0x50/0x128\n\t el0_svc_common.constprop.0+0x58/0x188\n\t do_el0_svc+0x34/0x50\n\t el0_svc+0x34/0x108\n\t el0t_64_sync_handler+0xb8/0xc0\n\t el0t_64_sync+0x1a4/0x1a8\n\n\u0027rb-\u003eaux_pages\u0027 allocated by kcalloc() is a pointer array which is used to\nmaintains AUX trace pages. The allocated page for this array is physically\ncontiguous (and virtually contiguous) with an order of 0..MAX_ORDER. If the\nsize of pointer array crosses the limitation set by MAX_ORDER, it reveals a\nWARNING.\n\nSo bail out early with -ENOMEM if the request AUX area is out of bound,\ne.g.:\n\n #perf record -C 0 -m ,4G -e arm_spe_0// -- sleep 1\n failed to mmap with 12 (Cannot allocate memory)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52835",
"url": "https://www.suse.com/security/cve/CVE-2023-52835"
},
{
"category": "external",
"summary": "SUSE Bug 1225602 for CVE-2023-52835",
"url": "https://bugzilla.suse.com/1225602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52835"
},
{
"cve": "CVE-2023-52836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlocking/ww_mutex/test: Fix potential workqueue corruption\n\nIn some cases running with the test-ww_mutex code, I was seeing\nodd behavior where sometimes it seemed flush_workqueue was\nreturning before all the work threads were finished.\n\nOften this would cause strange crashes as the mutexes would be\nfreed while they were being used.\n\nLooking at the code, there is a lifetime problem as the\ncontrolling thread that spawns the work allocates the\n\"struct stress\" structures that are passed to the workqueue\nthreads. Then when the workqueue threads are finished,\nthey free the stress struct that was passed to them.\n\nUnfortunately the workqueue work_struct node is in the stress\nstruct. Which means the work_struct is freed before the work\nthread returns and while flush_workqueue is waiting.\n\nIt seems like a better idea to have the controlling thread\nboth allocate and free the stress structures, so that we can\nbe sure we don\u0027t corrupt the workqueue by freeing the structure\nprematurely.\n\nSo this patch reworks the test to do so, and with this change\nI no longer see the early flush_workqueue returns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52836",
"url": "https://www.suse.com/security/cve/CVE-2023-52836"
},
{
"category": "external",
"summary": "SUSE Bug 1225609 for CVE-2023-52836",
"url": "https://bugzilla.suse.com/1225609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2023-52836"
},
{
"cve": "CVE-2023-52837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52837"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: fix uaf in nbd_open\n\nCommit 4af5f2e03013 (\"nbd: use blk_mq_alloc_disk and\nblk_cleanup_disk\") cleans up disk by blk_cleanup_disk() and it won\u0027t set\ndisk-\u003eprivate_data as NULL as before. UAF may be triggered in nbd_open()\nif someone tries to open nbd device right after nbd_put() since nbd has\nbeen free in nbd_dev_remove().\n\nFix this by implementing -\u003efree_disk and free private data in it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52837",
"url": "https://www.suse.com/security/cve/CVE-2023-52837"
},
{
"category": "external",
"summary": "SUSE Bug 1224935 for CVE-2023-52837",
"url": "https://bugzilla.suse.com/1224935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52837"
},
{
"cve": "CVE-2023-52838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: imsttfb: fix a resource leak in probe\n\nI\u0027ve re-written the error handling but the bug is that if init_imstt()\nfails we need to call iounmap(par-\u003ecmap_regs).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52838",
"url": "https://www.suse.com/security/cve/CVE-2023-52838"
},
{
"category": "external",
"summary": "SUSE Bug 1225031 for CVE-2023-52838",
"url": "https://bugzilla.suse.com/1225031"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2023-52838"
},
{
"cve": "CVE-2023-52840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: synaptics-rmi4 - fix use after free in rmi_unregister_function()\n\nThe put_device() calls rmi_release_function() which frees \"fn\" so the\ndereference on the next line \"fn-\u003enum_of_irqs\" is a use after free.\nMove the put_device() to the end to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52840",
"url": "https://www.suse.com/security/cve/CVE-2023-52840"
},
{
"category": "external",
"summary": "SUSE Bug 1224928 for CVE-2023-52840",
"url": "https://bugzilla.suse.com/1224928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52840"
},
{
"cve": "CVE-2023-52841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: mux: Add check and kfree for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference.\nMoreover, use kfree() in the later error handling in order to avoid\nmemory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52841",
"url": "https://www.suse.com/security/cve/CVE-2023-52841"
},
{
"category": "external",
"summary": "SUSE Bug 1225592 for CVE-2023-52841",
"url": "https://bugzilla.suse.com/1225592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52841"
},
{
"cve": "CVE-2023-52842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio/vsock: Fix uninit-value in virtio_transport_recv_pkt()\n\nKMSAN reported the following uninit-value access issue:\n\n=====================================================\nBUG: KMSAN: uninit-value in virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421\n virtio_transport_recv_pkt+0x1dfb/0x26a0 net/vmw_vsock/virtio_transport_common.c:1421\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nUninit was stored to memory at:\n virtio_transport_space_update net/vmw_vsock/virtio_transport_common.c:1274 [inline]\n virtio_transport_recv_pkt+0x1ee8/0x26a0 net/vmw_vsock/virtio_transport_common.c:1415\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nUninit was created at:\n slab_post_alloc_hook+0x105/0xad0 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5a2/0xaf0 mm/slub.c:3523\n kmalloc_reserve+0x13c/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x2fd/0x770 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n virtio_vsock_alloc_skb include/linux/virtio_vsock.h:66 [inline]\n virtio_transport_alloc_skb+0x90/0x11e0 net/vmw_vsock/virtio_transport_common.c:58\n virtio_transport_reset_no_sock net/vmw_vsock/virtio_transport_common.c:957 [inline]\n virtio_transport_recv_pkt+0x1279/0x26a0 net/vmw_vsock/virtio_transport_common.c:1387\n vsock_loopback_work+0x3bb/0x5a0 net/vmw_vsock/vsock_loopback.c:120\n process_one_work kernel/workqueue.c:2630 [inline]\n process_scheduled_works+0xff6/0x1e60 kernel/workqueue.c:2703\n worker_thread+0xeca/0x14d0 kernel/workqueue.c:2784\n kthread+0x3cc/0x520 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304\n\nCPU: 1 PID: 10664 Comm: kworker/1:5 Not tainted 6.6.0-rc3-00146-g9f3ebbef746f #3\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-1.fc38 04/01/2014\nWorkqueue: vsock-loopback vsock_loopback_work\n=====================================================\n\nThe following simple reproducer can cause the issue described above:\n\nint main(void)\n{\n int sock;\n struct sockaddr_vm addr = {\n .svm_family = AF_VSOCK,\n .svm_cid = VMADDR_CID_ANY,\n .svm_port = 1234,\n };\n\n sock = socket(AF_VSOCK, SOCK_STREAM, 0);\n connect(sock, (struct sockaddr *)\u0026addr, sizeof(addr));\n return 0;\n}\n\nThis issue occurs because the `buf_alloc` and `fwd_cnt` fields of the\n`struct virtio_vsock_hdr` are not initialized when a new skb is allocated\nin `virtio_transport_init_hdr()`. This patch resolves the issue by\ninitializing these fields during allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52842",
"url": "https://www.suse.com/security/cve/CVE-2023-52842"
},
{
"category": "external",
"summary": "SUSE Bug 1225025 for CVE-2023-52842",
"url": "https://bugzilla.suse.com/1225025"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52842"
},
{
"cve": "CVE-2023-52843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: verify mac len before reading mac header\n\nLLC reads the mac header with eth_hdr without verifying that the skb\nhas an Ethernet header.\n\nSyzbot was able to enter llc_rcv on a tun device. Tun can insert\npackets without mac len and with user configurable skb-\u003eprotocol\n(passing a tun_pi header when not configuring IFF_NO_PI).\n\n BUG: KMSAN: uninit-value in llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n BUG: KMSAN: uninit-value in llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_station_ac_send_test_r net/llc/llc_station.c:81 [inline]\n llc_station_rcv+0x6fb/0x1290 net/llc/llc_station.c:111\n llc_rcv+0xc5d/0x14a0 net/llc/llc_input.c:218\n __netif_receive_skb_one_core net/core/dev.c:5523 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5637\n netif_receive_skb_internal net/core/dev.c:5723 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5782\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x54c5/0x69c0 drivers/net/tun.c:2002\n\nAdd a mac_len test before all three eth_hdr(skb) calls under net/llc.\n\nThere are further uses in include/net/llc_pdu.h. All these are\nprotected by a test skb-\u003eprotocol == ETH_P_802_2. Which does not\nprotect against this tun scenario.\n\nBut the mac_len test added in this patch in llc_fixup_skb will\nindirectly protect those too. That is called from llc_rcv before any\nother LLC code.\n\nIt is tempting to just add a blanket mac_len check in llc_rcv, but\nnot sure whether that could break valid LLC paths that do not assume\nan Ethernet header. 802.2 LLC may be used on top of non-802.3\nprotocols in principle. The below referenced commit shows that used\nto, on top of Token Ring.\n\nAt least one of the three eth_hdr uses goes back to before the start\nof git history. But the one that syzbot exercises is introduced in\nthis commit. That commit is old enough (2008), that effectively all\nstable kernels should receive this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52843",
"url": "https://www.suse.com/security/cve/CVE-2023-52843"
},
{
"category": "external",
"summary": "SUSE Bug 1224951 for CVE-2023-52843",
"url": "https://bugzilla.suse.com/1224951"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52843"
},
{
"cve": "CVE-2023-52844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: vidtv: psi: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52844",
"url": "https://www.suse.com/security/cve/CVE-2023-52844"
},
{
"category": "external",
"summary": "SUSE Bug 1225590 for CVE-2023-52844",
"url": "https://bugzilla.suse.com/1225590"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52844"
},
{
"cve": "CVE-2023-52845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Change nla_policy for bearer-related names to NLA_NUL_STRING\n\nsyzbot reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in strlen lib/string.c:418 [inline]\nBUG: KMSAN: uninit-value in strstr+0xb8/0x2f0 lib/string.c:756\n strlen lib/string.c:418 [inline]\n strstr+0xb8/0x2f0 lib/string.c:756\n tipc_nl_node_reset_link_stats+0x3ea/0xb50 net/tipc/node.c:2595\n genl_family_rcv_msg_doit net/netlink/genetlink.c:971 [inline]\n genl_family_rcv_msg net/netlink/genetlink.c:1051 [inline]\n genl_rcv_msg+0x11ec/0x1290 net/netlink/genetlink.c:1066\n netlink_rcv_skb+0x371/0x650 net/netlink/af_netlink.c:2545\n genl_rcv+0x40/0x60 net/netlink/genetlink.c:1075\n netlink_unicast_kernel net/netlink/af_netlink.c:1342 [inline]\n netlink_unicast+0xf47/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nUninit was created at:\n slab_post_alloc_hook+0x12f/0xb70 mm/slab.h:767\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x577/0xa80 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:559\n __alloc_skb+0x318/0x740 net/core/skbuff.c:650\n alloc_skb include/linux/skbuff.h:1286 [inline]\n netlink_alloc_large_skb net/netlink/af_netlink.c:1214 [inline]\n netlink_sendmsg+0xb34/0x13d0 net/netlink/af_netlink.c:1885\n sock_sendmsg_nosec net/socket.c:730 [inline]\n sock_sendmsg net/socket.c:753 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2541\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2595\n __sys_sendmsg net/socket.c:2624 [inline]\n __do_sys_sendmsg net/socket.c:2633 [inline]\n __se_sys_sendmsg net/socket.c:2631 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2631\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nTIPC bearer-related names including link names must be null-terminated\nstrings. If a link name which is not null-terminated is passed through\nnetlink, strstr() and similar functions can cause buffer overrun. This\ncauses the above issue.\n\nThis patch changes the nla_policy for bearer-related names from NLA_STRING\nto NLA_NUL_STRING. This resolves the issue by ensuring that only\nnull-terminated strings are accepted as bearer-related names.\n\nsyzbot reported similar uninit-value issue related to bearer names [2]. The\nroot cause of this issue is that a non-null-terminated bearer name was\npassed. This patch also resolved this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52845",
"url": "https://www.suse.com/security/cve/CVE-2023-52845"
},
{
"category": "external",
"summary": "SUSE Bug 1225585 for CVE-2023-52845",
"url": "https://bugzilla.suse.com/1225585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52845"
},
{
"cve": "CVE-2023-52846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Prevent use after free in prp_create_tagged_frame()\n\nThe prp_fill_rct() function can fail. In that situation, it frees the\nskb and returns NULL. Meanwhile on the success path, it returns the\noriginal skb. So it\u0027s straight forward to fix bug by using the returned\nvalue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52846",
"url": "https://www.suse.com/security/cve/CVE-2023-52846"
},
{
"category": "external",
"summary": "SUSE Bug 1225098 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225098"
},
{
"category": "external",
"summary": "SUSE Bug 1225099 for CVE-2023-52846",
"url": "https://bugzilla.suse.com/1225099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52846"
},
{
"cve": "CVE-2023-52847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: bttv: fix use after free error due to btv-\u003etimeout timer\n\nThere may be some a race condition between timer function\nbttv_irq_timeout and bttv_remove. The timer is setup in\nprobe and there is no timer_delete operation in remove\nfunction. When it hit kfree btv, the function might still be\ninvoked, which will cause use after free bug.\n\nThis bug is found by static analysis, it may be false positive.\n\nFix it by adding del_timer_sync invoking to the remove function.\n\ncpu0 cpu1\n bttv_probe\n -\u003etimer_setup\n -\u003ebttv_set_dma\n -\u003emod_timer;\nbttv_remove\n -\u003ekfree(btv);\n -\u003ebttv_irq_timeout\n -\u003eUSE btv",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52847",
"url": "https://www.suse.com/security/cve/CVE-2023-52847"
},
{
"category": "external",
"summary": "SUSE Bug 1225588 for CVE-2023-52847",
"url": "https://bugzilla.suse.com/1225588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52847"
},
{
"cve": "CVE-2023-52849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mem: Fix shutdown order\n\nIra reports that removing cxl_mock_mem causes a crash with the following\ntrace:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000044\n [..]\n RIP: 0010:cxl_region_decode_reset+0x7f/0x180 [cxl_core]\n [..]\n Call Trace:\n \u003cTASK\u003e\n cxl_region_detach+0xe8/0x210 [cxl_core]\n cxl_decoder_kill_region+0x27/0x40 [cxl_core]\n cxld_unregister+0x29/0x40 [cxl_core]\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1d2/0x210\n bus_remove_device+0xd7/0x150\n device_del+0x155/0x3e0\n device_unregister+0x13/0x60\n devm_release_action+0x4d/0x90\n ? __pfx_unregister_port+0x10/0x10 [cxl_core]\n delete_endpoint+0x121/0x130 [cxl_core]\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1d2/0x210\n bus_remove_device+0xd7/0x150\n device_del+0x155/0x3e0\n ? lock_release+0x142/0x290\n cdev_device_del+0x15/0x50\n cxl_memdev_unregister+0x54/0x70 [cxl_core]\n\nThis crash is due to the clearing out the cxl_memdev\u0027s driver context\n(@cxlds) before the subsystem is done with it. This is ultimately due to\nthe region(s), that this memdev is a member, being torn down and expecting\nto be able to de-reference @cxlds, like here:\n\nstatic int cxl_region_decode_reset(struct cxl_region *cxlr, int count)\n...\n if (cxlds-\u003ercd)\n goto endpoint_reset;\n...\n\nFix it by keeping the driver context valid until memdev-device\nunregistration, and subsequently the entire stack of related\ndependencies, unwinds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52849",
"url": "https://www.suse.com/security/cve/CVE-2023-52849"
},
{
"category": "external",
"summary": "SUSE Bug 1224949 for CVE-2023-52849",
"url": "https://bugzilla.suse.com/1224949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52849"
},
{
"cve": "CVE-2023-52850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: hantro: Check whether reset op is defined before use\n\nThe i.MX8MM/N/P does not define the .reset op since reset of the VPU is\ndone by genpd. Check whether the .reset op is defined before calling it\nto avoid NULL pointer dereference.\n\nNote that the Fixes tag is set to the commit which removed the reset op\nfrom i.MX8M Hantro G2 implementation, this is because before this commit\nall the implementations did define the .reset op.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52850",
"url": "https://www.suse.com/security/cve/CVE-2023-52850"
},
{
"category": "external",
"summary": "SUSE Bug 1225014 for CVE-2023-52850",
"url": "https://bugzilla.suse.com/1225014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52850"
},
{
"cve": "CVE-2023-52851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nIB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF\n\nIn the unlikely event that workqueue allocation fails and returns NULL in\nmlx5_mkey_cache_init(), delete the call to\nmlx5r_umr_resource_cleanup() (which frees the QP) in\nmlx5_ib_stage_post_ib_reg_umr_init(). This will avoid attempted double\nfree of the same QP when __mlx5_ib_add() does its cleanup.\n\nResolves a splat:\n\n Syzkaller reported a UAF in ib_destroy_qp_user\n\n workqueue: Failed to create a rescuer kthread for wq \"mkey_cache\": -EINTR\n infiniband mlx5_0: mlx5_mkey_cache_init:981:(pid 1642):\n failed to create work queue\n infiniband mlx5_0: mlx5_ib_stage_post_ib_reg_umr_init:4075:(pid 1642):\n mr cache init failed -12\n ==================================================================\n BUG: KASAN: slab-use-after-free in ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2073)\n Read of size 8 at addr ffff88810da310a8 by task repro_upstream/1642\n\n Call Trace:\n \u003cTASK\u003e\n kasan_report (mm/kasan/report.c:590)\n ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2073)\n mlx5r_umr_resource_cleanup (drivers/infiniband/hw/mlx5/umr.c:198)\n __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4178)\n mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n ...\n \u003c/TASK\u003e\n\n Allocated by task 1642:\n __kmalloc (./include/linux/kasan.h:198 mm/slab_common.c:1026\n mm/slab_common.c:1039)\n create_qp (./include/linux/slab.h:603 ./include/linux/slab.h:720\n ./include/rdma/ib_verbs.h:2795 drivers/infiniband/core/verbs.c:1209)\n ib_create_qp_kernel (drivers/infiniband/core/verbs.c:1347)\n mlx5r_umr_resource_init (drivers/infiniband/hw/mlx5/umr.c:164)\n mlx5_ib_stage_post_ib_reg_umr_init (drivers/infiniband/hw/mlx5/main.c:4070)\n __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4168)\n mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n ...\n\n Freed by task 1642:\n __kmem_cache_free (mm/slub.c:1826 mm/slub.c:3809 mm/slub.c:3822)\n ib_destroy_qp_user (drivers/infiniband/core/verbs.c:2112)\n mlx5r_umr_resource_cleanup (drivers/infiniband/hw/mlx5/umr.c:198)\n mlx5_ib_stage_post_ib_reg_umr_init (drivers/infiniband/hw/mlx5/main.c:4076\n drivers/infiniband/hw/mlx5/main.c:4065)\n __mlx5_ib_add (drivers/infiniband/hw/mlx5/main.c:4168)\n mlx5r_probe (drivers/infiniband/hw/mlx5/main.c:4402)\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52851",
"url": "https://www.suse.com/security/cve/CVE-2023-52851"
},
{
"category": "external",
"summary": "SUSE Bug 1225587 for CVE-2023-52851",
"url": "https://bugzilla.suse.com/1225587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52851"
},
{
"cve": "CVE-2023-52853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhid: cp2112: Fix duplicate workqueue initialization\n\nPreviously the cp2112 driver called INIT_DELAYED_WORK within\ncp2112_gpio_irq_startup, resulting in duplicate initilizations of the\nworkqueue on subsequent IRQ startups following an initial request. This\nresulted in a warning in set_work_data in workqueue.c, as well as a rare\nNULL dereference within process_one_work in workqueue.c.\n\nInitialize the workqueue within _probe instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52853",
"url": "https://www.suse.com/security/cve/CVE-2023-52853"
},
{
"category": "external",
"summary": "SUSE Bug 1224988 for CVE-2023-52853",
"url": "https://bugzilla.suse.com/1224988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52853"
},
{
"cve": "CVE-2023-52854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npadata: Fix refcnt handling in padata_free_shell()\n\nIn a high-load arm64 environment, the pcrypt_aead01 test in LTP can lead\nto system UAF (Use-After-Free) issues. Due to the lengthy analysis of\nthe pcrypt_aead01 function call, I\u0027ll describe the problem scenario\nusing a simplified model:\n\nSuppose there\u0027s a user of padata named `user_function` that adheres to\nthe padata requirement of calling `padata_free_shell` after `serial()`\nhas been invoked, as demonstrated in the following code:\n\n```c\nstruct request {\n struct padata_priv padata;\n struct completion *done;\n};\n\nvoid parallel(struct padata_priv *padata) {\n do_something();\n}\n\nvoid serial(struct padata_priv *padata) {\n struct request *request = container_of(padata,\n \t\t\t\tstruct request,\n\t\t\t\tpadata);\n complete(request-\u003edone);\n}\n\nvoid user_function() {\n DECLARE_COMPLETION(done)\n padata-\u003eparallel = parallel;\n padata-\u003eserial = serial;\n padata_do_parallel();\n wait_for_completion(\u0026done);\n padata_free_shell();\n}\n```\n\nIn the corresponding padata.c file, there\u0027s the following code:\n\n```c\nstatic void padata_serial_worker(struct work_struct *serial_work) {\n ...\n cnt = 0;\n\n while (!list_empty(\u0026local_list)) {\n ...\n padata-\u003eserial(padata);\n cnt++;\n }\n\n local_bh_enable();\n\n if (refcount_sub_and_test(cnt, \u0026pd-\u003erefcnt))\n padata_free_pd(pd);\n}\n```\n\nBecause of the high system load and the accumulation of unexecuted\nsoftirq at this moment, `local_bh_enable()` in padata takes longer\nto execute than usual. Subsequently, when accessing `pd-\u003erefcnt`,\n`pd` has already been released by `padata_free_shell()`, resulting\nin a UAF issue with `pd-\u003erefcnt`.\n\nThe fix is straightforward: add `refcount_dec_and_test` before calling\n`padata_free_pd` in `padata_free_shell`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52854",
"url": "https://www.suse.com/security/cve/CVE-2023-52854"
},
{
"category": "external",
"summary": "SUSE Bug 1225584 for CVE-2023-52854",
"url": "https://bugzilla.suse.com/1225584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52854"
},
{
"cve": "CVE-2023-52855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: fix possible NULL pointer dereference caused by driver concurrency\n\nIn _dwc2_hcd_urb_enqueue(), \"urb-\u003ehcpriv = NULL\" is executed without\nholding the lock \"hsotg-\u003elock\". In _dwc2_hcd_urb_dequeue():\n\n spin_lock_irqsave(\u0026hsotg-\u003elock, flags);\n ...\n\tif (!urb-\u003ehcpriv) {\n\t\tdev_dbg(hsotg-\u003edev, \"## urb-\u003ehcpriv is NULL ##\\n\");\n\t\tgoto out;\n\t}\n rc = dwc2_hcd_urb_dequeue(hsotg, urb-\u003ehcpriv); // Use urb-\u003ehcpriv\n ...\nout:\n spin_unlock_irqrestore(\u0026hsotg-\u003elock, flags);\n\nWhen _dwc2_hcd_urb_enqueue() and _dwc2_hcd_urb_dequeue() are\nconcurrently executed, the NULL check of \"urb-\u003ehcpriv\" can be executed\nbefore \"urb-\u003ehcpriv = NULL\". After urb-\u003ehcpriv is NULL, it can be used\nin the function call to dwc2_hcd_urb_dequeue(), which can cause a NULL\npointer dereference.\n\nThis possible bug is found by an experimental static analysis tool\ndeveloped by myself. This tool analyzes the locking APIs to extract\nfunction pairs that can be concurrently executed, and then analyzes the\ninstructions in the paired functions to identify possible concurrency\nbugs including data races and atomicity violations. The above possible\nbug is reported, when my tool analyzes the source code of Linux 6.5.\n\nTo fix this possible bug, \"urb-\u003ehcpriv = NULL\" should be executed with\nholding the lock \"hsotg-\u003elock\". After using this patch, my tool never\nreports the possible bug, with the kernelconfiguration allyesconfig for\nx86_64. Because I have no associated hardware, I cannot test the patch\nin runtime testing, and just verify it according to the code logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52855",
"url": "https://www.suse.com/security/cve/CVE-2023-52855"
},
{
"category": "external",
"summary": "SUSE Bug 1225583 for CVE-2023-52855",
"url": "https://bugzilla.suse.com/1225583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52855"
},
{
"cve": "CVE-2023-52856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: lt8912b: Fix crash on bridge detach\n\nThe lt8912b driver, in its bridge detach function, calls\ndrm_connector_unregister() and drm_connector_cleanup().\n\ndrm_connector_unregister() should be called only for connectors\nexplicitly registered with drm_connector_register(), which is not the\ncase in lt8912b.\n\nThe driver\u0027s drm_connector_funcs.destroy hook is set to\ndrm_connector_cleanup().\n\nThus the driver should not call either drm_connector_unregister() nor\ndrm_connector_cleanup() in its lt8912_bridge_detach(), as they cause a\ncrash on bridge detach:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\nMem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x06: level 2 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000006, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=00000000858f3000\n[0000000000000000] pgd=0800000085918003, p4d=0800000085918003, pud=0800000085431003, pmd=0000000000000000\nInternal error: Oops: 0000000096000006 [#1] PREEMPT SMP\nModules linked in: tidss(-) display_connector lontium_lt8912b tc358768 panel_lvds panel_simple drm_dma_helper drm_kms_helper drm drm_panel_orientation_quirks\nCPU: 3 PID: 462 Comm: rmmod Tainted: G W 6.5.0-rc2+ #2\nHardware name: Toradex Verdin AM62 on Verdin Development Board (DT)\npstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : drm_connector_cleanup+0x78/0x2d4 [drm]\nlr : lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b]\nsp : ffff800082ed3a90\nx29: ffff800082ed3a90 x28: ffff0000040c1940 x27: 0000000000000000\nx26: 0000000000000000 x25: dead000000000122 x24: dead000000000122\nx23: dead000000000100 x22: ffff000003fb6388 x21: 0000000000000000\nx20: 0000000000000000 x19: ffff000003fb6260 x18: fffffffffffe56e8\nx17: 0000000000000000 x16: 0010000000000000 x15: 0000000000000038\nx14: 0000000000000000 x13: ffff800081914b48 x12: 000000000000040e\nx11: 000000000000015a x10: ffff80008196ebb8 x9 : ffff800081914b48\nx8 : 00000000ffffefff x7 : ffff0000040c1940 x6 : ffff80007aa649d0\nx5 : 0000000000000000 x4 : 0000000000000001 x3 : ffff80008159e008\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\nCall trace:\n drm_connector_cleanup+0x78/0x2d4 [drm]\n lt8912_bridge_detach+0x54/0x6c [lontium_lt8912b]\n drm_bridge_detach+0x44/0x84 [drm]\n drm_encoder_cleanup+0x40/0xb8 [drm]\n drmm_encoder_alloc_release+0x1c/0x30 [drm]\n drm_managed_release+0xac/0x148 [drm]\n drm_dev_put.part.0+0x88/0xb8 [drm]\n devm_drm_dev_init_release+0x14/0x24 [drm]\n devm_action_release+0x14/0x20\n release_nodes+0x5c/0x90\n devres_release_all+0x8c/0xe0\n device_unbind_cleanup+0x18/0x68\n device_release_driver_internal+0x208/0x23c\n driver_detach+0x4c/0x94\n bus_remove_driver+0x70/0xf4\n driver_unregister+0x30/0x60\n platform_driver_unregister+0x14/0x20\n tidss_platform_driver_exit+0x18/0xb2c [tidss]\n __arm64_sys_delete_module+0x1a0/0x2b4\n invoke_syscall+0x48/0x110\n el0_svc_common.constprop.0+0x60/0x10c\n do_el0_svc_compat+0x1c/0x40\n el0_svc_compat+0x40/0xac\n el0t_32_sync_handler+0xb0/0x138\n el0t_32_sync+0x194/0x198\nCode: 9104a276 f2fbd5b7 aa0203e1 91008af8 (f85c0420)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52856",
"url": "https://www.suse.com/security/cve/CVE-2023-52856"
},
{
"category": "external",
"summary": "SUSE Bug 1224932 for CVE-2023-52856",
"url": "https://bugzilla.suse.com/1224932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52856"
},
{
"cve": "CVE-2023-52857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Fix coverity issue with unintentional integer overflow\n\n1. Instead of multiplying 2 variable of different types. Change to\nassign a value of one variable and then multiply the other variable.\n\n2. Add a int variable for multiplier calculation instead of calculating\ndifferent types multiplier with dma_addr_t variable directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52857",
"url": "https://www.suse.com/security/cve/CVE-2023-52857"
},
{
"category": "external",
"summary": "SUSE Bug 1225581 for CVE-2023-52857",
"url": "https://bugzilla.suse.com/1225581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52857"
},
{
"cve": "CVE-2023-52858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52858",
"url": "https://www.suse.com/security/cve/CVE-2023-52858"
},
{
"category": "external",
"summary": "SUSE Bug 1225566 for CVE-2023-52858",
"url": "https://bugzilla.suse.com/1225566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52858"
},
{
"cve": "CVE-2023-52860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process\n\nWhen tearing down a \u0027hisi_hns3\u0027 PMU, we mistakenly run the CPU hotplug\ncallbacks after the device has been unregistered, leading to fireworks\nwhen we try to execute empty function callbacks within the driver:\n\n | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n | CPU: 0 PID: 15 Comm: cpuhp/0 Tainted: G W O 5.12.0-rc4+ #1\n | Hardware name: , BIOS KpxxxFPGA 1P B600 V143 04/22/2021\n | pstate: 80400009 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\n | pc : perf_pmu_migrate_context+0x98/0x38c\n | lr : perf_pmu_migrate_context+0x94/0x38c\n |\n | Call trace:\n | perf_pmu_migrate_context+0x98/0x38c\n | hisi_hns3_pmu_offline_cpu+0x104/0x12c [hisi_hns3_pmu]\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don\u0027t execute after\nthe PMU device has been unregistered.\n\n[will: Rewrote commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52860",
"url": "https://www.suse.com/security/cve/CVE-2023-52860"
},
{
"category": "external",
"summary": "SUSE Bug 1224936 for CVE-2023-52860",
"url": "https://bugzilla.suse.com/1224936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52860"
},
{
"cve": "CVE-2023-52861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: it66121: Fix invalid connector dereference\n\nFix the NULL pointer dereference when no monitor is connected, and the\nsound card is opened from userspace.\n\nInstead return an empty buffer (of zeroes) as the EDID information to\nthe sound framework if there is no connector attached.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52861",
"url": "https://www.suse.com/security/cve/CVE-2023-52861"
},
{
"category": "external",
"summary": "SUSE Bug 1224941 for CVE-2023-52861",
"url": "https://bugzilla.suse.com/1224941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52861"
},
{
"cve": "CVE-2023-52862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix null pointer dereference in error message\n\nThis patch fixes a null pointer dereference in the error message that is\nprinted when the Display Core (DC) fails to initialize. The original\nmessage includes the DC version number, which is undefined if the DC is\nnot initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52862",
"url": "https://www.suse.com/security/cve/CVE-2023-52862"
},
{
"category": "external",
"summary": "SUSE Bug 1225015 for CVE-2023-52862",
"url": "https://bugzilla.suse.com/1225015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52862"
},
{
"cve": "CVE-2023-52863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhwmon: (axi-fan-control) Fix possible NULL pointer dereference\n\naxi_fan_control_irq_handler(), dependent on the private\naxi_fan_control_data structure, might be called before the hwmon\ndevice is registered. That will cause an \"Unable to handle kernel\nNULL pointer dereference\" error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52863",
"url": "https://www.suse.com/security/cve/CVE-2023-52863"
},
{
"category": "external",
"summary": "SUSE Bug 1225586 for CVE-2023-52863",
"url": "https://bugzilla.suse.com/1225586"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52863"
},
{
"cve": "CVE-2023-52864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: wmi: Fix opening of char device\n\nSince commit fa1f68db6ca7 (\"drivers: misc: pass miscdevice pointer via\nfile private data\"), the miscdevice stores a pointer to itself inside\nfilp-\u003eprivate_data, which means that private_data will not be NULL when\nwmi_char_open() is called. This might cause memory corruption should\nwmi_char_open() be unable to find its driver, something which can\nhappen when the associated WMI device is deleted in wmi_free_devices().\n\nFix the problem by using the miscdevice pointer to retrieve the WMI\ndevice data associated with a char device using container_of(). This\nalso avoids wmi_char_open() picking a wrong WMI device bound to a\ndriver with the same name as the original driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52864",
"url": "https://www.suse.com/security/cve/CVE-2023-52864"
},
{
"category": "external",
"summary": "SUSE Bug 1225132 for CVE-2023-52864",
"url": "https://bugzilla.suse.com/1225132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52864"
},
{
"cve": "CVE-2023-52865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52865",
"url": "https://www.suse.com/security/cve/CVE-2023-52865"
},
{
"category": "external",
"summary": "SUSE Bug 1225086 for CVE-2023-52865",
"url": "https://bugzilla.suse.com/1225086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52865"
},
{
"cve": "CVE-2023-52866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks()\n\nWhen CONFIG_HID_UCLOGIC=y and CONFIG_KUNIT_ALL_TESTS=y, launch kernel and\nthen the below user-memory-access bug occurs.\n\nIn hid_test_uclogic_params_cleanup_event_hooks(),it call\nuclogic_params_ugee_v2_init_event_hooks() with the first arg=NULL, so\nwhen it calls uclogic_params_ugee_v2_has_battery(), the hid_get_drvdata()\nwill access hdev-\u003edev with hdev=NULL, which will cause below\nuser-memory-access.\n\nSo add a fake_device with quirks member and call hid_set_drvdata()\nto assign hdev-\u003edev-\u003edriver_data which avoids the null-ptr-def bug\nfor drvdata-\u003equirks in uclogic_params_ugee_v2_has_battery(). After applying\nthis patch, the below user-memory-access bug never occurs.\n\n general protection fault, probably for non-canonical address 0xdffffc0000000329: 0000 [#1] PREEMPT SMP KASAN\n KASAN: probably user-memory-access in range [0x0000000000001948-0x000000000000194f]\n CPU: 5 PID: 2189 Comm: kunit_try_catch Tainted: G B W N 6.6.0-rc2+ #30\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n RIP: 0010:uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n Code: f3 f3 65 48 8b 14 25 28 00 00 00 48 89 54 24 60 31 d2 48 89 fa c7 44 24 30 00 00 00 00 48 c7 44 24 28 02 f8 02 01 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 2c 04 00 00 48 8b 9d 48 19 00 00 48 b8 00 00 00\n RSP: 0000:ffff88810679fc88 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000\n RDX: 0000000000000329 RSI: ffff88810679fd88 RDI: 0000000000001948\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1020f639f0\n R10: ffff888107b1cf87 R11: 0000000000000400 R12: 1ffff11020cf3f92\n R13: ffff88810679fd88 R14: ffff888100b97b08 R15: ffff8881030bb080\n FS: 0000000000000000(0000) GS:ffff888119e80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000005286001 CR4: 0000000000770ee0\n DR0: ffffffff8fdd6cf4 DR1: ffffffff8fdd6cf5 DR2: ffffffff8fdd6cf6\n DR3: ffffffff8fdd6cf7 DR6: 00000000fffe0ff0 DR7: 0000000000000600\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? die_addr+0x3d/0xa0\n ? exc_general_protection+0x144/0x220\n ? asm_exc_general_protection+0x22/0x30\n ? uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n ? sched_clock_cpu+0x69/0x550\n ? uclogic_parse_ugee_v2_desc_gen_params+0x70/0x70\n ? load_balance+0x2950/0x2950\n ? rcu_trc_cmpxchg_need_qs+0x67/0xa0\n hid_test_uclogic_params_cleanup_event_hooks+0x9e/0x1a0\n ? uclogic_params_ugee_v2_init_event_hooks+0x600/0x600\n ? __switch_to+0x5cf/0xe60\n ? migrate_enable+0x260/0x260\n ? __kthread_parkme+0x83/0x150\n ? kunit_try_run_case_cleanup+0xe0/0xe0\n kunit_generic_run_threadfn_adapter+0x4a/0x90\n ? kunit_try_catch_throw+0x80/0x80\n kthread+0x2b5/0x380\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x70\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e\n Modules linked in:\n Dumping ftrace buffer:\n (ftrace buffer empty)\n ---[ end trace 0000000000000000 ]---\n RIP: 0010:uclogic_params_ugee_v2_init_event_hooks+0x87/0x600\n Code: f3 f3 65 48 8b 14 25 28 00 00 00 48 89 54 24 60 31 d2 48 89 fa c7 44 24 30 00 00 00 00 48 c7 44 24 28 02 f8 02 01 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 2c 04 00 00 48 8b 9d 48 19 00 00 48 b8 00 00 00\n RSP: 0000:ffff88810679fc88 EFLAGS: 00010202\n RAX: dffffc0000000000 RBX: 0000000000000004 RCX: 0000000000000000\n RDX: 0000000000000329 RSI: ffff88810679fd88 RDI: 0000000000001948\n RBP: 0000000000000000 R08: 0000000000000000 R09: ffffed1020f639f0\n R10: ffff888107b1cf87 R11: 0000000000000400 R12: 1ffff11020cf3f92\n R13: ffff88810679fd88 R14: ffff888100b97b08 R15: ffff8881030bb080\n FS: 0000000000000000(0000) GS:ffff888119e80000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000000005286001 CR4: 0000000000770ee0\n DR0: ffffffff8fdd6cf4 DR1: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52866",
"url": "https://www.suse.com/security/cve/CVE-2023-52866"
},
{
"category": "external",
"summary": "SUSE Bug 1225120 for CVE-2023-52866",
"url": "https://bugzilla.suse.com/1225120"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52866"
},
{
"cve": "CVE-2023-52867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/radeon: possible buffer overflow\n\nBuffer \u0027afmt_status\u0027 of size 6 could overflow, since index \u0027afmt_idx\u0027 is\nchecked after access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52867",
"url": "https://www.suse.com/security/cve/CVE-2023-52867"
},
{
"category": "external",
"summary": "SUSE Bug 1225009 for CVE-2023-52867",
"url": "https://bugzilla.suse.com/1225009"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52867"
},
{
"cve": "CVE-2023-52868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: prevent potential string overflow\n\nThe dev-\u003eid value comes from ida_alloc() so it\u0027s a number between zero\nand INT_MAX. If it\u0027s too high then these sprintf()s will overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52868",
"url": "https://www.suse.com/security/cve/CVE-2023-52868"
},
{
"category": "external",
"summary": "SUSE Bug 1225044 for CVE-2023-52868",
"url": "https://bugzilla.suse.com/1225044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52868"
},
{
"cve": "CVE-2023-52869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/platform: Add check for kstrdup\n\nAdd check for the return value of kstrdup() and return the error\nif it fails in order to avoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52869",
"url": "https://www.suse.com/security/cve/CVE-2023-52869"
},
{
"category": "external",
"summary": "SUSE Bug 1225050 for CVE-2023-52869",
"url": "https://bugzilla.suse.com/1225050"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52869"
},
{
"cve": "CVE-2023-52870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52870",
"url": "https://www.suse.com/security/cve/CVE-2023-52870"
},
{
"category": "external",
"summary": "SUSE Bug 1224937 for CVE-2023-52870",
"url": "https://bugzilla.suse.com/1224937"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52870"
},
{
"cve": "CVE-2023-52871",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52871"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: llcc: Handle a second device without data corruption\n\nUsually there is only one llcc device. But if there were a second, even\na failed probe call would modify the global drv_data pointer. So check\nif drv_data is valid before overwriting it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52871",
"url": "https://www.suse.com/security/cve/CVE-2023-52871"
},
{
"category": "external",
"summary": "SUSE Bug 1225534 for CVE-2023-52871",
"url": "https://bugzilla.suse.com/1225534"
},
{
"category": "external",
"summary": "SUSE Bug 1227475 for CVE-2023-52871",
"url": "https://bugzilla.suse.com/1227475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52871"
},
{
"cve": "CVE-2023-52872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52872"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix race condition in status line change on dead connections\n\ngsm_cleanup_mux() cleans up the gsm by closing all DLCIs, stopping all\ntimers, removing the virtual tty devices and clearing the data queues.\nThis procedure, however, may cause subsequent changes of the virtual modem\nstatus lines of a DLCI. More data is being added the outgoing data queue\nand the deleted kick timer is restarted to handle this. At this point many\nresources have already been removed by the cleanup procedure. Thus, a\nkernel panic occurs.\n\nFix this by proving in gsm_modem_update() that the cleanup procedure has\nnot been started and the mux is still alive.\n\nNote that writing to a virtual tty is already protected by checks against\nthe DLCI specific connection state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52872",
"url": "https://www.suse.com/security/cve/CVE-2023-52872"
},
{
"category": "external",
"summary": "SUSE Bug 1225591 for CVE-2023-52872",
"url": "https://bugzilla.suse.com/1225591"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52872"
},
{
"cve": "CVE-2023-52873",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52873"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52873",
"url": "https://www.suse.com/security/cve/CVE-2023-52873"
},
{
"category": "external",
"summary": "SUSE Bug 1225589 for CVE-2023-52873",
"url": "https://bugzilla.suse.com/1225589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52873"
},
{
"cve": "CVE-2023-52874",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52874"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro\n\nIn the TDX_HYPERCALL asm, after the TDCALL instruction returns from the\nuntrusted VMM, the registers that the TDX guest shares to the VMM need\nto be cleared to avoid speculative execution of VMM-provided values.\n\nRSI is specified in the bitmap of those registers, but it is missing\nwhen zeroing out those registers in the current TDX_HYPERCALL.\n\nIt was there when it was originally added in commit 752d13305c78\n(\"x86/tdx: Expand __tdx_hypercall() to handle more arguments\"), but was\nlater removed in commit 1e70c680375a (\"x86/tdx: Do not corrupt\nframe-pointer in __tdx_hypercall()\"), which was correct because %rsi is\nlater restored in the \"pop %rsi\". However a later commit 7a3a401874be\n(\"x86/tdx: Drop flags from __tdx_hypercall()\") removed that \"pop %rsi\"\nbut forgot to add the \"xor %rsi, %rsi\" back.\n\nFix by adding it back.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52874",
"url": "https://www.suse.com/security/cve/CVE-2023-52874"
},
{
"category": "external",
"summary": "SUSE Bug 1225049 for CVE-2023-52874",
"url": "https://bugzilla.suse.com/1225049"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2023-52874"
},
{
"cve": "CVE-2023-52875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52875",
"url": "https://www.suse.com/security/cve/CVE-2023-52875"
},
{
"category": "external",
"summary": "SUSE Bug 1225096 for CVE-2023-52875",
"url": "https://bugzilla.suse.com/1225096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52875"
},
{
"cve": "CVE-2023-52876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52876"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data\n\nAdd the check for the return value of mtk_alloc_clk_data() in order to\navoid NULL pointer dereference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52876",
"url": "https://www.suse.com/security/cve/CVE-2023-52876"
},
{
"category": "external",
"summary": "SUSE Bug 1225036 for CVE-2023-52876",
"url": "https://bugzilla.suse.com/1225036"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52876"
},
{
"cve": "CVE-2023-52877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm()\n\nIt is possible that typec_register_partner() returns ERR_PTR on failure.\nWhen port-\u003epartner is an error, a NULL pointer dereference may occur as\nshown below.\n\n[91222.095236][ T319] typec port0: failed to register partner (-17)\n...\n[91225.061491][ T319] Unable to handle kernel NULL pointer dereference\nat virtual address 000000000000039f\n[91225.274642][ T319] pc : tcpm_pd_data_request+0x310/0x13fc\n[91225.274646][ T319] lr : tcpm_pd_data_request+0x298/0x13fc\n[91225.308067][ T319] Call trace:\n[91225.308070][ T319] tcpm_pd_data_request+0x310/0x13fc\n[91225.308073][ T319] tcpm_pd_rx_handler+0x100/0x9e8\n[91225.355900][ T319] kthread_worker_fn+0x178/0x58c\n[91225.355902][ T319] kthread+0x150/0x200\n[91225.355905][ T319] ret_from_fork+0x10/0x30\n\nAdd a check for port-\u003epartner to avoid dereferencing a NULL pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52877",
"url": "https://www.suse.com/security/cve/CVE-2023-52877"
},
{
"category": "external",
"summary": "SUSE Bug 1224944 for CVE-2023-52877",
"url": "https://bugzilla.suse.com/1224944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52877"
},
{
"cve": "CVE-2023-52878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncan: dev: can_put_echo_skb(): don\u0027t crash kernel if can_priv::echo_skb is accessed out of bounds\n\nIf the \"struct can_priv::echoo_skb\" is accessed out of bounds, this\nwould cause a kernel crash. Instead, issue a meaningful warning\nmessage and return with an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52878",
"url": "https://www.suse.com/security/cve/CVE-2023-52878"
},
{
"category": "external",
"summary": "SUSE Bug 1225000 for CVE-2023-52878",
"url": "https://bugzilla.suse.com/1225000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52878"
},
{
"cve": "CVE-2023-52879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Have trace_event_file have ref counters\n\nThe following can crash the kernel:\n\n # cd /sys/kernel/tracing\n # echo \u0027p:sched schedule\u0027 \u003e kprobe_events\n # exec 5\u003e\u003eevents/kprobes/sched/enable\n # \u003e kprobe_events\n # exec 5\u003e\u0026-\n\nThe above commands:\n\n 1. Change directory to the tracefs directory\n 2. Create a kprobe event (doesn\u0027t matter what one)\n 3. Open bash file descriptor 5 on the enable file of the kprobe event\n 4. Delete the kprobe event (removes the files too)\n 5. Close the bash file descriptor 5\n\nThe above causes a crash!\n\n BUG: kernel NULL pointer dereference, address: 0000000000000028\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 6 PID: 877 Comm: bash Not tainted 6.5.0-rc4-test-00008-g2c6b6b1029d4-dirty #186\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\n RIP: 0010:tracing_release_file_tr+0xc/0x50\n\nWhat happens here is that the kprobe event creates a trace_event_file\n\"file\" descriptor that represents the file in tracefs to the event. It\nmaintains state of the event (is it enabled for the given instance?).\nOpening the \"enable\" file gets a reference to the event \"file\" descriptor\nvia the open file descriptor. When the kprobe event is deleted, the file is\nalso deleted from the tracefs system which also frees the event \"file\"\ndescriptor.\n\nBut as the tracefs file is still opened by user space, it will not be\ntotally removed until the final dput() is called on it. But this is not\ntrue with the event \"file\" descriptor that is already freed. If the user\ndoes a write to or simply closes the file descriptor it will reference the\nevent \"file\" descriptor that was just freed, causing a use-after-free bug.\n\nTo solve this, add a ref count to the event \"file\" descriptor as well as a\nnew flag called \"FREED\". The \"file\" will not be freed until the last\nreference is released. But the FREE flag will be set when the event is\nremoved to prevent any more modifications to that event from happening,\neven if there\u0027s still a reference to the event \"file\" descriptor.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52879",
"url": "https://www.suse.com/security/cve/CVE-2023-52879"
},
{
"category": "external",
"summary": "SUSE Bug 1225101 for CVE-2023-52879",
"url": "https://bugzilla.suse.com/1225101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52879"
},
{
"cve": "CVE-2023-52880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc\n\nAny unprivileged user can attach N_GSM0710 ldisc, but it requires\nCAP_NET_ADMIN to create a GSM network anyway.\n\nRequire initial namespace CAP_NET_ADMIN to do that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52880",
"url": "https://www.suse.com/security/cve/CVE-2023-52880"
},
{
"category": "external",
"summary": "SUSE Bug 1222619 for CVE-2023-52880",
"url": "https://bugzilla.suse.com/1222619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2023-52880"
},
{
"cve": "CVE-2023-52881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: do not accept ACK of bytes we never sent\n\nThis patch is based on a detailed report and ideas from Yepeng Pan\nand Christian Rossow.\n\nACK seq validation is currently following RFC 5961 5.2 guidelines:\n\n The ACK value is considered acceptable only if\n it is in the range of ((SND.UNA - MAX.SND.WND) \u003c= SEG.ACK \u003c=\n SND.NXT). All incoming segments whose ACK value doesn\u0027t satisfy the\n above condition MUST be discarded and an ACK sent back. It needs to\n be noted that RFC 793 on page 72 (fifth check) says: \"If the ACK is a\n duplicate (SEG.ACK \u003c SND.UNA), it can be ignored. If the ACK\n acknowledges something not yet sent (SEG.ACK \u003e SND.NXT) then send an\n ACK, drop the segment, and return\". The \"ignored\" above implies that\n the processing of the incoming data segment continues, which means\n the ACK value is treated as acceptable. This mitigation makes the\n ACK check more stringent since any ACK \u003c SND.UNA wouldn\u0027t be\n accepted, instead only ACKs that are in the range ((SND.UNA -\n MAX.SND.WND) \u003c= SEG.ACK \u003c= SND.NXT) get through.\n\nThis can be refined for new (and possibly spoofed) flows,\nby not accepting ACK for bytes that were never sent.\n\nThis greatly improves TCP security at a little cost.\n\nI added a Fixes: tag to make sure this patch will reach stable trees,\neven if the \u0027blamed\u0027 patch was adhering to the RFC.\n\ntp-\u003ebytes_acked was added in linux-4.2\n\nFollowing packetdrill test (courtesy of Yepeng Pan) shows\nthe issue at hand:\n\n0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3\n+0 setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0\n+0 bind(3, ..., ...) = 0\n+0 listen(3, 1024) = 0\n\n// ---------------- Handshake ------------------- //\n\n// when window scale is set to 14 the window size can be extended to\n// 65535 * (2^14) = 1073725440. Linux would accept an ACK packet\n// with ack number in (Server_ISN+1-1073725440. Server_ISN+1)\n// ,though this ack number acknowledges some data never\n// sent by the server.\n\n+0 \u003c S 0:0(0) win 65535 \u003cmss 1400,nop,wscale 14\u003e\n+0 \u003e S. 0:0(0) ack 1 \u003c...\u003e\n+0 \u003c . 1:1(0) ack 1 win 65535\n+0 accept(3, ..., ...) = 4\n\n// For the established connection, we send an ACK packet,\n// the ack packet uses ack number 1 - 1073725300 + 2^32,\n// where 2^32 is used to wrap around.\n// Note: we used 1073725300 instead of 1073725440 to avoid possible\n// edge cases.\n// 1 - 1073725300 + 2^32 = 3221241997\n\n// Oops, old kernels happily accept this packet.\n+0 \u003c . 1:1001(1000) ack 3221241997 win 65535\n\n// After the kernel fix the following will be replaced by a challenge ACK,\n// and prior malicious frame would be dropped.\n+0 \u003e . 1:1(0) ack 1001",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52881",
"url": "https://www.suse.com/security/cve/CVE-2023-52881"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1225611 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1225611"
},
{
"category": "external",
"summary": "SUSE Bug 1226152 for CVE-2023-52881",
"url": "https://bugzilla.suse.com/1226152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52881"
},
{
"cve": "CVE-2023-52882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change\n\nWhile PLL CPUX clock rate change when CPU is running from it works in\nvast majority of cases, now and then it causes instability. This leads\nto system crashes and other undefined behaviour. After a lot of testing\n(30+ hours) while also doing a lot of frequency switches, we can\u0027t\nobserve any instability issues anymore when doing reparenting to stable\nclock like 24 MHz oscillator.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52882",
"url": "https://www.suse.com/security/cve/CVE-2023-52882"
},
{
"category": "external",
"summary": "SUSE Bug 1225692 for CVE-2023-52882",
"url": "https://bugzilla.suse.com/1225692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52882"
},
{
"cve": "CVE-2023-52883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix possible null pointer dereference\n\nabo-\u003etbo.resource may be NULL in amdgpu_vm_bo_update.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52883",
"url": "https://www.suse.com/security/cve/CVE-2023-52883"
},
{
"category": "external",
"summary": "SUSE Bug 1226630 for CVE-2023-52883",
"url": "https://bugzilla.suse.com/1226630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52883"
},
{
"cve": "CVE-2023-52884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: cyapa - add missing input core locking to suspend/resume functions\n\nGrab input-\u003emutex during suspend/resume functions like it is done in\nother input drivers. This fixes the following warning during system\nsuspend/resume cycle on Samsung Exynos5250-based Snow Chromebook:\n\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 input_device_enabled+0x68/0x6c\nModules linked in: ...\nCPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G W 6.6.0-rc5-next-20231009 #14109\nHardware name: Samsung Exynos (Flattened Device Tree)\nWorkqueue: events_unbound async_run_entry_fn\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x58/0x70\n dump_stack_lvl from __warn+0x1a8/0x1cc\n __warn from warn_slowpath_fmt+0x18c/0x1b4\n warn_slowpath_fmt from input_device_enabled+0x68/0x6c\n input_device_enabled from cyapa_gen3_set_power_mode+0x13c/0x1dc\n cyapa_gen3_set_power_mode from cyapa_reinitialize+0x10c/0x15c\n cyapa_reinitialize from cyapa_resume+0x48/0x98\n cyapa_resume from dpm_run_callback+0x90/0x298\n dpm_run_callback from device_resume+0xb4/0x258\n device_resume from async_resume+0x20/0x64\n async_resume from async_run_entry_fn+0x40/0x15c\n async_run_entry_fn from process_scheduled_works+0xbc/0x6a8\n process_scheduled_works from worker_thread+0x188/0x454\n worker_thread from kthread+0x108/0x140\n kthread from ret_from_fork+0x14/0x28\nException stack(0xf1625fb0 to 0xf1625ff8)\n...\n---[ end trace 0000000000000000 ]---\n...\n------------[ cut here ]------------\nWARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 input_device_enabled+0x68/0x6c\nModules linked in: ...\nCPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G W 6.6.0-rc5-next-20231009 #14109\nHardware name: Samsung Exynos (Flattened Device Tree)\nWorkqueue: events_unbound async_run_entry_fn\n unwind_backtrace from show_stack+0x10/0x14\n show_stack from dump_stack_lvl+0x58/0x70\n dump_stack_lvl from __warn+0x1a8/0x1cc\n __warn from warn_slowpath_fmt+0x18c/0x1b4\n warn_slowpath_fmt from input_device_enabled+0x68/0x6c\n input_device_enabled from cyapa_gen3_set_power_mode+0x13c/0x1dc\n cyapa_gen3_set_power_mode from cyapa_reinitialize+0x10c/0x15c\n cyapa_reinitialize from cyapa_resume+0x48/0x98\n cyapa_resume from dpm_run_callback+0x90/0x298\n dpm_run_callback from device_resume+0xb4/0x258\n device_resume from async_resume+0x20/0x64\n async_resume from async_run_entry_fn+0x40/0x15c\n async_run_entry_fn from process_scheduled_works+0xbc/0x6a8\n process_scheduled_works from worker_thread+0x188/0x454\n worker_thread from kthread+0x108/0x140\n kthread from ret_from_fork+0x14/0x28\nException stack(0xf1625fb0 to 0xf1625ff8)\n...\n---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52884",
"url": "https://www.suse.com/security/cve/CVE-2023-52884"
},
{
"category": "external",
"summary": "SUSE Bug 1226764 for CVE-2023-52884",
"url": "https://bugzilla.suse.com/1226764"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-52884"
},
{
"cve": "CVE-2023-6238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6238"
}
],
"notes": [
{
"category": "general",
"text": "A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6238",
"url": "https://www.suse.com/security/cve/CVE-2023-6238"
},
{
"category": "external",
"summary": "SUSE Bug 1217384 for CVE-2023-6238",
"url": "https://bugzilla.suse.com/1217384"
},
{
"category": "external",
"summary": "SUSE Bug 1217388 for CVE-2023-6238",
"url": "https://bugzilla.suse.com/1217388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-6238"
},
{
"cve": "CVE-2023-6270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6270"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6270",
"url": "https://www.suse.com/security/cve/CVE-2023-6270"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1218813 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218813"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-6270"
},
{
"cve": "CVE-2023-7042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7042"
}
],
"notes": [
{
"category": "general",
"text": "A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7042",
"url": "https://www.suse.com/security/cve/CVE-2023-7042"
},
{
"category": "external",
"summary": "SUSE Bug 1218336 for CVE-2023-7042",
"url": "https://bugzilla.suse.com/1218336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2023-7042"
},
{
"cve": "CVE-2024-0639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0639"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u0027s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0639",
"url": "https://www.suse.com/security/cve/CVE-2024-0639"
},
{
"category": "external",
"summary": "SUSE Bug 1218917 for CVE-2024-0639",
"url": "https://bugzilla.suse.com/1218917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21823"
}
],
"notes": [
{
"category": "general",
"text": "Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21823",
"url": "https://www.suse.com/security/cve/CVE-2024-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1223625 for CVE-2024-21823",
"url": "https://bugzilla.suse.com/1223625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-21823"
},
{
"cve": "CVE-2024-22099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-22099"
}
],
"notes": [
{
"category": "general",
"text": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-22099",
"url": "https://www.suse.com/security/cve/CVE-2024-22099"
},
{
"category": "external",
"summary": "SUSE Bug 1219170 for CVE-2024-22099",
"url": "https://bugzilla.suse.com/1219170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-22099"
},
{
"cve": "CVE-2024-23848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23848",
"url": "https://www.suse.com/security/cve/CVE-2024-23848"
},
{
"category": "external",
"summary": "SUSE Bug 1219104 for CVE-2024-23848",
"url": "https://bugzilla.suse.com/1219104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-23848"
},
{
"cve": "CVE-2024-24861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24861"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24861",
"url": "https://www.suse.com/security/cve/CVE-2024-24861"
},
{
"category": "external",
"summary": "SUSE Bug 1219623 for CVE-2024-24861",
"url": "https://bugzilla.suse.com/1219623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-24861"
},
{
"cve": "CVE-2024-25739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25739"
}
],
"notes": [
{
"category": "general",
"text": "create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-\u003eleb_size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25739",
"url": "https://www.suse.com/security/cve/CVE-2024-25739"
},
{
"category": "external",
"summary": "SUSE Bug 1219834 for CVE-2024-25739",
"url": "https://bugzilla.suse.com/1219834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-25739"
},
{
"cve": "CVE-2024-25741",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25741"
}
],
"notes": [
{
"category": "general",
"text": "printer_write in drivers/usb/gadget/function/f_printer.c in the Linux kernel through 6.7.4 does not properly call usb_ep_queue, which might allow attackers to cause a denial of service or have unspecified other impact.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25741",
"url": "https://www.suse.com/security/cve/CVE-2024-25741"
},
{
"category": "external",
"summary": "SUSE Bug 1219832 for CVE-2024-25741",
"url": "https://bugzilla.suse.com/1219832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-25741"
},
{
"cve": "CVE-2024-26601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: regenerate buddy after block freeing failed if under fc replay\n\nThis mostly reverts commit 6bd97bf273bd (\"ext4: remove redundant\nmb_regenerate_buddy()\") and reintroduces mb_regenerate_buddy(). Based on\ncode in mb_free_blocks(), fast commit replay can end up marking as free\nblocks that are already marked as such. This causes corruption of the\nbuddy bitmap so we need to regenerate it in that case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26601",
"url": "https://www.suse.com/security/cve/CVE-2024-26601"
},
{
"category": "external",
"summary": "SUSE Bug 1220342 for CVE-2024-26601",
"url": "https://bugzilla.suse.com/1220342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26601"
},
{
"cve": "CVE-2024-26611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26611"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix usage of multi-buffer BPF helpers for ZC XDP\n\nCurrently when packet is shrunk via bpf_xdp_adjust_tail() and memory\ntype is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens:\n\n[1136314.192256] BUG: kernel NULL pointer dereference, address:\n0000000000000034\n[1136314.203943] #PF: supervisor read access in kernel mode\n[1136314.213768] #PF: error_code(0x0000) - not-present page\n[1136314.223550] PGD 0 P4D 0\n[1136314.230684] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[1136314.239621] CPU: 8 PID: 54203 Comm: xdpsock Not tainted 6.6.0+ #257\n[1136314.250469] Hardware name: Intel Corporation S2600WFT/S2600WFT,\nBIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[1136314.265615] RIP: 0010:__xdp_return+0x6c/0x210\n[1136314.274653] Code: ad 00 48 8b 47 08 49 89 f8 a8 01 0f 85 9b 01 00 00 0f 1f 44 00 00 f0 41 ff 48 34 75 32 4c 89 c7 e9 79 cd 80 ff 83 fe 03 75 17 \u003cf6\u003e 41 34 01 0f 85 02 01 00 00 48 89 cf e9 22 cc 1e 00 e9 3d d2 86\n[1136314.302907] RSP: 0018:ffffc900089f8db0 EFLAGS: 00010246\n[1136314.312967] RAX: ffffc9003168aed0 RBX: ffff8881c3300000 RCX:\n0000000000000000\n[1136314.324953] RDX: 0000000000000000 RSI: 0000000000000003 RDI:\nffffc9003168c000\n[1136314.336929] RBP: 0000000000000ae0 R08: 0000000000000002 R09:\n0000000000010000\n[1136314.348844] R10: ffffc9000e495000 R11: 0000000000000040 R12:\n0000000000000001\n[1136314.360706] R13: 0000000000000524 R14: ffffc9003168aec0 R15:\n0000000000000001\n[1136314.373298] FS: 00007f8df8bbcb80(0000) GS:ffff8897e0e00000(0000)\nknlGS:0000000000000000\n[1136314.386105] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1136314.396532] CR2: 0000000000000034 CR3: 00000001aa912002 CR4:\n00000000007706f0\n[1136314.408377] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[1136314.420173] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[1136314.431890] PKRU: 55555554\n[1136314.439143] Call Trace:\n[1136314.446058] \u003cIRQ\u003e\n[1136314.452465] ? __die+0x20/0x70\n[1136314.459881] ? page_fault_oops+0x15b/0x440\n[1136314.468305] ? exc_page_fault+0x6a/0x150\n[1136314.476491] ? asm_exc_page_fault+0x22/0x30\n[1136314.484927] ? __xdp_return+0x6c/0x210\n[1136314.492863] bpf_xdp_adjust_tail+0x155/0x1d0\n[1136314.501269] bpf_prog_ccc47ae29d3b6570_xdp_sock_prog+0x15/0x60\n[1136314.511263] ice_clean_rx_irq_zc+0x206/0xc60 [ice]\n[1136314.520222] ? ice_xmit_zc+0x6e/0x150 [ice]\n[1136314.528506] ice_napi_poll+0x467/0x670 [ice]\n[1136314.536858] ? ttwu_do_activate.constprop.0+0x8f/0x1a0\n[1136314.546010] __napi_poll+0x29/0x1b0\n[1136314.553462] net_rx_action+0x133/0x270\n[1136314.561619] __do_softirq+0xbe/0x28e\n[1136314.569303] do_softirq+0x3f/0x60\n\nThis comes from __xdp_return() call with xdp_buff argument passed as\nNULL which is supposed to be consumed by xsk_buff_free() call.\n\nTo address this properly, in ZC case, a node that represents the frag\nbeing removed has to be pulled out of xskb_list. Introduce\nappropriate xsk helpers to do such node operation and use them\naccordingly within bpf_xdp_adjust_tail().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26611",
"url": "https://www.suse.com/security/cve/CVE-2024-26611"
},
{
"category": "external",
"summary": "SUSE Bug 1221303 for CVE-2024-26611",
"url": "https://bugzilla.suse.com/1221303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26611"
},
{
"cve": "CVE-2024-26614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: make sure init the accept_queue\u0027s spinlocks once\n\nWhen I run syz\u0027s reproduction C program locally, it causes the following\nissue:\npvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!\nWARNING: CPU: 19 PID: 21160 at __pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nRIP: 0010:__pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nCode: 73 56 3a ff 90 c3 cc cc cc cc 8b 05 bb 1f 48 01 85 c0 74 05 c3 cc cc cc cc 8b 17 48 89 fe 48 c7 c7\n30 20 ce 8f e8 ad 56 42 ff \u003c0f\u003e 0b c3 cc cc cc cc 0f 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffa8d200604cb8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff9d1ef60e0908\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9d1ef60e0900\nRBP: ffff9d181cd5c280 R08: 0000000000000000 R09: 00000000ffff7fff\nR10: ffffa8d200604b68 R11: ffffffff907dcdc8 R12: 0000000000000000\nR13: ffff9d181cd5c660 R14: ffff9d1813a3f330 R15: 0000000000001000\nFS: 00007fa110184640(0000) GS:ffff9d1ef60c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000000 CR3: 000000011f65e000 CR4: 00000000000006f0\nCall Trace:\n\u003cIRQ\u003e\n _raw_spin_unlock (kernel/locking/spinlock.c:186)\n inet_csk_reqsk_queue_add (net/ipv4/inet_connection_sock.c:1321)\n inet_csk_complete_hashdance (net/ipv4/inet_connection_sock.c:1358)\n tcp_check_req (net/ipv4/tcp_minisocks.c:868)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2260)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205)\n ip_local_deliver_finish (net/ipv4/ip_input.c:234)\n __netif_receive_skb_one_core (net/core/dev.c:5529)\n process_backlog (./include/linux/rcupdate.h:779)\n __napi_poll (net/core/dev.c:6533)\n net_rx_action (net/core/dev.c:6604)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n\u003c/IRQ\u003e\n\u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4374)\n ip_finish_output2 (./include/net/neighbour.h:540 net/ipv4/ip_output.c:235)\n __ip_queue_xmit (net/ipv4/ip_output.c:535)\n __tcp_transmit_skb (net/ipv4/tcp_output.c:1462)\n tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6469)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6657)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929)\n __release_sock (./include/net/sock.h:1121 net/core/sock.c:2968)\n release_sock (net/core/sock.c:3536)\n inet_wait_for_connect (net/ipv4/af_inet.c:609)\n __inet_stream_connect (net/ipv4/af_inet.c:702)\n inet_stream_connect (net/ipv4/af_inet.c:748)\n __sys_connect (./include/linux/file.h:45 net/socket.c:2064)\n __x64_sys_connect (net/socket.c:2073 net/socket.c:2070 net/socket.c:2070)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n RIP: 0033:0x7fa10ff05a3d\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89\n c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ab a3 0e 00 f7 d8 64 89 01 48\n RSP: 002b:00007fa110183de8 EFLAGS: 00000202 ORIG_RAX: 000000000000002a\n RAX: ffffffffffffffda RBX: 0000000020000054 RCX: 00007fa10ff05a3d\n RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\n RBP: 00007fa110183e20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fa110184640\n R13: 0000000000000000 R14: 00007fa10fe8b060 R15: 00007fff73e23b20\n\u003c/TASK\u003e\n\nThe issue triggering process is analyzed as follows:\nThread A Thread B\ntcp_v4_rcv\t//receive ack TCP packet inet_shutdown\n tcp_check_req tcp_disconnect //disconnect sock\n ... tcp_set_state(sk, TCP_CLOSE)\n inet_csk_complete_hashdance ...\n inet_csk_reqsk_queue_add \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26614",
"url": "https://www.suse.com/security/cve/CVE-2024-26614"
},
{
"category": "external",
"summary": "SUSE Bug 1221293 for CVE-2024-26614",
"url": "https://bugzilla.suse.com/1221293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26614"
},
{
"cve": "CVE-2024-26615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26615"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix illegal rmb_desc access in SMC-D connection dump\n\nA crash was found when dumping SMC-D connections. It can be reproduced\nby following steps:\n\n- run nginx/wrk test:\n smc_run nginx\n smc_run wrk -t 16 -c 1000 -d \u003cduration\u003e -H \u0027Connection: Close\u0027 \u003cURL\u003e\n\n- continuously dump SMC-D connections in parallel:\n watch -n 1 \u0027smcss -D\u0027\n\n BUG: kernel NULL pointer dereference, address: 0000000000000030\n CPU: 2 PID: 7204 Comm: smcss Kdump: loaded Tainted: G\tE 6.7.0+ #55\n RIP: 0010:__smc_diag_dump.constprop.0+0x5e5/0x620 [smc_diag]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x24/0x70\n ? page_fault_oops+0x66/0x150\n ? exc_page_fault+0x69/0x140\n ? asm_exc_page_fault+0x26/0x30\n ? __smc_diag_dump.constprop.0+0x5e5/0x620 [smc_diag]\n ? __kmalloc_node_track_caller+0x35d/0x430\n ? __alloc_skb+0x77/0x170\n smc_diag_dump_proto+0xd0/0xf0 [smc_diag]\n smc_diag_dump+0x26/0x60 [smc_diag]\n netlink_dump+0x19f/0x320\n __netlink_dump_start+0x1dc/0x300\n smc_diag_handler_dump+0x6a/0x80 [smc_diag]\n ? __pfx_smc_diag_dump+0x10/0x10 [smc_diag]\n sock_diag_rcv_msg+0x121/0x140\n ? __pfx_sock_diag_rcv_msg+0x10/0x10\n netlink_rcv_skb+0x5a/0x110\n sock_diag_rcv+0x28/0x40\n netlink_unicast+0x22a/0x330\n netlink_sendmsg+0x1f8/0x420\n __sock_sendmsg+0xb0/0xc0\n ____sys_sendmsg+0x24e/0x300\n ? copy_msghdr_from_user+0x62/0x80\n ___sys_sendmsg+0x7c/0xd0\n ? __do_fault+0x34/0x160\n ? do_read_fault+0x5f/0x100\n ? do_fault+0xb0/0x110\n ? __handle_mm_fault+0x2b0/0x6c0\n __sys_sendmsg+0x4d/0x80\n do_syscall_64+0x69/0x180\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nIt is possible that the connection is in process of being established\nwhen we dump it. Assumed that the connection has been registered in a\nlink group by smc_conn_create() but the rmb_desc has not yet been\ninitialized by smc_buf_create(), thus causing the illegal access to\nconn-\u003ermb_desc. So fix it by checking before dump.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26615",
"url": "https://www.suse.com/security/cve/CVE-2024-26615"
},
{
"category": "external",
"summary": "SUSE Bug 1220942 for CVE-2024-26615",
"url": "https://bugzilla.suse.com/1220942"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26615"
},
{
"cve": "CVE-2024-26623",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26623"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npds_core: Prevent race issues involving the adminq\n\nThere are multiple paths that can result in using the pdsc\u0027s\nadminq.\n\n[1] pdsc_adminq_isr and the resulting work from queue_work(),\n i.e. pdsc_work_thread()-\u003epdsc_process_adminq()\n\n[2] pdsc_adminq_post()\n\nWhen the device goes through reset via PCIe reset and/or\na fw_down/fw_up cycle due to bad PCIe state or bad device\nstate the adminq is destroyed and recreated.\n\nA NULL pointer dereference can happen if [1] or [2] happens\nafter the adminq is already destroyed.\n\nIn order to fix this, add some further state checks and\nimplement reference counting for adminq uses. Reference\ncounting was used because multiple threads can attempt to\naccess the adminq at the same time via [1] or [2]. Additionally,\nmultiple clients (i.e. pds-vfio-pci) can be using [2]\nat the same time.\n\nThe adminq_refcnt is initialized to 1 when the adminq has been\nallocated and is ready to use. Users/clients of the adminq\n(i.e. [1] and [2]) will increment the refcnt when they are using\nthe adminq. When the driver goes into a fw_down cycle it will\nset the PDSC_S_FW_DEAD bit and then wait for the adminq_refcnt\nto hit 1. Setting the PDSC_S_FW_DEAD before waiting will prevent\nany further adminq_refcnt increments. Waiting for the\nadminq_refcnt to hit 1 allows for any current users of the adminq\nto finish before the driver frees the adminq. Once the\nadminq_refcnt hits 1 the driver clears the refcnt to signify that\nthe adminq is deleted and cannot be used. On the fw_up cycle the\ndriver will once again initialize the adminq_refcnt to 1 allowing\nthe adminq to be used again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26623",
"url": "https://www.suse.com/security/cve/CVE-2024-26623"
},
{
"category": "external",
"summary": "SUSE Bug 1221057 for CVE-2024-26623",
"url": "https://bugzilla.suse.com/1221057"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26623"
},
{
"cve": "CVE-2024-26625",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26625"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: call sock_orphan() at release time\n\nsyzbot reported an interesting trace [1] caused by a stale sk-\u003esk_wq\npointer in a closed llc socket.\n\nIn commit ff7b11aa481f (\"net: socket: set sock-\u003esk to NULL after\ncalling proto_ops::release()\") Eric Biggers hinted that some protocols\nare missing a sock_orphan(), we need to perform a full audit.\n\nIn net-next, I plan to clear sock-\u003esk from sock_orphan() and\namend Eric patch to add a warning.\n\n[1]\n BUG: KASAN: slab-use-after-free in list_empty include/linux/list.h:373 [inline]\n BUG: KASAN: slab-use-after-free in waitqueue_active include/linux/wait.h:127 [inline]\n BUG: KASAN: slab-use-after-free in sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n BUG: KASAN: slab-use-after-free in sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\nRead of size 8 at addr ffff88802f4fc880 by task ksoftirqd/1/27\n\nCPU: 1 PID: 27 Comm: ksoftirqd/1 Not tainted 6.8.0-rc1-syzkaller-00049-g6098d87eaf31 #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0xc4/0x620 mm/kasan/report.c:488\n kasan_report+0xda/0x110 mm/kasan/report.c:601\n list_empty include/linux/list.h:373 [inline]\n waitqueue_active include/linux/wait.h:127 [inline]\n sock_def_write_space_wfree net/core/sock.c:3384 [inline]\n sock_wfree+0x9a8/0x9d0 net/core/sock.c:2468\n skb_release_head_state+0xa3/0x2b0 net/core/skbuff.c:1080\n skb_release_all net/core/skbuff.c:1092 [inline]\n napi_consume_skb+0x119/0x2b0 net/core/skbuff.c:1404\n e1000_unmap_and_free_tx_resource+0x144/0x200 drivers/net/ethernet/intel/e1000/e1000_main.c:1970\n e1000_clean_tx_irq drivers/net/ethernet/intel/e1000/e1000_main.c:3860 [inline]\n e1000_clean+0x4a1/0x26e0 drivers/net/ethernet/intel/e1000/e1000_main.c:3801\n __napi_poll.constprop.0+0xb4/0x540 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x956/0xe90 net/core/dev.c:6778\n __do_softirq+0x21a/0x8de kernel/softirq.c:553\n run_ksoftirqd kernel/softirq.c:921 [inline]\n run_ksoftirqd+0x31/0x60 kernel/softirq.c:913\n smpboot_thread_fn+0x660/0xa10 kernel/smpboot.c:164\n kthread+0x2c6/0x3a0 kernel/kthread.c:388\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n \u003c/TASK\u003e\n\nAllocated by task 5167:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n unpoison_slab_object mm/kasan/common.c:314 [inline]\n __kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:340\n kasan_slab_alloc include/linux/kasan.h:201 [inline]\n slab_post_alloc_hook mm/slub.c:3813 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_lru+0x142/0x6f0 mm/slub.c:3879\n alloc_inode_sb include/linux/fs.h:3019 [inline]\n sock_alloc_inode+0x25/0x1c0 net/socket.c:308\n alloc_inode+0x5d/0x220 fs/inode.c:260\n new_inode_pseudo+0x16/0x80 fs/inode.c:1005\n sock_alloc+0x40/0x270 net/socket.c:634\n __sock_create+0xbc/0x800 net/socket.c:1535\n sock_create net/socket.c:1622 [inline]\n __sys_socket_create net/socket.c:1659 [inline]\n __sys_socket+0x14c/0x260 net/socket.c:1706\n __do_sys_socket net/socket.c:1720 [inline]\n __se_sys_socket net/socket.c:1718 [inline]\n __x64_sys_socket+0x72/0xb0 net/socket.c:1718\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd3/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 0:\n kasan_save_stack+0x33/0x50 mm/kasan/common.c:47\n kasan_save_track+0x14/0x30 mm/kasan/common.c:68\n kasan_save_free_info+0x3f/0x60 mm/kasan/generic.c:640\n poison_slab_object mm/kasan/common.c:241 [inline]\n __kasan_slab_free+0x121/0x1b0 mm/kasan/common.c:257\n kasan_slab_free include/linux/kasan.h:184 [inline]\n slab_free_hook mm/slub.c:2121 [inlin\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26625",
"url": "https://www.suse.com/security/cve/CVE-2024-26625"
},
{
"category": "external",
"summary": "SUSE Bug 1221086 for CVE-2024-26625",
"url": "https://bugzilla.suse.com/1221086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26625"
},
{
"cve": "CVE-2024-26632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix iterating over an empty bio with bio_for_each_folio_all\n\nIf the bio contains no data, bio_first_folio() calls page_folio() on a\nNULL pointer and oopses. Move the test that we\u0027ve reached the end of\nthe bio from bio_next_folio() to bio_first_folio().\n\n[axboe: add unlikely() to error case]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26632",
"url": "https://www.suse.com/security/cve/CVE-2024-26632"
},
{
"category": "external",
"summary": "SUSE Bug 1221635 for CVE-2024-26632",
"url": "https://bugzilla.suse.com/1221635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26632"
},
{
"cve": "CVE-2024-26633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: fix NEXTHDR_FRAGMENT handling in ip6_tnl_parse_tlv_enc_lim()\n\nsyzbot pointed out [1] that NEXTHDR_FRAGMENT handling is broken.\n\nReading frag_off can only be done if we pulled enough bytes\nto skb-\u003ehead. Currently we might access garbage.\n\n[1]\nBUG: KMSAN: uninit-value in ip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nip6_tnl_parse_tlv_enc_lim+0x94f/0xbb0\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendmsg net/socket.c:2676 [inline]\n__se_sys_sendmsg net/socket.c:2674 [inline]\n__x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\ndo_syscall_x64 arch/x86/entry/common.c:52 [inline]\ndo_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\nslab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\nslab_alloc_node mm/slub.c:3478 [inline]\n__kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n__do_kmalloc_node mm/slab_common.c:1006 [inline]\n__kmalloc_node_track_caller+0x118/0x3c0 mm/slab_common.c:1027\nkmalloc_reserve+0x249/0x4a0 net/core/skbuff.c:582\npskb_expand_head+0x226/0x1a00 net/core/skbuff.c:2098\n__pskb_pull_tail+0x13b/0x2310 net/core/skbuff.c:2655\npskb_may_pull_reason include/linux/skbuff.h:2673 [inline]\npskb_may_pull include/linux/skbuff.h:2681 [inline]\nip6_tnl_parse_tlv_enc_lim+0x901/0xbb0 net/ipv6/ip6_tunnel.c:408\nipxip6_tnl_xmit net/ipv6/ip6_tunnel.c:1326 [inline]\nip6_tnl_start_xmit+0xab2/0x1a70 net/ipv6/ip6_tunnel.c:1432\n__netdev_start_xmit include/linux/netdevice.h:4940 [inline]\nnetdev_start_xmit include/linux/netdevice.h:4954 [inline]\nxmit_one net/core/dev.c:3548 [inline]\ndev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n__dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\ndev_queue_xmit include/linux/netdevice.h:3134 [inline]\nneigh_connected_output+0x569/0x660 net/core/neighbour.c:1592\nneigh_output include/net/neighbour.h:542 [inline]\nip6_finish_output2+0x23a9/0x2b30 net/ipv6/ip6_output.c:137\nip6_finish_output+0x855/0x12b0 net/ipv6/ip6_output.c:222\nNF_HOOK_COND include/linux/netfilter.h:303 [inline]\nip6_output+0x323/0x610 net/ipv6/ip6_output.c:243\ndst_output include/net/dst.h:451 [inline]\nip6_local_out+0xe9/0x140 net/ipv6/output_core.c:155\nip6_send_skb net/ipv6/ip6_output.c:1952 [inline]\nip6_push_pending_frames+0x1f9/0x560 net/ipv6/ip6_output.c:1972\nrawv6_push_pending_frames+0xbe8/0xdf0 net/ipv6/raw.c:582\nrawv6_sendmsg+0x2b66/0x2e70 net/ipv6/raw.c:920\ninet_sendmsg+0x105/0x190 net/ipv4/af_inet.c:847\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg net/socket.c:745 [inline]\n____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n__sys_sendmsg net/socket.c:2667 [inline]\n__do_sys_sendms\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26633",
"url": "https://www.suse.com/security/cve/CVE-2024-26633"
},
{
"category": "external",
"summary": "SUSE Bug 1221647 for CVE-2024-26633",
"url": "https://bugzilla.suse.com/1221647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26633"
},
{
"cve": "CVE-2024-26635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: Drop support for ETH_P_TR_802_2.\n\nsyzbot reported an uninit-value bug below. [0]\n\nllc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2\n(0x0011), and syzbot abused the latter to trigger the bug.\n\n write$tun(r0, \u0026(0x7f0000000040)={@val={0x0, 0x11}, @val, @mpls={[], @llc={@snap={0xaa, 0x1, \u0027)\u0027, \"90e5dd\"}}}}, 0x16)\n\nllc_conn_handler() initialises local variables {saddr,daddr}.mac\nbased on skb in llc_pdu_decode_sa()/llc_pdu_decode_da() and passes\nthem to __llc_lookup().\n\nHowever, the initialisation is done only when skb-\u003eprotocol is\nhtons(ETH_P_802_2), otherwise, __llc_lookup_established() and\n__llc_lookup_listener() will read garbage.\n\nThe missing initialisation existed prior to commit 211ed865108e\n(\"net: delete all instances of special processing for token ring\").\n\nIt removed the part to kick out the token ring stuff but forgot to\nclose the door allowing ETH_P_TR_802_2 packets to sneak into llc_rcv().\n\nLet\u0027s remove llc_tr_packet_type and complete the deprecation.\n\n[0]:\nBUG: KMSAN: uninit-value in __llc_lookup_established+0xe9d/0xf90\n __llc_lookup_established+0xe9d/0xf90\n __llc_lookup net/llc/llc_conn.c:611 [inline]\n llc_conn_handler+0x4bd/0x1360 net/llc/llc_conn.c:791\n llc_rcv+0xfbb/0x14a0 net/llc/llc_input.c:206\n __netif_receive_skb_one_core net/core/dev.c:5527 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5641\n netif_receive_skb_internal net/core/dev.c:5727 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5786\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x8ef/0x1490 fs/read_write.c:584\n ksys_write+0x20f/0x4c0 fs/read_write.c:637\n __do_sys_write fs/read_write.c:649 [inline]\n __se_sys_write fs/read_write.c:646 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:646\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:82\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nLocal variable daddr created at:\n llc_conn_handler+0x53/0x1360 net/llc/llc_conn.c:783\n llc_rcv+0xfbb/0x14a0 net/llc/llc_input.c:206\n\nCPU: 1 PID: 5004 Comm: syz-executor994 Not tainted 6.6.0-syzkaller-14500-g1c41041124bd #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26635",
"url": "https://www.suse.com/security/cve/CVE-2024-26635"
},
{
"category": "external",
"summary": "SUSE Bug 1221656 for CVE-2024-26635",
"url": "https://bugzilla.suse.com/1221656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26635"
},
{
"cve": "CVE-2024-26636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nllc: make llc_ui_sendmsg() more robust against bonding changes\n\nsyzbot was able to trick llc_ui_sendmsg(), allocating an skb with no\nheadroom, but subsequently trying to push 14 bytes of Ethernet header [1]\n\nLike some others, llc_ui_sendmsg() releases the socket lock before\ncalling sock_alloc_send_skb().\nThen it acquires it again, but does not redo all the sanity checks\nthat were performed.\n\nThis fix:\n\n- Uses LL_RESERVED_SPACE() to reserve space.\n- Check all conditions again after socket lock is held again.\n- Do not account Ethernet header for mtu limitation.\n\n[1]\n\nskbuff: skb_under_panic: text:ffff800088baa334 len:1514 put:14 head:ffff0000c9c37000 data:ffff0000c9c36ff2 tail:0x5dc end:0x6c0 dev:bond0\n\n kernel BUG at net/core/skbuff.c:193 !\nInternal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP\nModules linked in:\nCPU: 0 PID: 6875 Comm: syz-executor.0 Not tainted 6.7.0-rc8-syzkaller-00101-g0802e17d9aca-dirty #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\npstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : skb_panic net/core/skbuff.c:189 [inline]\n pc : skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\n lr : skb_panic net/core/skbuff.c:189 [inline]\n lr : skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\nsp : ffff800096f97000\nx29: ffff800096f97010 x28: ffff80008cc8d668 x27: dfff800000000000\nx26: ffff0000cb970c90 x25: 00000000000005dc x24: ffff0000c9c36ff2\nx23: ffff0000c9c37000 x22: 00000000000005ea x21: 00000000000006c0\nx20: 000000000000000e x19: ffff800088baa334 x18: 1fffe000368261ce\nx17: ffff80008e4ed000 x16: ffff80008a8310f8 x15: 0000000000000001\nx14: 1ffff00012df2d58 x13: 0000000000000000 x12: 0000000000000000\nx11: 0000000000000001 x10: 0000000000ff0100 x9 : e28a51f1087e8400\nx8 : e28a51f1087e8400 x7 : ffff80008028f8d0 x6 : 0000000000000000\nx5 : 0000000000000001 x4 : 0000000000000001 x3 : ffff800082b78714\nx2 : 0000000000000001 x1 : 0000000100000000 x0 : 0000000000000089\nCall trace:\n skb_panic net/core/skbuff.c:189 [inline]\n skb_under_panic+0x13c/0x140 net/core/skbuff.c:203\n skb_push+0xf0/0x108 net/core/skbuff.c:2451\n eth_header+0x44/0x1f8 net/ethernet/eth.c:83\n dev_hard_header include/linux/netdevice.h:3188 [inline]\n llc_mac_hdr_init+0x110/0x17c net/llc/llc_output.c:33\n llc_sap_action_send_xid_c+0x170/0x344 net/llc/llc_s_ac.c:85\n llc_exec_sap_trans_actions net/llc/llc_sap.c:153 [inline]\n llc_sap_next_state net/llc/llc_sap.c:182 [inline]\n llc_sap_state_process+0x1ec/0x774 net/llc/llc_sap.c:209\n llc_build_and_send_xid_pkt+0x12c/0x1c0 net/llc/llc_sap.c:270\n llc_ui_sendmsg+0x7bc/0xb1c net/llc/af_llc.c:997\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n sock_sendmsg+0x194/0x274 net/socket.c:767\n splice_to_socket+0x7cc/0xd58 fs/splice.c:881\n do_splice_from fs/splice.c:933 [inline]\n direct_splice_actor+0xe4/0x1c0 fs/splice.c:1142\n splice_direct_to_actor+0x2a0/0x7e4 fs/splice.c:1088\n do_splice_direct+0x20c/0x348 fs/splice.c:1194\n do_sendfile+0x4bc/0xc70 fs/read_write.c:1254\n __do_sys_sendfile64 fs/read_write.c:1322 [inline]\n __se_sys_sendfile64 fs/read_write.c:1308 [inline]\n __arm64_sys_sendfile64+0x160/0x3b4 fs/read_write.c:1308\n __invoke_syscall arch/arm64/kernel/syscall.c:37 [inline]\n invoke_syscall+0x98/0x2b8 arch/arm64/kernel/syscall.c:51\n el0_svc_common+0x130/0x23c arch/arm64/kernel/syscall.c:136\n do_el0_svc+0x48/0x58 arch/arm64/kernel/syscall.c:155\n el0_svc+0x54/0x158 arch/arm64/kernel/entry-common.c:678\n el0t_64_sync_handler+0x84/0xfc arch/arm64/kernel/entry-common.c:696\n el0t_64_sync+0x190/0x194 arch/arm64/kernel/entry.S:595\nCode: aa1803e6 aa1903e7 a90023f5 94792f6a (d4210000)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26636",
"url": "https://www.suse.com/security/cve/CVE-2024-26636"
},
{
"category": "external",
"summary": "SUSE Bug 1221659 for CVE-2024-26636",
"url": "https://bugzilla.suse.com/1221659"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26636"
},
{
"cve": "CVE-2024-26638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: always initialize struct msghdr completely\n\nsyzbot complains that msg-\u003emsg_get_inq value can be uninitialized [1]\n\nstruct msghdr got many new fields recently, we should always make\nsure their values is zero by default.\n\n[1]\n BUG: KMSAN: uninit-value in tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571\n tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571\n inet_recvmsg+0x131/0x580 net/ipv4/af_inet.c:879\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg+0x12b/0x1e0 net/socket.c:1066\n __sock_xmit+0x236/0x5c0 drivers/block/nbd.c:538\n nbd_read_reply drivers/block/nbd.c:732 [inline]\n recv_work+0x262/0x3100 drivers/block/nbd.c:863\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x104e/0x1e70 kernel/workqueue.c:2700\n worker_thread+0xf45/0x1490 kernel/workqueue.c:2781\n kthread+0x3ed/0x540 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n\nLocal variable msg created at:\n __sock_xmit+0x4c/0x5c0 drivers/block/nbd.c:513\n nbd_read_reply drivers/block/nbd.c:732 [inline]\n recv_work+0x262/0x3100 drivers/block/nbd.c:863\n\nCPU: 1 PID: 7465 Comm: kworker/u5:1 Not tainted 6.7.0-rc7-syzkaller-00041-gf016f7547aee #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: nbd5-recv recv_work",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26638",
"url": "https://www.suse.com/security/cve/CVE-2024-26638"
},
{
"category": "external",
"summary": "SUSE Bug 1221649 for CVE-2024-26638",
"url": "https://bugzilla.suse.com/1221649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26638"
},
{
"cve": "CVE-2024-26641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\n\nsyzbot found __ip6_tnl_rcv() could access unitiliazed data [1].\n\nCall pskb_inet_may_pull() to fix this, and initialize ipv6h\nvariable after this call as it can change skb-\u003ehead.\n\n[1]\n BUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP6_ECN_decapsulate+0x7df/0x1e50 include/net/inet_ecn.h:321\n ip6ip6_dscp_ecn_decapsulate+0x178/0x1b0 net/ipv6/ip6_tunnel.c:727\n __ip6_tnl_rcv+0xd4e/0x1590 net/ipv6/ip6_tunnel.c:845\n ip6_tnl_rcv+0xce/0x100 net/ipv6/ip6_tunnel.c:888\n gre_rcv+0x143f/0x1870\n ip6_protocol_deliver_rcu+0xda6/0x2a60 net/ipv6/ip6_input.c:438\n ip6_input_finish net/ipv6/ip6_input.c:483 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_input+0x15d/0x430 net/ipv6/ip6_input.c:492\n ip6_mc_input+0xa7e/0xc80 net/ipv6/ip6_input.c:586\n dst_input include/net/dst.h:461 [inline]\n ip6_rcv_finish+0x5db/0x870 net/ipv6/ip6_input.c:79\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ipv6_rcv+0xda/0x390 net/ipv6/ip6_input.c:310\n __netif_receive_skb_one_core net/core/dev.c:5532 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5646\n netif_receive_skb_internal net/core/dev.c:5732 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5791\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1555\n tun_get_user+0x53af/0x66d0 drivers/net/tun.c:2002\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2084 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x786/0x1200 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787\n tun_alloc_skb drivers/net/tun.c:1531 [inline]\n tun_get_user+0x1e8a/0x66d0 drivers/net/tun.c:1846\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2048\n call_write_iter include/linux/fs.h:2084 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x786/0x1200 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 0 PID: 5034 Comm: syz-executor331 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26641",
"url": "https://www.suse.com/security/cve/CVE-2024-26641"
},
{
"category": "external",
"summary": "SUSE Bug 1221654 for CVE-2024-26641",
"url": "https://bugzilla.suse.com/1221654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26641"
},
{
"cve": "CVE-2024-26642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26642"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26642",
"url": "https://www.suse.com/security/cve/CVE-2024-26642"
},
{
"category": "external",
"summary": "SUSE Bug 1221830 for CVE-2024-26642",
"url": "https://bugzilla.suse.com/1221830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26642"
},
{
"cve": "CVE-2024-26643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26643"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout\n\nWhile the rhashtable set gc runs asynchronously, a race allows it to\ncollect elements from anonymous sets with timeouts while it is being\nreleased from the commit path.\n\nMingi Cho originally reported this issue in a different path in 6.1.x\nwith a pipapo set with low timeouts which is not possible upstream since\n7395dfacfff6 (\"netfilter: nf_tables: use timestamp to check for set\nelement timeout\").\n\nFix this by setting on the dead flag for anonymous sets to skip async gc\nin this case.\n\nAccording to 08e4c8c5919f (\"netfilter: nf_tables: mark newset as dead on\ntransaction abort\"), Florian plans to accelerate abort path by releasing\nobjects via workqueue, therefore, this sets on the dead flag for abort\npath too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26643",
"url": "https://www.suse.com/security/cve/CVE-2024-26643"
},
{
"category": "external",
"summary": "SUSE Bug 1221829 for CVE-2024-26643",
"url": "https://bugzilla.suse.com/1221829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26643"
},
{
"cve": "CVE-2024-26654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26654"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: sh: aica: reorder cleanup operations to avoid UAF bugs\n\nThe dreamcastcard-\u003etimer could schedule the spu_dma_work and the\nspu_dma_work could also arm the dreamcastcard-\u003etimer.\n\nWhen the snd_pcm_substream is closing, the aica_channel will be\ndeallocated. But it could still be dereferenced in the worker\nthread. The reason is that del_timer() will return directly\nregardless of whether the timer handler is running or not and\nthe worker could be rescheduled in the timer handler. As a result,\nthe UAF bug will happen. The racy situation is shown below:\n\n (Thread 1) | (Thread 2)\nsnd_aicapcm_pcm_close() |\n ... | run_spu_dma() //worker\n | mod_timer()\n flush_work() |\n del_timer() | aica_period_elapsed() //timer\n kfree(dreamcastcard-\u003echannel) | schedule_work()\n | run_spu_dma() //worker\n ... | dreamcastcard-\u003echannel-\u003e //USE\n\nIn order to mitigate this bug and other possible corner cases,\ncall mod_timer() conditionally in run_spu_dma(), then implement\nPCM sync_stop op to cancel both the timer and worker. The sync_stop\nop will be called from PCM core appropriately when needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26654",
"url": "https://www.suse.com/security/cve/CVE-2024-26654"
},
{
"category": "external",
"summary": "SUSE Bug 1222304 for CVE-2024-26654",
"url": "https://bugzilla.suse.com/1222304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26654"
},
{
"cve": "CVE-2024-26656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix use-after-free bug\n\nThe bug can be triggered by sending a single amdgpu_gem_userptr_ioctl\nto the AMDGPU DRM driver on any ASICs with an invalid address and size.\nThe bug was reported by Joonkyo Jung \u003cjoonkyoj@yonsei.ac.kr\u003e.\nFor example the following code:\n\nstatic void Syzkaller1(int fd)\n{\n\tstruct drm_amdgpu_gem_userptr arg;\n\tint ret;\n\n\targ.addr = 0xffffffffffff0000;\n\targ.size = 0x80000000; /*2 Gb*/\n\targ.flags = 0x7;\n\tret = drmIoctl(fd, 0xc1186451/*amdgpu_gem_userptr_ioctl*/, \u0026arg);\n}\n\nDue to the address and size are not valid there is a failure in\namdgpu_hmm_register-\u003emmu_interval_notifier_insert-\u003e__mmu_interval_notifier_insert-\u003e\ncheck_shl_overflow, but we even the amdgpu_hmm_register failure we still call\namdgpu_hmm_unregister into amdgpu_gem_object_free which causes access to a bad address.\nThe following stack is below when the issue is reproduced when Kazan is enabled:\n\n[ +0.000014] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020\n[ +0.000009] RIP: 0010:mmu_interval_notifier_remove+0x327/0x340\n[ +0.000017] Code: ff ff 49 89 44 24 08 48 b8 00 01 00 00 00 00 ad de 4c 89 f7 49 89 47 40 48 83 c0 22 49 89 47 48 e8 ce d1 2d 01 e9 32 ff ff ff \u003c0f\u003e 0b e9 16 ff ff ff 4c 89 ef e8 fa 14 b3 ff e9 36 ff ff ff e8 80\n[ +0.000014] RSP: 0018:ffffc90002657988 EFLAGS: 00010246\n[ +0.000013] RAX: 0000000000000000 RBX: 1ffff920004caf35 RCX: ffffffff8160565b\n[ +0.000011] RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffff8881a9f78260\n[ +0.000010] RBP: ffffc90002657a70 R08: 0000000000000001 R09: fffff520004caf25\n[ +0.000010] R10: 0000000000000003 R11: ffffffff8161d1d6 R12: ffff88810e988c00\n[ +0.000010] R13: ffff888126fb5a00 R14: ffff88810e988c0c R15: ffff8881a9f78260\n[ +0.000011] FS: 00007ff9ec848540(0000) GS:ffff8883cc880000(0000) knlGS:0000000000000000\n[ +0.000012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.000010] CR2: 000055b3f7e14328 CR3: 00000001b5770000 CR4: 0000000000350ef0\n[ +0.000010] Call Trace:\n[ +0.000006] \u003cTASK\u003e\n[ +0.000007] ? show_regs+0x6a/0x80\n[ +0.000018] ? __warn+0xa5/0x1b0\n[ +0.000019] ? mmu_interval_notifier_remove+0x327/0x340\n[ +0.000018] ? report_bug+0x24a/0x290\n[ +0.000022] ? handle_bug+0x46/0x90\n[ +0.000015] ? exc_invalid_op+0x19/0x50\n[ +0.000016] ? asm_exc_invalid_op+0x1b/0x20\n[ +0.000017] ? kasan_save_stack+0x26/0x50\n[ +0.000017] ? mmu_interval_notifier_remove+0x23b/0x340\n[ +0.000019] ? mmu_interval_notifier_remove+0x327/0x340\n[ +0.000019] ? mmu_interval_notifier_remove+0x23b/0x340\n[ +0.000020] ? __pfx_mmu_interval_notifier_remove+0x10/0x10\n[ +0.000017] ? kasan_save_alloc_info+0x1e/0x30\n[ +0.000018] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? __kasan_kmalloc+0xb1/0xc0\n[ +0.000018] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? __kasan_check_read+0x11/0x20\n[ +0.000020] amdgpu_hmm_unregister+0x34/0x50 [amdgpu]\n[ +0.004695] amdgpu_gem_object_free+0x66/0xa0 [amdgpu]\n[ +0.004534] ? __pfx_amdgpu_gem_object_free+0x10/0x10 [amdgpu]\n[ +0.004291] ? do_syscall_64+0x5f/0xe0\n[ +0.000023] ? srso_return_thunk+0x5/0x5f\n[ +0.000017] drm_gem_object_free+0x3b/0x50 [drm]\n[ +0.000489] amdgpu_gem_userptr_ioctl+0x306/0x500 [amdgpu]\n[ +0.004295] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004270] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? __this_cpu_preempt_check+0x13/0x20\n[ +0.000015] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? sysvec_apic_timer_interrupt+0x57/0xc0\n[ +0.000020] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20\n[ +0.000022] ? drm_ioctl_kernel+0x17b/0x1f0 [drm]\n[ +0.000496] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004272] ? drm_ioctl_kernel+0x190/0x1f0 [drm]\n[ +0.000492] drm_ioctl_kernel+0x140/0x1f0 [drm]\n[ +0.000497] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004297] ? __pfx_drm_ioctl_kernel+0x10/0x10 [d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26656",
"url": "https://www.suse.com/security/cve/CVE-2024-26656"
},
{
"category": "external",
"summary": "SUSE Bug 1222307 for CVE-2024-26656",
"url": "https://bugzilla.suse.com/1222307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26656"
},
{
"cve": "CVE-2024-26657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26657"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: fix null-ptr-deref in init entity\n\nThe bug can be triggered by sending an amdgpu_cs_wait_ioctl\nto the AMDGPU DRM driver on any ASICs with valid context.\nThe bug was reported by Joonkyo Jung \u003cjoonkyoj@yonsei.ac.kr\u003e.\nFor example the following code:\n\n static void Syzkaller2(int fd)\n {\n\tunion drm_amdgpu_ctx arg1;\n\tunion drm_amdgpu_wait_cs arg2;\n\n\targ1.in.op = AMDGPU_CTX_OP_ALLOC_CTX;\n\tret = drmIoctl(fd, 0x140106442 /* amdgpu_ctx_ioctl */, \u0026arg1);\n\n\targ2.in.handle = 0x0;\n\targ2.in.timeout = 0x2000000000000;\n\targ2.in.ip_type = AMD_IP_VPE /* 0x9 */;\n\targ2-\u003ein.ip_instance = 0x0;\n\targ2.in.ring = 0x0;\n\targ2.in.ctx_id = arg1.out.alloc.ctx_id;\n\n\tdrmIoctl(fd, 0xc0206449 /* AMDGPU_WAIT_CS * /, \u0026arg2);\n }\n\nThe ioctl AMDGPU_WAIT_CS without previously submitted job could be assumed that\nthe error should be returned, but the following commit 1decbf6bb0b4dc56c9da6c5e57b994ebfc2be3aa\nmodified the logic and allowed to have sched_rq equal to NULL.\n\nAs a result when there is no job the ioctl AMDGPU_WAIT_CS returns success.\nThe change fixes null-ptr-deref in init entity and the stack below demonstrates\nthe error condition:\n\n[ +0.000007] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[ +0.007086] #PF: supervisor read access in kernel mode\n[ +0.005234] #PF: error_code(0x0000) - not-present page\n[ +0.005232] PGD 0 P4D 0\n[ +0.002501] Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI\n[ +0.005034] CPU: 10 PID: 9229 Comm: amd_basic Tainted: G B W L 6.7.0+ #4\n[ +0.007797] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020\n[ +0.009798] RIP: 0010:drm_sched_entity_init+0x2d3/0x420 [gpu_sched]\n[ +0.006426] Code: 80 00 00 00 00 00 00 00 e8 1a 81 82 e0 49 89 9c 24 c0 00 00 00 4c 89 ef e8 4a 80 82 e0 49 8b 5d 00 48 8d 7b 28 e8 3d 80 82 e0 \u003c48\u003e 83 7b 28 00 0f 84 28 01 00 00 4d 8d ac 24 98 00 00 00 49 8d 5c\n[ +0.019094] RSP: 0018:ffffc90014c1fa40 EFLAGS: 00010282\n[ +0.005237] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8113f3fa\n[ +0.007326] RDX: fffffbfff0a7889d RSI: 0000000000000008 RDI: ffffffff853c44e0\n[ +0.007264] RBP: ffffc90014c1fa80 R08: 0000000000000001 R09: fffffbfff0a7889c\n[ +0.007266] R10: ffffffff853c44e7 R11: 0000000000000001 R12: ffff8881a719b010\n[ +0.007263] R13: ffff88810d412748 R14: 0000000000000002 R15: 0000000000000000\n[ +0.007264] FS: 00007ffff7045540(0000) GS:ffff8883cc900000(0000) knlGS:0000000000000000\n[ +0.008236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.005851] CR2: 0000000000000028 CR3: 000000011912e000 CR4: 0000000000350ef0\n[ +0.007175] Call Trace:\n[ +0.002561] \u003cTASK\u003e\n[ +0.002141] ? show_regs+0x6a/0x80\n[ +0.003473] ? __die+0x25/0x70\n[ +0.003124] ? page_fault_oops+0x214/0x720\n[ +0.004179] ? preempt_count_sub+0x18/0xc0\n[ +0.004093] ? __pfx_page_fault_oops+0x10/0x10\n[ +0.004590] ? srso_return_thunk+0x5/0x5f\n[ +0.004000] ? vprintk_default+0x1d/0x30\n[ +0.004063] ? srso_return_thunk+0x5/0x5f\n[ +0.004087] ? vprintk+0x5c/0x90\n[ +0.003296] ? drm_sched_entity_init+0x2d3/0x420 [gpu_sched]\n[ +0.005807] ? srso_return_thunk+0x5/0x5f\n[ +0.004090] ? _printk+0xb3/0xe0\n[ +0.003293] ? __pfx__printk+0x10/0x10\n[ +0.003735] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20\n[ +0.005482] ? do_user_addr_fault+0x345/0x770\n[ +0.004361] ? exc_page_fault+0x64/0xf0\n[ +0.003972] ? asm_exc_page_fault+0x27/0x30\n[ +0.004271] ? add_taint+0x2a/0xa0\n[ +0.003476] ? drm_sched_entity_init+0x2d3/0x420 [gpu_sched]\n[ +0.005812] amdgpu_ctx_get_entity+0x3f9/0x770 [amdgpu]\n[ +0.009530] ? finish_task_switch.isra.0+0x129/0x470\n[ +0.005068] ? __pfx_amdgpu_ctx_get_entity+0x10/0x10 [amdgpu]\n[ +0.010063] ? __kasan_check_write+0x14/0x20\n[ +0.004356] ? srso_return_thunk+0x5/0x5f\n[ +0.004001] ? mutex_unlock+0x81/0xd0\n[ +0.003802] ? srso_return_thunk+0x5/0x5f\n[ +0.004096] amdgpu_cs_wait_ioctl+0xf6/0x270 [amdgpu]\n[ +0.009355] ? __pfx_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26657",
"url": "https://www.suse.com/security/cve/CVE-2024-26657"
},
{
"category": "external",
"summary": "SUSE Bug 1222273 for CVE-2024-26657",
"url": "https://bugzilla.suse.com/1222273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26657"
},
{
"cve": "CVE-2024-26663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: Check the bearer type before calling tipc_udp_nl_bearer_add()\n\nsyzbot reported the following general protection fault [1]:\n\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000010: 0000 [#1] PREEMPT SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000080-0x0000000000000087]\n...\nRIP: 0010:tipc_udp_is_known_peer+0x9c/0x250 net/tipc/udp_media.c:291\n...\nCall Trace:\n \u003cTASK\u003e\n tipc_udp_nl_bearer_add+0x212/0x2f0 net/tipc/udp_media.c:646\n tipc_nl_bearer_add+0x21e/0x360 net/tipc/bearer.c:1089\n genl_family_rcv_msg_doit+0x1fc/0x2e0 net/netlink/genetlink.c:972\n genl_family_rcv_msg net/netlink/genetlink.c:1052 [inline]\n genl_rcv_msg+0x561/0x800 net/netlink/genetlink.c:1067\n netlink_rcv_skb+0x16b/0x440 net/netlink/af_netlink.c:2544\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1076\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x53b/0x810 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0x8b7/0xd70 net/netlink/af_netlink.c:1909\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0xd5/0x180 net/socket.c:745\n ____sys_sendmsg+0x6ac/0x940 net/socket.c:2584\n ___sys_sendmsg+0x135/0x1d0 net/socket.c:2638\n __sys_sendmsg+0x117/0x1e0 net/socket.c:2667\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nThe cause of this issue is that when tipc_nl_bearer_add() is called with\nthe TIPC_NLA_BEARER_UDP_OPTS attribute, tipc_udp_nl_bearer_add() is called\neven if the bearer is not UDP.\n\ntipc_udp_is_known_peer() called by tipc_udp_nl_bearer_add() assumes that\nthe media_ptr field of the tipc_bearer has an udp_bearer type object, so\nthe function goes crazy for non-UDP bearers.\n\nThis patch fixes the issue by checking the bearer type before calling\ntipc_udp_nl_bearer_add() in tipc_nl_bearer_add().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26663",
"url": "https://www.suse.com/security/cve/CVE-2024-26663"
},
{
"category": "external",
"summary": "SUSE Bug 1222326 for CVE-2024-26663",
"url": "https://bugzilla.suse.com/1222326"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26663"
},
{
"cve": "CVE-2024-26665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntunnels: fix out of bounds access when building IPv6 PMTU error\n\nIf the ICMPv6 error is built from a non-linear skb we get the following\nsplat,\n\n BUG: KASAN: slab-out-of-bounds in do_csum+0x220/0x240\n Read of size 4 at addr ffff88811d402c80 by task netperf/820\n CPU: 0 PID: 820 Comm: netperf Not tainted 6.8.0-rc1+ #543\n ...\n kasan_report+0xd8/0x110\n do_csum+0x220/0x240\n csum_partial+0xc/0x20\n skb_tunnel_check_pmtu+0xeb9/0x3280\n vxlan_xmit_one+0x14c2/0x4080\n vxlan_xmit+0xf61/0x5c00\n dev_hard_start_xmit+0xfb/0x510\n __dev_queue_xmit+0x7cd/0x32a0\n br_dev_queue_push_xmit+0x39d/0x6a0\n\nUse skb_checksum instead of csum_partial who cannot deal with non-linear\nSKBs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26665",
"url": "https://www.suse.com/security/cve/CVE-2024-26665"
},
{
"category": "external",
"summary": "SUSE Bug 1222328 for CVE-2024-26665",
"url": "https://bugzilla.suse.com/1222328"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26665"
},
{
"cve": "CVE-2024-26671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26671",
"url": "https://www.suse.com/security/cve/CVE-2024-26671"
},
{
"category": "external",
"summary": "SUSE Bug 1222357 for CVE-2024-26671",
"url": "https://bugzilla.suse.com/1222357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26671"
},
{
"cve": "CVE-2024-26673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations\n\n- Disallow families other than NFPROTO_{IPV4,IPV6,INET}.\n- Disallow layer 4 protocol with no ports, since destination port is a\n mandatory attribute for this object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26673",
"url": "https://www.suse.com/security/cve/CVE-2024-26673"
},
{
"category": "external",
"summary": "SUSE Bug 1222368 for CVE-2024-26673",
"url": "https://bugzilla.suse.com/1222368"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26673"
},
{
"cve": "CVE-2024-26674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups\n\nDuring memory error injection test on kernels \u003e= v6.4, the kernel panics\nlike below. However, this issue couldn\u0027t be reproduced on kernels \u003c= v6.3.\n\n mce: [Hardware Error]: CPU 296: Machine Check Exception: f Bank 1: bd80000000100134\n mce: [Hardware Error]: RIP 10:\u003cffffffff821b9776\u003e {__get_user_nocheck_4+0x6/0x20}\n mce: [Hardware Error]: TSC 411a93533ed ADDR 346a8730040 MISC 86\n mce: [Hardware Error]: PROCESSOR 0:a06d0 TIME 1706000767 SOCKET 1 APIC 211 microcode 80001490\n mce: [Hardware Error]: Run the above through \u0027mcelog --ascii\u0027\n mce: [Hardware Error]: Machine check: Data load in unrecoverable area of kernel\n Kernel panic - not syncing: Fatal local machine check\n\nThe MCA code can recover from an in-kernel #MC if the fixup type is\nEX_TYPE_UACCESS, explicitly indicating that the kernel is attempting to\naccess userspace memory. However, if the fixup type is EX_TYPE_DEFAULT\nthe only thing that is raised for an in-kernel #MC is a panic.\n\nex_handler_uaccess() would warn if users gave a non-canonical addresses\n(with bit 63 clear) to {get, put}_user(), which was unexpected.\n\nTherefore, commit\n\n b19b74bc99b1 (\"x86/mm: Rework address range check in get_user() and put_user()\")\n\nreplaced _ASM_EXTABLE_UA() with _ASM_EXTABLE() for {get, put}_user()\nfixups. However, the new fixup type EX_TYPE_DEFAULT results in a panic.\n\nCommit\n\n 6014bc27561f (\"x86-64: make access_ok() independent of LAM\")\n\nadded the check gp_fault_address_ok() right before the WARN_ONCE() in\nex_handler_uaccess() to not warn about non-canonical user addresses due\nto LAM.\n\nWith that in place, revert back to _ASM_EXTABLE_UA() for {get,put}_user()\nexception fixups in order to be able to handle in-kernel MCEs correctly\nagain.\n\n [ bp: Massage commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26674",
"url": "https://www.suse.com/security/cve/CVE-2024-26674"
},
{
"category": "external",
"summary": "SUSE Bug 1222378 for CVE-2024-26674",
"url": "https://bugzilla.suse.com/1222378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26674"
},
{
"cve": "CVE-2024-26676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Call kfree_skb() for dead unix_(sk)-\u003eoob_skb in GC.\n\nsyzbot reported a warning [0] in __unix_gc() with a repro, which\ncreates a socketpair and sends one socket\u0027s fd to itself using the\npeer.\n\n socketpair(AF_UNIX, SOCK_STREAM, 0, [3, 4]) = 0\n sendmsg(4, {msg_name=NULL, msg_namelen=0, msg_iov=[{iov_base=\"\\360\", iov_len=1}],\n msg_iovlen=1, msg_control=[{cmsg_len=20, cmsg_level=SOL_SOCKET,\n cmsg_type=SCM_RIGHTS, cmsg_data=[3]}],\n msg_controllen=24, msg_flags=0}, MSG_OOB|MSG_PROBE|MSG_DONTWAIT|MSG_ZEROCOPY) = 1\n\nThis forms a self-cyclic reference that GC should finally untangle\nbut does not due to lack of MSG_OOB handling, resulting in memory\nleak.\n\nRecently, commit 11498715f266 (\"af_unix: Remove io_uring code for\nGC.\") removed io_uring\u0027s dead code in GC and revealed the problem.\n\nThe code was executed at the final stage of GC and unconditionally\nmoved all GC candidates from gc_candidates to gc_inflight_list.\nThat papered over the reported problem by always making the following\nWARN_ON_ONCE(!list_empty(\u0026gc_candidates)) false.\n\nThe problem has been there since commit 2aab4b969002 (\"af_unix: fix\nstruct pid leaks in OOB support\") added full scm support for MSG_OOB\nwhile fixing another bug.\n\nTo fix this problem, we must call kfree_skb() for unix_sk(sk)-\u003eoob_skb\nif the socket still exists in gc_candidates after purging collected skb.\n\nThen, we need to set NULL to oob_skb before calling kfree_skb() because\nit calls last fput() and triggers unix_release_sock(), where we call\nduplicate kfree_skb(u-\u003eoob_skb) if not NULL.\n\nNote that the leaked socket remained being linked to a global list, so\nkmemleak also could not detect it. We need to check /proc/net/protocol\nto notice the unfreed socket.\n\n[0]:\nWARNING: CPU: 0 PID: 2863 at net/unix/garbage.c:345 __unix_gc+0xc74/0xe80 net/unix/garbage.c:345\nModules linked in:\nCPU: 0 PID: 2863 Comm: kworker/u4:11 Not tainted 6.8.0-rc1-syzkaller-00583-g1701940b1a02 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nWorkqueue: events_unbound __unix_gc\nRIP: 0010:__unix_gc+0xc74/0xe80 net/unix/garbage.c:345\nCode: 8b 5c 24 50 e9 86 f8 ff ff e8 f8 e4 22 f8 31 d2 48 c7 c6 30 6a 69 89 4c 89 ef e8 97 ef ff ff e9 80 f9 ff ff e8 dd e4 22 f8 90 \u003c0f\u003e 0b 90 e9 7b fd ff ff 48 89 df e8 5c e7 7c f8 e9 d3 f8 ff ff e8\nRSP: 0018:ffffc9000b03fba0 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffffc9000b03fc10 RCX: ffffffff816c493e\nRDX: ffff88802c02d940 RSI: ffffffff896982f3 RDI: ffffc9000b03fb30\nRBP: ffffc9000b03fce0 R08: 0000000000000001 R09: fffff52001607f66\nR10: 0000000000000003 R11: 0000000000000002 R12: dffffc0000000000\nR13: ffffc9000b03fc10 R14: ffffc9000b03fc10 R15: 0000000000000001\nFS: 0000000000000000(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00005559c8677a60 CR3: 000000000d57a000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n process_one_work+0x889/0x15e0 kernel/workqueue.c:2633\n process_scheduled_works kernel/workqueue.c:2706 [inline]\n worker_thread+0x8b9/0x12a0 kernel/workqueue.c:2787\n kthread+0x2c6/0x3b0 kernel/kthread.c:388\n ret_from_fork+0x45/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:242\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26676",
"url": "https://www.suse.com/security/cve/CVE-2024-26676"
},
{
"category": "external",
"summary": "SUSE Bug 1222380 for CVE-2024-26676",
"url": "https://bugzilla.suse.com/1222380"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26676"
},
{
"cve": "CVE-2024-26679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: read sk-\u003esk_family once in inet_recv_error()\n\ninet_recv_error() is called without holding the socket lock.\n\nIPv6 socket could mutate to IPv4 with IPV6_ADDRFORM\nsocket option and trigger a KCSAN warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26679",
"url": "https://www.suse.com/security/cve/CVE-2024-26679"
},
{
"category": "external",
"summary": "SUSE Bug 1222385 for CVE-2024-26679",
"url": "https://bugzilla.suse.com/1222385"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26679"
},
{
"cve": "CVE-2024-26684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: xgmac: fix handling of DPP safety error for DMA channels\n\nCommit 56e58d6c8a56 (\"net: stmmac: Implement Safety Features in\nXGMAC core\") checks and reports safety errors, but leaves the\nData Path Parity Errors for each channel in DMA unhandled at all, lead to\na storm of interrupt.\nFix it by checking and clearing the DMA_DPP_Interrupt_Status register.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26684",
"url": "https://www.suse.com/security/cve/CVE-2024-26684"
},
{
"category": "external",
"summary": "SUSE Bug 1222445 for CVE-2024-26684",
"url": "https://bugzilla.suse.com/1222445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26684"
},
{
"cve": "CVE-2024-26685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26685"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential bug in end_buffer_async_write\n\nAccording to a syzbot report, end_buffer_async_write(), which handles the\ncompletion of block device writes, may detect abnormal condition of the\nbuffer async_write flag and cause a BUG_ON failure when using nilfs2.\n\nNilfs2 itself does not use end_buffer_async_write(). But, the async_write\nflag is now used as a marker by commit 7f42ec394156 (\"nilfs2: fix issue\nwith race condition of competition between segments for dirty blocks\") as\na means of resolving double list insertion of dirty blocks in\nnilfs_lookup_dirty_data_buffers() and nilfs_lookup_node_buffers() and the\nresulting crash.\n\nThis modification is safe as long as it is used for file data and b-tree\nnode blocks where the page caches are independent. However, it was\nirrelevant and redundant to also introduce async_write for segment summary\nand super root blocks that share buffers with the backing device. This\nled to the possibility that the BUG_ON check in end_buffer_async_write\nwould fail as described above, if independent writebacks of the backing\ndevice occurred in parallel.\n\nThe use of async_write for segment summary buffers has already been\nremoved in a previous change.\n\nFix this issue by removing the manipulation of the async_write flag for\nthe remaining super root block buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26685",
"url": "https://www.suse.com/security/cve/CVE-2024-26685"
},
{
"category": "external",
"summary": "SUSE Bug 1222437 for CVE-2024-26685",
"url": "https://bugzilla.suse.com/1222437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26685"
},
{
"cve": "CVE-2024-26691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: arm64: Fix circular locking dependency\n\nThe rule inside kvm enforces that the vcpu-\u003emutex is taken *inside*\nkvm-\u003elock. The rule is violated by the pkvm_create_hyp_vm() which acquires\nthe kvm-\u003elock while already holding the vcpu-\u003emutex lock from\nkvm_vcpu_ioctl(). Avoid the circular locking dependency altogether by\nprotecting the hyp vm handle with the config_lock, much like we already\ndo for other forms of VM-scoped data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26691",
"url": "https://www.suse.com/security/cve/CVE-2024-26691"
},
{
"category": "external",
"summary": "SUSE Bug 1222463 for CVE-2024-26691",
"url": "https://bugzilla.suse.com/1222463"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26691"
},
{
"cve": "CVE-2024-26692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Fix regression in writes when non-standard maximum write size negotiated\n\nThe conversion to netfs in the 6.3 kernel caused a regression when\nmaximum write size is set by the server to an unexpected value which is\nnot a multiple of 4096 (similarly if the user overrides the maximum\nwrite size by setting mount parm \"wsize\", but sets it to a value that\nis not a multiple of 4096). When negotiated write size is not a\nmultiple of 4096 the netfs code can skip the end of the final\npage when doing large sequential writes, causing data corruption.\n\nThis section of code is being rewritten/removed due to a large\nnetfs change, but until that point (ie for the 6.3 kernel until now)\nwe can not support non-standard maximum write sizes.\n\nAdd a warning if a user specifies a wsize on mount that is not\na multiple of 4096 (and round down), also add a change where we\nround down the maximum write size if the server negotiates a value\nthat is not a multiple of 4096 (we also have to check to make sure that\nwe do not round it down to zero).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26692",
"url": "https://www.suse.com/security/cve/CVE-2024-26692"
},
{
"category": "external",
"summary": "SUSE Bug 1222464 for CVE-2024-26692",
"url": "https://bugzilla.suse.com/1222464"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26692"
},
{
"cve": "CVE-2024-26704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double-free of blocks due to wrong extents moved_len\n\nIn ext4_move_extents(), moved_len is only updated when all moves are\nsuccessfully executed, and only discards orig_inode and donor_inode\npreallocations when moved_len is not zero. When the loop fails to exit\nafter successfully moving some extents, moved_len is not updated and\nremains at 0, so it does not discard the preallocations.\n\nIf the moved extents overlap with the preallocated extents, the\noverlapped extents are freed twice in ext4_mb_release_inode_pa() and\next4_process_freed_data() (as described in commit 94d7c16cbbbd (\"ext4:\nFix double-free of blocks with EXT4_IOC_MOVE_EXT\")), and bb_free is\nincremented twice. Hence when trim is executed, a zero-division bug is\ntriggered in mb_update_avg_fragment_size() because bb_free is not zero\nand bb_fragments is zero.\n\nTherefore, update move_len after each extent move to avoid the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26704",
"url": "https://www.suse.com/security/cve/CVE-2024-26704"
},
{
"category": "external",
"summary": "SUSE Bug 1222422 for CVE-2024-26704",
"url": "https://bugzilla.suse.com/1222422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26704"
},
{
"cve": "CVE-2024-26714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: qcom: sc8180x: Mark CO0 BCM keepalive\n\nThe CO0 BCM needs to be up at all times, otherwise some hardware (like\nthe UFS controller) loses its connection to the rest of the SoC,\nresulting in a hang of the platform, accompanied by a spectacular\nlogspam.\n\nMark it as keepalive to prevent such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26714",
"url": "https://www.suse.com/security/cve/CVE-2024-26714"
},
{
"category": "external",
"summary": "SUSE Bug 1222489 for CVE-2024-26714",
"url": "https://bugzilla.suse.com/1222489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26714"
},
{
"cve": "CVE-2024-26726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don\u0027t drop extent_map for free space inode on write error\n\nWhile running the CI for an unrelated change I hit the following panic\nwith generic/648 on btrfs_holes_spacecache.\n\nassertion failed: block_start != EXTENT_MAP_HOLE, in fs/btrfs/extent_io.c:1385\n------------[ cut here ]------------\nkernel BUG at fs/btrfs/extent_io.c:1385!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 1 PID: 2695096 Comm: fsstress Kdump: loaded Tainted: G W 6.8.0-rc2+ #1\nRIP: 0010:__extent_writepage_io.constprop.0+0x4c1/0x5c0\nCall Trace:\n \u003cTASK\u003e\n extent_write_cache_pages+0x2ac/0x8f0\n extent_writepages+0x87/0x110\n do_writepages+0xd5/0x1f0\n filemap_fdatawrite_wbc+0x63/0x90\n __filemap_fdatawrite_range+0x5c/0x80\n btrfs_fdatawrite_range+0x1f/0x50\n btrfs_write_out_cache+0x507/0x560\n btrfs_write_dirty_block_groups+0x32a/0x420\n commit_cowonly_roots+0x21b/0x290\n btrfs_commit_transaction+0x813/0x1360\n btrfs_sync_file+0x51a/0x640\n __x64_sys_fdatasync+0x52/0x90\n do_syscall_64+0x9c/0x190\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nThis happens because we fail to write out the free space cache in one\ninstance, come back around and attempt to write it again. However on\nthe second pass through we go to call btrfs_get_extent() on the inode to\nget the extent mapping. Because this is a new block group, and with the\nfree space inode we always search the commit root to avoid deadlocking\nwith the tree, we find nothing and return a EXTENT_MAP_HOLE for the\nrequested range.\n\nThis happens because the first time we try to write the space cache out\nwe hit an error, and on an error we drop the extent mapping. This is\nnormal for normal files, but the free space cache inode is special. We\nalways expect the extent map to be correct. Thus the second time\nthrough we end up with a bogus extent map.\n\nSince we\u0027re deprecating this feature, the most straightforward way to\nfix this is to simply skip dropping the extent map range for this failed\nrange.\n\nI shortened the test by using error injection to stress the area to make\nit easier to reproduce. With this patch in place we no longer panic\nwith my error injection test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26726",
"url": "https://www.suse.com/security/cve/CVE-2024-26726"
},
{
"category": "external",
"summary": "SUSE Bug 1222532 for CVE-2024-26726",
"url": "https://bugzilla.suse.com/1222532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26726"
},
{
"cve": "CVE-2024-26731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()\n\nsyzbot reported the following NULL pointer dereference issue [1]:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n [...]\n RIP: 0010:0x0\n [...]\n Call Trace:\n \u003cTASK\u003e\n sk_psock_verdict_data_ready+0x232/0x340 net/core/skmsg.c:1230\n unix_stream_sendmsg+0x9b4/0x1230 net/unix/af_unix.c:2293\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nIf sk_psock_verdict_data_ready() and sk_psock_stop_verdict() are called\nconcurrently, psock-\u003esaved_data_ready can be NULL, causing the above issue.\n\nThis patch fixes this issue by calling the appropriate data ready function\nusing the sk_psock_data_ready() helper and protecting it from concurrency\nwith sk-\u003esk_callback_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26731",
"url": "https://www.suse.com/security/cve/CVE-2024-26731"
},
{
"category": "external",
"summary": "SUSE Bug 1222371 for CVE-2024-26731",
"url": "https://bugzilla.suse.com/1222371"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26731"
},
{
"cve": "CVE-2024-26733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: Prevent overflow in arp_req_get().\n\nsyzkaller reported an overflown write in arp_req_get(). [0]\n\nWhen ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour\nentry and copies neigh-\u003eha to struct arpreq.arp_ha.sa_data.\n\nThe arp_ha here is struct sockaddr, not struct sockaddr_storage, so\nthe sa_data buffer is just 14 bytes.\n\nIn the splat below, 2 bytes are overflown to the next int field,\narp_flags. We initialise the field just after the memcpy(), so it\u0027s\nnot a problem.\n\nHowever, when dev-\u003eaddr_len is greater than 22 (e.g. MAX_ADDR_LEN),\narp_netmask is overwritten, which could be set as htonl(0xFFFFFFFFUL)\nin arp_ioctl() before calling arp_req_get().\n\nTo avoid the overflow, let\u0027s limit the max length of memcpy().\n\nNote that commit b5f0de6df6dc (\"net: dev: Convert sa_data to flexible\narray in struct sockaddr\") just silenced syzkaller.\n\n[0]:\nmemcpy: detected field-spanning write (size 16) of single field \"r-\u003earp_ha.sa_data\" at net/ipv4/arp.c:1128 (size 14)\nWARNING: CPU: 0 PID: 144638 at net/ipv4/arp.c:1128 arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nModules linked in:\nCPU: 0 PID: 144638 Comm: syz-executor.4 Not tainted 6.1.74 #31\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014\nRIP: 0010:arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nCode: fd ff ff e8 41 42 de fb b9 0e 00 00 00 4c 89 fe 48 c7 c2 20 6d ab 87 48 c7 c7 80 6d ab 87 c6 05 25 af 72 04 01 e8 5f 8d ad fb \u003c0f\u003e 0b e9 6c fd ff ff e8 13 42 de fb be 03 00 00 00 4c 89 e7 e8 a6\nRSP: 0018:ffffc900050b7998 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88803a815000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff8641a44a RDI: 0000000000000001\nRBP: ffffc900050b7a98 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 203a7970636d656d R12: ffff888039c54000\nR13: 1ffff92000a16f37 R14: ffff88803a815084 R15: 0000000000000010\nFS: 00007f172bf306c0(0000) GS:ffff88805aa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f172b3569f0 CR3: 0000000057f12005 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n arp_ioctl+0x33f/0x4b0 net/ipv4/arp.c:1261\n inet_ioctl+0x314/0x3a0 net/ipv4/af_inet.c:981\n sock_do_ioctl+0xdf/0x260 net/socket.c:1204\n sock_ioctl+0x3ef/0x650 net/socket.c:1321\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18e/0x220 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x64/0xce\nRIP: 0033:0x7f172b262b8d\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f172bf300b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f172b3abf80 RCX: 00007f172b262b8d\nRDX: 0000000020000000 RSI: 0000000000008954 RDI: 0000000000000003\nRBP: 00007f172b2d3493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007f172b3abf80 R15: 00007f172bf10000\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26733",
"url": "https://www.suse.com/security/cve/CVE-2024-26733"
},
{
"category": "external",
"summary": "SUSE Bug 1222585 for CVE-2024-26733",
"url": "https://bugzilla.suse.com/1222585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26733"
},
{
"cve": "CVE-2024-26734",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26734"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndevlink: fix possible use-after-free and memory leaks in devlink_init()\n\nThe pernet operations structure for the subsystem must be registered\nbefore registering the generic netlink family.\n\nMake an unregister in case of unsuccessful registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26734",
"url": "https://www.suse.com/security/cve/CVE-2024-26734"
},
{
"category": "external",
"summary": "SUSE Bug 1222438 for CVE-2024-26734",
"url": "https://bugzilla.suse.com/1222438"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26734"
},
{
"cve": "CVE-2024-26737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26737"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel\n\nThe following race is possible between bpf_timer_cancel_and_free\nand bpf_timer_cancel. It will lead a UAF on the timer-\u003etimer.\n\nbpf_timer_cancel();\n\tspin_lock();\n\tt = timer-\u003etime;\n\tspin_unlock();\n\n\t\t\t\t\tbpf_timer_cancel_and_free();\n\t\t\t\t\t\tspin_lock();\n\t\t\t\t\t\tt = timer-\u003etimer;\n\t\t\t\t\t\ttimer-\u003etimer = NULL;\n\t\t\t\t\t\tspin_unlock();\n\t\t\t\t\t\thrtimer_cancel(\u0026t-\u003etimer);\n\t\t\t\t\t\tkfree(t);\n\n\t/* UAF on t */\n\thrtimer_cancel(\u0026t-\u003etimer);\n\nIn bpf_timer_cancel_and_free, this patch frees the timer-\u003etimer\nafter a rcu grace period. This requires a rcu_head addition\nto the \"struct bpf_hrtimer\". Another kfree(t) happens in bpf_timer_init,\nthis does not need a kfree_rcu because it is still under the\nspin_lock and timer-\u003etimer has not been visible by others yet.\n\nIn bpf_timer_cancel, rcu_read_lock() is added because this helper\ncan be used in a non rcu critical section context (e.g. from\na sleepable bpf prog). Other timer-\u003etimer usages in helpers.c\nhave been audited, bpf_timer_cancel() is the only place where\ntimer-\u003etimer is used outside of the spin_lock.\n\nAnother solution considered is to mark a t-\u003eflag in bpf_timer_cancel\nand clear it after hrtimer_cancel() is done. In bpf_timer_cancel_and_free,\nit busy waits for the flag to be cleared before kfree(t). This patch\ngoes with a straight forward solution and frees timer-\u003etimer after\na rcu grace period.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26737",
"url": "https://www.suse.com/security/cve/CVE-2024-26737"
},
{
"category": "external",
"summary": "SUSE Bug 1222557 for CVE-2024-26737",
"url": "https://bugzilla.suse.com/1222557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26737"
},
{
"cve": "CVE-2024-26739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don\u0027t override retval if we already lost the skb\n\nIf we\u0027re redirecting the skb, and haven\u0027t called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26739",
"url": "https://www.suse.com/security/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "SUSE Bug 1222559 for CVE-2024-26739",
"url": "https://bugzilla.suse.com/1222559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: use the backlog for mirred ingress\n\nThe test Davide added in commit ca22da2fbd69 (\"act_mirred: use the backlog\nfor nested calls to mirred ingress\") hangs our testing VMs every 10 or so\nruns, with the familiar tcp_v4_rcv -\u003e tcp_v4_rcv deadlock reported by\nlockdep.\n\nThe problem as previously described by Davide (see Link) is that\nif we reverse flow of traffic with the redirect (egress -\u003e ingress)\nwe may reach the same socket which generated the packet. And we may\nstill be holding its socket lock. The common solution to such deadlocks\nis to put the packet in the Rx backlog, rather than run the Rx path\ninline. Do that for all egress -\u003e ingress reversals, not just once\nwe started to nest mirred calls.\n\nIn the past there was a concern that the backlog indirection will\nlead to loss of error reporting / less accurate stats. But the current\nworkaround does not seem to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26740",
"url": "https://www.suse.com/security/cve/CVE-2024-26740"
},
{
"category": "external",
"summary": "SUSE Bug 1222563 for CVE-2024-26740",
"url": "https://bugzilla.suse.com/1222563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26740"
},
{
"cve": "CVE-2024-26742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: smartpqi: Fix disable_managed_interrupts\n\nCorrect blk-mq registration issue with module parameter\ndisable_managed_interrupts enabled.\n\nWhen we turn off the default PCI_IRQ_AFFINITY flag, the driver needs to\nregister with blk-mq using blk_mq_map_queues(). The driver is currently\ncalling blk_mq_pci_map_queues() which results in a stack trace and possibly\nundefined behavior.\n\nStack Trace:\n[ 7.860089] scsi host2: smartpqi\n[ 7.871934] WARNING: CPU: 0 PID: 238 at block/blk-mq-pci.c:52 blk_mq_pci_map_queues+0xca/0xd0\n[ 7.889231] Modules linked in: sd_mod t10_pi sg uas smartpqi(+) crc32c_intel scsi_transport_sas usb_storage dm_mirror dm_region_hash dm_log dm_mod ipmi_devintf ipmi_msghandler fuse\n[ 7.924755] CPU: 0 PID: 238 Comm: kworker/0:3 Not tainted 4.18.0-372.88.1.el8_6_smartpqi_test.x86_64 #1\n[ 7.944336] Hardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 03/08/2022\n[ 7.963026] Workqueue: events work_for_cpu_fn\n[ 7.978275] RIP: 0010:blk_mq_pci_map_queues+0xca/0xd0\n[ 7.978278] Code: 48 89 de 89 c7 e8 f6 0f 4f 00 3b 05 c4 b7 8e 01 72 e1 5b 31 c0 5d 41 5c 41 5d 41 5e 41 5f e9 7d df 73 00 31 c0 e9 76 df 73 00 \u003c0f\u003e 0b eb bc 90 90 0f 1f 44 00 00 41 57 49 89 ff 41 56 41 55 41 54\n[ 7.978280] RSP: 0018:ffffa95fc3707d50 EFLAGS: 00010216\n[ 7.978283] RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 0000000000000010\n[ 7.978284] RDX: 0000000000000004 RSI: 0000000000000000 RDI: ffff9190c32d4310\n[ 7.978286] RBP: 0000000000000000 R08: ffffa95fc3707d38 R09: ffff91929b81ac00\n[ 7.978287] R10: 0000000000000001 R11: ffffa95fc3707ac0 R12: 0000000000000000\n[ 7.978288] R13: ffff9190c32d4000 R14: 00000000ffffffff R15: ffff9190c4c950a8\n[ 7.978290] FS: 0000000000000000(0000) GS:ffff9193efc00000(0000) knlGS:0000000000000000\n[ 7.978292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.172814] CR2: 000055d11166c000 CR3: 00000002dae10002 CR4: 00000000007706f0\n[ 8.172816] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 8.172817] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 8.172818] PKRU: 55555554\n[ 8.172819] Call Trace:\n[ 8.172823] blk_mq_alloc_tag_set+0x12e/0x310\n[ 8.264339] scsi_add_host_with_dma.cold.9+0x30/0x245\n[ 8.279302] pqi_ctrl_init+0xacf/0xc8e [smartpqi]\n[ 8.294085] ? pqi_pci_probe+0x480/0x4c8 [smartpqi]\n[ 8.309015] pqi_pci_probe+0x480/0x4c8 [smartpqi]\n[ 8.323286] local_pci_probe+0x42/0x80\n[ 8.337855] work_for_cpu_fn+0x16/0x20\n[ 8.351193] process_one_work+0x1a7/0x360\n[ 8.364462] ? create_worker+0x1a0/0x1a0\n[ 8.379252] worker_thread+0x1ce/0x390\n[ 8.392623] ? create_worker+0x1a0/0x1a0\n[ 8.406295] kthread+0x10a/0x120\n[ 8.418428] ? set_kthread_struct+0x50/0x50\n[ 8.431532] ret_from_fork+0x1f/0x40\n[ 8.444137] ---[ end trace 1bf0173d39354506 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26742",
"url": "https://www.suse.com/security/cve/CVE-2024-26742"
},
{
"category": "external",
"summary": "SUSE Bug 1222608 for CVE-2024-26742",
"url": "https://bugzilla.suse.com/1222608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26742"
},
{
"cve": "CVE-2024-26750",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26750"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Drop oob_skb ref before purging queue in GC.\n\nsyzbot reported another task hung in __unix_gc(). [0]\n\nThe current while loop assumes that all of the left candidates\nhave oob_skb and calling kfree_skb(oob_skb) releases the remaining\ncandidates.\n\nHowever, I missed a case that oob_skb has self-referencing fd and\nanother fd and the latter sk is placed before the former in the\ncandidate list. Then, the while loop never proceeds, resulting\nthe task hung.\n\n__unix_gc() has the same loop just before purging the collected skb,\nso we can call kfree_skb(oob_skb) there and let __skb_queue_purge()\nrelease all inflight sockets.\n\n[0]:\nSending NMI from CPU 0 to CPUs 1:\nNMI backtrace for cpu 1\nCPU: 1 PID: 2784 Comm: kworker/u4:8 Not tainted 6.8.0-rc4-syzkaller-01028-g71b605d32017 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nWorkqueue: events_unbound __unix_gc\nRIP: 0010:__sanitizer_cov_trace_pc+0x0/0x70 kernel/kcov.c:200\nCode: 89 fb e8 23 00 00 00 48 8b 3d 84 f5 1a 0c 48 89 de 5b e9 43 26 57 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 \u003cf3\u003e 0f 1e fa 48 8b 04 24 65 48 8b 0d 90 52 70 7e 65 8b 15 91 52 70\nRSP: 0018:ffffc9000a17fa78 EFLAGS: 00000287\nRAX: ffffffff8a0a6108 RBX: ffff88802b6c2640 RCX: ffff88802c0b3b80\nRDX: 0000000000000000 RSI: 0000000000000002 RDI: 0000000000000000\nRBP: ffffc9000a17fbf0 R08: ffffffff89383f1d R09: 1ffff1100ee5ff84\nR10: dffffc0000000000 R11: ffffed100ee5ff85 R12: 1ffff110056d84ee\nR13: ffffc9000a17fae0 R14: 0000000000000000 R15: ffffffff8f47b840\nFS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007ffef5687ff8 CR3: 0000000029b34000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cNMI\u003e\n \u003c/NMI\u003e\n \u003cTASK\u003e\n __unix_gc+0xe69/0xf40 net/unix/garbage.c:343\n process_one_work kernel/workqueue.c:2633 [inline]\n process_scheduled_works+0x913/0x1420 kernel/workqueue.c:2706\n worker_thread+0xa5f/0x1000 kernel/workqueue.c:2787\n kthread+0x2ef/0x390 kernel/kthread.c:388\n ret_from_fork+0x4b/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1b/0x30 arch/x86/entry/entry_64.S:242\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26750",
"url": "https://www.suse.com/security/cve/CVE-2024-26750"
},
{
"category": "external",
"summary": "SUSE Bug 1222617 for CVE-2024-26750",
"url": "https://bugzilla.suse.com/1222617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26750"
},
{
"cve": "CVE-2024-26758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Don\u0027t ignore suspended array in md_check_recovery()\n\nmddev_suspend() never stop sync_thread, hence it doesn\u0027t make sense to\nignore suspended array in md_check_recovery(), which might cause\nsync_thread can\u0027t be unregistered.\n\nAfter commit f52f5c71f3d4 (\"md: fix stopping sync thread\"), following\nhang can be triggered by test shell/integrity-caching.sh:\n\n1) suspend the array:\nraid_postsuspend\n mddev_suspend\n\n2) stop the array:\nraid_dtr\n md_stop\n __md_stop_writes\n stop_sync_thread\n set_bit(MD_RECOVERY_INTR, \u0026mddev-\u003erecovery);\n md_wakeup_thread_directly(mddev-\u003esync_thread);\n wait_event(..., !test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery))\n\n3) sync thread done:\nmd_do_sync\n set_bit(MD_RECOVERY_DONE, \u0026mddev-\u003erecovery);\n md_wakeup_thread(mddev-\u003ethread);\n\n4) daemon thread can\u0027t unregister sync thread:\nmd_check_recovery\n if (mddev-\u003esuspended)\n return; -\u003e return directly\n md_read_sync_thread\n clear_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery);\n -\u003e MD_RECOVERY_RUNNING can\u0027t be cleared, hence step 2 hang;\n\nThis problem is not just related to dm-raid, fix it by ignoring\nsuspended array in md_check_recovery(). And follow up patches will\nimprove dm-raid better to frozen sync thread during suspend.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26758",
"url": "https://www.suse.com/security/cve/CVE-2024-26758"
},
{
"category": "external",
"summary": "SUSE Bug 1230341 for CVE-2024-26758",
"url": "https://bugzilla.suse.com/1230341"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26758"
},
{
"cve": "CVE-2024-26760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: pscsi: Fix bio_put() for error case\n\nAs of commit 066ff571011d (\"block: turn bio_kmalloc into a simple kmalloc\nwrapper\"), a bio allocated by bio_kmalloc() must be freed by bio_uninit()\nand kfree(). That is not done properly for the error case, hitting WARN and\nNULL pointer dereference in bio_free().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26760",
"url": "https://www.suse.com/security/cve/CVE-2024-26760"
},
{
"category": "external",
"summary": "SUSE Bug 1222596 for CVE-2024-26760",
"url": "https://bugzilla.suse.com/1222596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26760"
},
{
"cve": "CVE-2024-26761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window\n\nThe Linux CXL subsystem is built on the assumption that HPA == SPA.\nThat is, the host physical address (HPA) the HDM decoder registers are\nprogrammed with are system physical addresses (SPA).\n\nDuring HDM decoder setup, the DVSEC CXL range registers (cxl-3.1,\n8.1.3.8) are checked if the memory is enabled and the CXL range is in\na HPA window that is described in a CFMWS structure of the CXL host\nbridge (cxl-3.1, 9.18.1.3).\n\nNow, if the HPA is not an SPA, the CXL range does not match a CFMWS\nwindow and the CXL memory range will be disabled then. The HDM decoder\nstops working which causes system memory being disabled and further a\nsystem hang during HDM decoder initialization, typically when a CXL\nenabled kernel boots.\n\nPrevent a system hang and do not disable the HDM decoder if the\ndecoder\u0027s CXL range is not found in a CFMWS window.\n\nNote the change only fixes a hardware hang, but does not implement\nHPA/SPA translation. Support for this can be added in a follow on\npatch series.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26761",
"url": "https://www.suse.com/security/cve/CVE-2024-26761"
},
{
"category": "external",
"summary": "SUSE Bug 1230375 for CVE-2024-26761",
"url": "https://bugzilla.suse.com/1230375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26761"
},
{
"cve": "CVE-2024-26764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio\n\nIf kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the\nfollowing kernel warning appears:\n\nWARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8\nCall trace:\n kiocb_set_cancel_fn+0x9c/0xa8\n ffs_epfile_read_iter+0x144/0x1d0\n io_read+0x19c/0x498\n io_issue_sqe+0x118/0x27c\n io_submit_sqes+0x25c/0x5fc\n __arm64_sys_io_uring_enter+0x104/0xab0\n invoke_syscall+0x58/0x11c\n el0_svc_common+0xb4/0xf4\n do_el0_svc+0x2c/0xb0\n el0_svc+0x2c/0xa4\n el0t_64_sync_handler+0x68/0xb4\n el0t_64_sync+0x1a4/0x1a8\n\nFix this by setting the IOCB_AIO_RW flag for read and write I/O that is\nsubmitted by libaio.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26764",
"url": "https://www.suse.com/security/cve/CVE-2024-26764"
},
{
"category": "external",
"summary": "SUSE Bug 1222721 for CVE-2024-26764",
"url": "https://bugzilla.suse.com/1222721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26764"
},
{
"cve": "CVE-2024-26767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fixed integer types and null check locations\n\n[why]:\nissues fixed:\n- comparison with wider integer type in loop condition which can cause\ninfinite loops\n- pointer dereference before null check",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26767",
"url": "https://www.suse.com/security/cve/CVE-2024-26767"
},
{
"category": "external",
"summary": "SUSE Bug 1230339 for CVE-2024-26767",
"url": "https://bugzilla.suse.com/1230339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26767"
},
{
"cve": "CVE-2024-26769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-fc: avoid deadlock on delete association path\n\nWhen deleting an association the shutdown path is deadlocking because we\ntry to flush the nvmet_wq nested. Avoid this by deadlock by deferring\nthe put work into its own work item.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26769",
"url": "https://www.suse.com/security/cve/CVE-2024-26769"
},
{
"category": "external",
"summary": "SUSE Bug 1222727 for CVE-2024-26769",
"url": "https://bugzilla.suse.com/1222727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26769"
},
{
"cve": "CVE-2024-26772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26772",
"url": "https://www.suse.com/security/cve/CVE-2024-26772"
},
{
"category": "external",
"summary": "SUSE Bug 1222613 for CVE-2024-26772",
"url": "https://bugzilla.suse.com/1222613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26772"
},
{
"cve": "CVE-2024-26773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()\n\nDetermine if the group block bitmap is corrupted before using ac_b_ex in\next4_mb_try_best_found() to avoid allocating blocks from a group with a\ncorrupted block bitmap in the following concurrency and making the\nsituation worse.\n\next4_mb_regular_allocator\n ext4_lock_group(sb, group)\n ext4_mb_good_group\n // check if the group bbitmap is corrupted\n ext4_mb_complex_scan_group\n // Scan group gets ac_b_ex but doesn\u0027t use it\n ext4_unlock_group(sb, group)\n ext4_mark_group_bitmap_corrupted(group)\n // The block bitmap was corrupted during\n // the group unlock gap.\n ext4_mb_try_best_found\n ext4_lock_group(ac-\u003eac_sb, group)\n ext4_mb_use_best_found\n mb_mark_used\n // Allocating blocks in block bitmap corrupted group",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26773",
"url": "https://www.suse.com/security/cve/CVE-2024-26773"
},
{
"category": "external",
"summary": "SUSE Bug 1222618 for CVE-2024-26773",
"url": "https://bugzilla.suse.com/1222618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26773"
},
{
"cve": "CVE-2024-26774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26774"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt\n\nDetermine if bb_fragments is 0 instead of determining bb_free to eliminate\nthe risk of dividing by zero when the block bitmap is corrupted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26774",
"url": "https://www.suse.com/security/cve/CVE-2024-26774"
},
{
"category": "external",
"summary": "SUSE Bug 1222622 for CVE-2024-26774",
"url": "https://bugzilla.suse.com/1222622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26774"
},
{
"cve": "CVE-2024-26775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: avoid potential deadlock at set_capacity\n\nMove set_capacity() outside of the section procected by (\u0026d-\u003elock).\nTo avoid possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n[1] lock(\u0026bdev-\u003ebd_size_lock);\n local_irq_disable();\n [2] lock(\u0026d-\u003elock);\n [3] lock(\u0026bdev-\u003ebd_size_lock);\n \u003cInterrupt\u003e\n[4] lock(\u0026d-\u003elock);\n\n *** DEADLOCK ***\n\nWhere [1](\u0026bdev-\u003ebd_size_lock) hold by zram_add()-\u003eset_capacity().\n[2]lock(\u0026d-\u003elock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc()\nis trying to acquire [3](\u0026bdev-\u003ebd_size_lock) at set_capacity() call.\nIn this situation an attempt to acquire [4]lock(\u0026d-\u003elock) from\naoecmd_cfg_rsp() will lead to deadlock.\n\nSo the simplest solution is breaking lock dependency\n[2](\u0026d-\u003elock) -\u003e [3](\u0026bdev-\u003ebd_size_lock) by moving set_capacity()\noutside.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26775",
"url": "https://www.suse.com/security/cve/CVE-2024-26775"
},
{
"category": "external",
"summary": "SUSE Bug 1222627 for CVE-2024-26775",
"url": "https://bugzilla.suse.com/1222627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26775"
},
{
"cve": "CVE-2024-26780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix task hung while purging oob_skb in GC.\n\nsyzbot reported a task hung; at the same time, GC was looping infinitely\nin list_for_each_entry_safe() for OOB skb. [0]\n\nsyzbot demonstrated that the list_for_each_entry_safe() was not actually\nsafe in this case.\n\nA single skb could have references for multiple sockets. If we free such\na skb in the list_for_each_entry_safe(), the current and next sockets could\nbe unlinked in a single iteration.\n\nunix_notinflight() uses list_del_init() to unlink the socket, so the\nprefetched next socket forms a loop itself and list_for_each_entry_safe()\nnever stops.\n\nHere, we must use while() and make sure we always fetch the first socket.\n\n[0]:\nSending NMI from CPU 0 to CPUs 1:\nNMI backtrace for cpu 1\nCPU: 1 PID: 5065 Comm: syz-executor236 Not tainted 6.8.0-rc3-syzkaller-00136-g1f719a2f3fa6 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nRIP: 0010:preempt_count arch/x86/include/asm/preempt.h:26 [inline]\nRIP: 0010:check_kcov_mode kernel/kcov.c:173 [inline]\nRIP: 0010:__sanitizer_cov_trace_pc+0xd/0x60 kernel/kcov.c:207\nCode: cc cc cc cc 66 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 65 48 8b 14 25 40 c2 03 00 \u003c65\u003e 8b 05 b4 7c 78 7e a9 00 01 ff 00 48 8b 34 24 74 0f f6 c4 01 74\nRSP: 0018:ffffc900033efa58 EFLAGS: 00000283\nRAX: ffff88807b077800 RBX: ffff88807b077800 RCX: 1ffffffff27b1189\nRDX: ffff88802a5a3b80 RSI: ffffffff8968488d RDI: ffff88807b077f70\nRBP: ffffc900033efbb0 R08: 0000000000000001 R09: fffffbfff27a900c\nR10: ffffffff93d48067 R11: ffffffff8ae000eb R12: ffff88807b077800\nR13: dffffc0000000000 R14: ffff88807b077e40 R15: 0000000000000001\nFS: 0000000000000000(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000564f4fc1e3a8 CR3: 000000000d57a000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cNMI\u003e\n \u003c/NMI\u003e\n \u003cTASK\u003e\n unix_gc+0x563/0x13b0 net/unix/garbage.c:319\n unix_release_sock+0xa93/0xf80 net/unix/af_unix.c:683\n unix_release+0x91/0xf0 net/unix/af_unix.c:1064\n __sock_release+0xb0/0x270 net/socket.c:659\n sock_close+0x1c/0x30 net/socket.c:1421\n __fput+0x270/0xb80 fs/file_table.c:376\n task_work_run+0x14f/0x250 kernel/task_work.c:180\n exit_task_work include/linux/task_work.h:38 [inline]\n do_exit+0xa8a/0x2ad0 kernel/exit.c:871\n do_group_exit+0xd4/0x2a0 kernel/exit.c:1020\n __do_sys_exit_group kernel/exit.c:1031 [inline]\n __se_sys_exit_group kernel/exit.c:1029 [inline]\n __x64_sys_exit_group+0x3e/0x50 kernel/exit.c:1029\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xd5/0x270 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f9d6cbdac09\nCode: Unable to access opcode bytes at 0x7f9d6cbdabdf.\nRSP: 002b:00007fff5952feb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7\nRAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9d6cbdac09\nRDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000\nRBP: 00007f9d6cc552b0 R08: ffffffffffffffb8 R09: 0000000000000006\nR10: 0000000000000006 R11: 0000000000000246 R12: 00007f9d6cc552b0\nR13: 0000000000000000 R14: 00007f9d6cc55d00 R15: 00007f9d6cbabe70\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26780",
"url": "https://www.suse.com/security/cve/CVE-2024-26780"
},
{
"category": "external",
"summary": "SUSE Bug 1222588 for CVE-2024-26780",
"url": "https://bugzilla.suse.com/1222588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26780"
},
{
"cve": "CVE-2024-26783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26783"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index\n\nWith numa balancing on, when a numa system is running where a numa node\ndoesn\u0027t have its local memory so it has no managed zones, the following\noops has been observed. It\u0027s because wakeup_kswapd() is called with a\nwrong zone index, -1. Fixed it by checking the index before calling\nwakeup_kswapd().\n\n\u003e BUG: unable to handle page fault for address: 00000000000033f3\n\u003e #PF: supervisor read access in kernel mode\n\u003e #PF: error_code(0x0000) - not-present page\n\u003e PGD 0 P4D 0\n\u003e Oops: 0000 [#1] PREEMPT SMP NOPTI\n\u003e CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255\n\u003e Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n\u003e rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n\u003e RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812)\n\u003e Code: (omitted)\n\u003e RSP: 0000:ffffc90004257d58 EFLAGS: 00010286\n\u003e RAX: ffffffffffffffff RBX: ffff88883fff0480 RCX: 0000000000000003\n\u003e RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480\n\u003e RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff\n\u003e R10: ffff888106c95540 R11: 0000000055555554 R12: 0000000000000003\n\u003e R13: 0000000000000000 R14: 0000000000000000 R15: ffff88883fff0940\n\u003e FS: 00007fc4b8124740(0000) GS:ffff888827c00000(0000) knlGS:0000000000000000\n\u003e CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\u003e CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0\n\u003e DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n\u003e DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\u003e PKRU: 55555554\n\u003e Call Trace:\n\u003e \u003cTASK\u003e\n\u003e ? __die\n\u003e ? page_fault_oops\n\u003e ? __pte_offset_map_lock\n\u003e ? exc_page_fault\n\u003e ? asm_exc_page_fault\n\u003e ? wakeup_kswapd\n\u003e migrate_misplaced_page\n\u003e __handle_mm_fault\n\u003e handle_mm_fault\n\u003e do_user_addr_fault\n\u003e exc_page_fault\n\u003e asm_exc_page_fault\n\u003e RIP: 0033:0x55b897ba0808\n\u003e Code: (omitted)\n\u003e RSP: 002b:00007ffeefa821a0 EFLAGS: 00010287\n\u003e RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0\n\u003e RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0\n\u003e RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 0000000000000075\n\u003e R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n\u003e R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000\n\u003e \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26783",
"url": "https://www.suse.com/security/cve/CVE-2024-26783"
},
{
"category": "external",
"summary": "SUSE Bug 1222615 for CVE-2024-26783",
"url": "https://bugzilla.suse.com/1222615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26783"
},
{
"cve": "CVE-2024-26785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26785"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix protection fault in iommufd_test_syz_conv_iova\n\nSyzkaller reported the following bug:\n\n general protection fault, probably for non-canonical address 0xdffffc0000000038: 0000 [#1] SMP KASAN\n KASAN: null-ptr-deref in range [0x00000000000001c0-0x00000000000001c7]\n Call Trace:\n lock_acquire\n lock_acquire+0x1ce/0x4f0\n down_read+0x93/0x4a0\n iommufd_test_syz_conv_iova+0x56/0x1f0\n iommufd_test_access_rw.isra.0+0x2ec/0x390\n iommufd_test+0x1058/0x1e30\n iommufd_fops_ioctl+0x381/0x510\n vfs_ioctl\n __do_sys_ioctl\n __se_sys_ioctl\n __x64_sys_ioctl+0x170/0x1e0\n do_syscall_x64\n do_syscall_64+0x71/0x140\n\nThis is because the new iommufd_access_change_ioas() sets access-\u003eioas to\nNULL during its process, so the lock might be gone in a concurrent racing\ncontext.\n\nFix this by doing the same access-\u003eioas sanity as iommufd_access_rw() and\niommufd_access_pin_pages() functions do.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26785",
"url": "https://www.suse.com/security/cve/CVE-2024-26785"
},
{
"category": "external",
"summary": "SUSE Bug 1222779 for CVE-2024-26785",
"url": "https://bugzilla.suse.com/1222779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26785"
},
{
"cve": "CVE-2024-26786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix iopt_access_list_id overwrite bug\n\nSyzkaller reported the following WARN_ON:\n WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/io_pagetable.c:1360\n\n Call Trace:\n iommufd_access_change_ioas+0x2fe/0x4e0\n iommufd_access_destroy_object+0x50/0xb0\n iommufd_object_remove+0x2a3/0x490\n iommufd_object_destroy_user\n iommufd_access_destroy+0x71/0xb0\n iommufd_test_staccess_release+0x89/0xd0\n __fput+0x272/0xb50\n __fput_sync+0x4b/0x60\n __do_sys_close\n __se_sys_close\n __x64_sys_close+0x8b/0x110\n do_syscall_x64\n\nThe mismatch between the access pointer in the list and the passed-in\npointer is resulting from an overwrite of access-\u003eiopt_access_list_id, in\niopt_add_access(). Called from iommufd_access_change_ioas() when\nxa_alloc() succeeds but iopt_calculate_iova_alignment() fails.\n\nAdd a new_id in iopt_add_access() and only update iopt_access_list_id when\nreturning successfully.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26786",
"url": "https://www.suse.com/security/cve/CVE-2024-26786"
},
{
"category": "external",
"summary": "SUSE Bug 1222780 for CVE-2024-26786",
"url": "https://bugzilla.suse.com/1222780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26786"
},
{
"cve": "CVE-2024-26791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: dev-replace: properly validate device names\n\nThere\u0027s a syzbot report that device name buffers passed to device\nreplace are not properly checked for string termination which could lead\nto a read out of bounds in getname_kernel().\n\nAdd a helper that validates both source and target device name buffers.\nFor devid as the source initialize the buffer to empty string in case\nsomething tries to read it later.\n\nThis was originally analyzed and fixed in a different way by Edward Adam\nDavis (see links).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26791",
"url": "https://www.suse.com/security/cve/CVE-2024-26791"
},
{
"category": "external",
"summary": "SUSE Bug 1222793 for CVE-2024-26791",
"url": "https://bugzilla.suse.com/1222793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()\n\nThe gtp_link_ops operations structure for the subsystem must be\nregistered after registering the gtp_net_ops pernet operations structure.\n\nSyzkaller hit \u0027general protection fault in gtp_genl_dump_pdp\u0027 bug:\n\n[ 1010.702740] gtp: GTP module unloaded\n[ 1010.715877] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI\n[ 1010.715888] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n[ 1010.715895] CPU: 1 PID: 128616 Comm: a.out Not tainted 6.8.0-rc6-std-def-alt1 #1\n[ 1010.715899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\n[ 1010.715908] RIP: 0010:gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.715915] Code: 80 3c 02 00 0f 85 41 04 00 00 48 8b bb d8 05 00 00 e8 ed f6 ff ff 48 89 c2 48 89 c5 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4f 04 00 00 4c 89 e2 4c 8b 6d 00 48 b8 00 00 00\n[ 1010.715920] RSP: 0018:ffff888020fbf180 EFLAGS: 00010203\n[ 1010.715929] RAX: dffffc0000000000 RBX: ffff88800399c000 RCX: 0000000000000000\n[ 1010.715933] RDX: 0000000000000001 RSI: ffffffff84805280 RDI: 0000000000000282\n[ 1010.715938] RBP: 000000000000000d R08: 0000000000000001 R09: 0000000000000000\n[ 1010.715942] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800399cc80\n[ 1010.715947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000400\n[ 1010.715953] FS: 00007fd1509ab5c0(0000) GS:ffff88805b300000(0000) knlGS:0000000000000000\n[ 1010.715958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1010.715962] CR2: 0000000000000000 CR3: 000000001c07a000 CR4: 0000000000750ee0\n[ 1010.715968] PKRU: 55555554\n[ 1010.715972] Call Trace:\n[ 1010.715985] ? __die_body.cold+0x1a/0x1f\n[ 1010.715995] ? die_addr+0x43/0x70\n[ 1010.716002] ? exc_general_protection+0x199/0x2f0\n[ 1010.716016] ? asm_exc_general_protection+0x1e/0x30\n[ 1010.716026] ? gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.716034] ? gtp_net_exit+0x150/0x150 [gtp]\n[ 1010.716042] __rtnl_newlink+0x1063/0x1700\n[ 1010.716051] ? rtnl_setlink+0x3c0/0x3c0\n[ 1010.716063] ? is_bpf_text_address+0xc0/0x1f0\n[ 1010.716070] ? kernel_text_address.part.0+0xbb/0xd0\n[ 1010.716076] ? __kernel_text_address+0x56/0xa0\n[ 1010.716084] ? unwind_get_return_address+0x5a/0xa0\n[ 1010.716091] ? create_prof_cpu_mask+0x30/0x30\n[ 1010.716098] ? arch_stack_walk+0x9e/0xf0\n[ 1010.716106] ? stack_trace_save+0x91/0xd0\n[ 1010.716113] ? stack_trace_consume_entry+0x170/0x170\n[ 1010.716121] ? __lock_acquire+0x15c5/0x5380\n[ 1010.716139] ? mark_held_locks+0x9e/0xe0\n[ 1010.716148] ? kmem_cache_alloc_trace+0x35f/0x3c0\n[ 1010.716155] ? __rtnl_newlink+0x1700/0x1700\n[ 1010.716160] rtnl_newlink+0x69/0xa0\n[ 1010.716166] rtnetlink_rcv_msg+0x43b/0xc50\n[ 1010.716172] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716179] ? lock_acquire+0x1fe/0x560\n[ 1010.716188] ? netlink_deliver_tap+0x12f/0xd50\n[ 1010.716196] netlink_rcv_skb+0x14d/0x440\n[ 1010.716202] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716208] ? netlink_ack+0xab0/0xab0\n[ 1010.716213] ? netlink_deliver_tap+0x202/0xd50\n[ 1010.716220] ? netlink_deliver_tap+0x218/0xd50\n[ 1010.716226] ? __virt_addr_valid+0x30b/0x590\n[ 1010.716233] netlink_unicast+0x54b/0x800\n[ 1010.716240] ? netlink_attachskb+0x870/0x870\n[ 1010.716248] ? __check_object_size+0x2de/0x3b0\n[ 1010.716254] netlink_sendmsg+0x938/0xe40\n[ 1010.716261] ? netlink_unicast+0x800/0x800\n[ 1010.716269] ? __import_iovec+0x292/0x510\n[ 1010.716276] ? netlink_unicast+0x800/0x800\n[ 1010.716284] __sock_sendmsg+0x159/0x190\n[ 1010.716290] ____sys_sendmsg+0x712/0x880\n[ 1010.716297] ? sock_write_iter+0x3d0/0x3d0\n[ 1010.716304] ? __ia32_sys_recvmmsg+0x270/0x270\n[ 1010.716309] ? lock_acquire+0x1fe/0x560\n[ 1010.716315] ? drain_array_locked+0x90/0x90\n[ 1010.716324] ___sys_sendmsg+0xf8/0x170\n[ 1010.716331] ? sendmsg_copy_msghdr+0x170/0x170\n[ 1010.716337] ? lockdep_init_map\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26793",
"url": "https://www.suse.com/security/cve/CVE-2024-26793"
},
{
"category": "external",
"summary": "SUSE Bug 1222428 for CVE-2024-26793",
"url": "https://bugzilla.suse.com/1222428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26793"
},
{
"cve": "CVE-2024-26794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26794"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26794",
"url": "https://www.suse.com/security/cve/CVE-2024-26794"
},
{
"category": "external",
"summary": "SUSE Bug 1222426 for CVE-2024-26794",
"url": "https://bugzilla.suse.com/1222426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26794"
},
{
"cve": "CVE-2024-26802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstmmac: Clear variable when destroying workqueue\n\nCurrently when suspending driver and stopping workqueue it is checked whether\nworkqueue is not NULL and if so, it is destroyed.\nFunction destroy_workqueue() does drain queue and does clear variable, but\nit does not set workqueue variable to NULL. This can cause kernel/module\npanic if code attempts to clear workqueue that was not initialized.\n\nThis scenario is possible when resuming suspended driver in stmmac_resume(),\nbecause there is no handling for failed stmmac_hw_setup(),\nwhich can fail and return if DMA engine has failed to initialize,\nand workqueue is initialized after DMA engine.\nShould DMA engine fail to initialize, resume will proceed normally,\nbut interface won\u0027t work and TX queue will eventually timeout,\ncausing \u0027Reset adapter\u0027 error.\nThis then does destroy workqueue during reset process.\nAnd since workqueue is initialized after DMA engine and can be skipped,\nit will cause kernel/module panic.\n\nTo secure against this possible crash, set workqueue variable to NULL when\ndestroying workqueue.\n\nLog/backtrace from crash goes as follows:\n[88.031977]------------[ cut here ]------------\n[88.031985]NETDEV WATCHDOG: eth0 (sxgmac): transmit queue 1 timed out\n[88.032017]WARNING: CPU: 0 PID: 0 at net/sched/sch_generic.c:477 dev_watchdog+0x390/0x398\n \u003cSkipping backtrace for watchdog timeout\u003e\n[88.032251]---[ end trace e70de432e4d5c2c0 ]---\n[88.032282]sxgmac 16d88000.ethernet eth0: Reset adapter.\n[88.036359]------------[ cut here ]------------\n[88.036519]Call trace:\n[88.036523] flush_workqueue+0x3e4/0x430\n[88.036528] drain_workqueue+0xc4/0x160\n[88.036533] destroy_workqueue+0x40/0x270\n[88.036537] stmmac_fpe_stop_wq+0x4c/0x70\n[88.036541] stmmac_release+0x278/0x280\n[88.036546] __dev_close_many+0xcc/0x158\n[88.036551] dev_close_many+0xbc/0x190\n[88.036555] dev_close.part.0+0x70/0xc0\n[88.036560] dev_close+0x24/0x30\n[88.036564] stmmac_service_task+0x110/0x140\n[88.036569] process_one_work+0x1d8/0x4a0\n[88.036573] worker_thread+0x54/0x408\n[88.036578] kthread+0x164/0x170\n[88.036583] ret_from_fork+0x10/0x20\n[88.036588]---[ end trace e70de432e4d5c2c1 ]---\n[88.036597]Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26802",
"url": "https://www.suse.com/security/cve/CVE-2024-26802"
},
{
"category": "external",
"summary": "SUSE Bug 1222799 for CVE-2024-26802",
"url": "https://bugzilla.suse.com/1222799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26802"
},
{
"cve": "CVE-2024-26805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Fix kernel-infoleak-after-free in __skb_datagram_iter\n\nsyzbot reported the following uninit-value access issue [1]:\n\nnetlink_to_full_skb() creates a new `skb` and puts the `skb-\u003edata`\npassed as a 1st arg of netlink_to_full_skb() onto new `skb`. The data\nsize is specified as `len` and passed to skb_put_data(). This `len`\nis based on `skb-\u003eend` that is not data offset but buffer offset. The\n`skb-\u003eend` contains data and tailroom. Since the tailroom is not\ninitialized when the new `skb` created, KMSAN detects uninitialized\nmemory area when copying the data.\n\nThis patch resolved this issue by correct the len from `skb-\u003eend` to\n`skb-\u003elen`, which is the actual data offset.\n\nBUG: KMSAN: kernel-infoleak-after-free in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in copy_to_user_iter lib/iov_iter.c:24 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_ubuf include/linux/iov_iter.h:29 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance include/linux/iov_iter.h:271 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n copy_to_iter include/linux/uio.h:197 [inline]\n simple_copy_to_iter+0x68/0xa0 net/core/datagram.c:532\n __skb_datagram_iter+0x123/0xdc0 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:3960 [inline]\n packet_recvmsg+0xd9c/0x2000 net/packet/af_packet.c:3482\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg net/socket.c:1066 [inline]\n sock_read_iter+0x467/0x580 net/socket.c:1136\n call_read_iter include/linux/fs.h:2014 [inline]\n new_sync_read fs/read_write.c:389 [inline]\n vfs_read+0x8f6/0xe00 fs/read_write.c:470\n ksys_read+0x20f/0x4c0 fs/read_write.c:613\n __do_sys_read fs/read_write.c:623 [inline]\n __se_sys_read fs/read_write.c:621 [inline]\n __x64_sys_read+0x93/0xd0 fs/read_write.c:621\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was stored to memory at:\n skb_put_data include/linux/skbuff.h:2622 [inline]\n netlink_to_full_skb net/netlink/af_netlink.c:181 [inline]\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:298 [inline]\n __netlink_deliver_tap+0x5be/0xc90 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338 [inline]\n netlink_deliver_tap_kernel net/netlink/af_netlink.c:347 [inline]\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x10f1/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1087 [inline]\n free_unref_page_prepare+0xb0/0xa40 mm/page_alloc.c:2347\n free_unref_page_list+0xeb/0x1100 mm/page_alloc.c:2533\n release_pages+0x23d3/0x2410 mm/swap.c:1042\n free_pages_and_swap_cache+0xd9/0xf0 mm/swap_state.c:316\n tlb_batch_pages\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26805",
"url": "https://www.suse.com/security/cve/CVE-2024-26805"
},
{
"category": "external",
"summary": "SUSE Bug 1222630 for CVE-2024-26805",
"url": "https://bugzilla.suse.com/1222630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26805"
},
{
"cve": "CVE-2024-26807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBoth cadence-quadspi -\u003eruntime_suspend() and -\u003eruntime_resume()\nimplementations start with:\n\n\tstruct cqspi_st *cqspi = dev_get_drvdata(dev);\n\tstruct spi_controller *host = dev_get_drvdata(dev);\n\nThis obviously cannot be correct, unless \"struct cqspi_st\" is the\nfirst member of \" struct spi_controller\", or the other way around, but\nit is not the case. \"struct spi_controller\" is allocated by\ndevm_spi_alloc_host(), which allocates an extra amount of memory for\nprivate data, used to store \"struct cqspi_st\".\n\nThe -\u003eprobe() function of the cadence-quadspi driver then sets the\ndevice drvdata to store the address of the \"struct cqspi_st\"\nstructure. Therefore:\n\n\tstruct cqspi_st *cqspi = dev_get_drvdata(dev);\n\nis correct, but:\n\n\tstruct spi_controller *host = dev_get_drvdata(dev);\n\nis not, as it makes \"host\" point not to a \"struct spi_controller\" but\nto the same \"struct cqspi_st\" structure as above.\n\nThis obviously leads to bad things (memory corruption, kernel crashes)\ndirectly during -\u003eprobe(), as -\u003eprobe() enables the device using PM\nruntime, leading the -\u003eruntime_resume() hook being called, which in\nturns calls spi_controller_resume() with the wrong pointer.\n\nThis has at least been reported [0] to cause a kernel crash, but the\nexact behavior will depend on the memory contents.\n\n[0] https://lore.kernel.org/all/20240226121803.5a7r5wkpbbowcxgx@dhruva/\n\nThis issue potentially affects all platforms that are currently using\nthe cadence-quadspi driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26807",
"url": "https://www.suse.com/security/cve/CVE-2024-26807"
},
{
"category": "external",
"summary": "SUSE Bug 1222801 for CVE-2024-26807",
"url": "https://bugzilla.suse.com/1222801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26807"
},
{
"cve": "CVE-2024-26813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/platform: Create persistent IRQ handlers\n\nThe vfio-platform SET_IRQS ioctl currently allows loopback triggering of\nan interrupt before a signaling eventfd has been configured by the user,\nwhich thereby allows a NULL pointer dereference.\n\nRather than register the IRQ relative to a valid trigger, register all\nIRQs in a disabled state in the device open path. This allows mask\noperations on the IRQ to nest within the overall enable state governed\nby a valid eventfd signal. This decouples @masked, protected by the\n@locked spinlock from @trigger, protected via the @igate mutex.\n\nIn doing so, it\u0027s guaranteed that changes to @trigger cannot race the\nIRQ handlers because the IRQ handler is synchronously disabled before\nmodifying the trigger, and loopback triggering of the IRQ via ioctl is\nsafe due to serialization with trigger changes via igate.\n\nFor compatibility, request_irq() failures are maintained to be local to\nthe SET_IRQS ioctl rather than a fatal error in the open device path.\nThis allows, for example, a userspace driver with polling mode support\nto continue to work regardless of moving the request_irq() call site.\nThis necessarily blocks all SET_IRQS access to the failed index.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26813",
"url": "https://www.suse.com/security/cve/CVE-2024-26813"
},
{
"category": "external",
"summary": "SUSE Bug 1222809 for CVE-2024-26813",
"url": "https://bugzilla.suse.com/1222809"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26813"
},
{
"cve": "CVE-2024-26814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvfio/fsl-mc: Block calling interrupt handler without trigger\n\nThe eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is\ninitially NULL and may become NULL if the user sets the trigger\neventfd to -1. The interrupt handler itself is guaranteed that\ntrigger is always valid between request_irq() and free_irq(), but\nthe loopback testing mechanisms to invoke the handler function\nneed to test the trigger. The triggering and setting ioctl paths\nboth make use of igate and are therefore mutually exclusive.\n\nThe vfio-fsl-mc driver does not make use of irqfds, nor does it\nsupport any sort of masking operations, therefore unlike vfio-pci\nand vfio-platform, the flow can remain essentially unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26814",
"url": "https://www.suse.com/security/cve/CVE-2024-26814"
},
{
"category": "external",
"summary": "SUSE Bug 1222810 for CVE-2024-26814",
"url": "https://bugzilla.suse.com/1222810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26814"
},
{
"cve": "CVE-2024-26815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check\n\ntaprio_parse_tc_entry() is not correctly checking\nTCA_TAPRIO_TC_ENTRY_INDEX attribute:\n\n\tint tc; // Signed value\n\n\ttc = nla_get_u32(tb[TCA_TAPRIO_TC_ENTRY_INDEX]);\n\tif (tc \u003e= TC_QOPT_MAX_QUEUE) {\n\t\tNL_SET_ERR_MSG_MOD(extack, \"TC entry index out of range\");\n\t\treturn -ERANGE;\n\t}\n\nsyzbot reported that it could fed arbitary negative values:\n\nUBSAN: shift-out-of-bounds in net/sched/sch_taprio.c:1722:18\nshift exponent -2147418108 is negative\nCPU: 0 PID: 5066 Comm: syz-executor367 Not tainted 6.8.0-rc7-syzkaller-00136-gc8a5c731fd12 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_shift_out_of_bounds+0x3c7/0x420 lib/ubsan.c:386\n taprio_parse_tc_entry net/sched/sch_taprio.c:1722 [inline]\n taprio_parse_tc_entries net/sched/sch_taprio.c:1768 [inline]\n taprio_change+0xb87/0x57d0 net/sched/sch_taprio.c:1877\n taprio_init+0x9da/0xc80 net/sched/sch_taprio.c:2134\n qdisc_create+0x9d4/0x1190 net/sched/sch_api.c:1355\n tc_modify_qdisc+0xa26/0x1e40 net/sched/sch_api.c:1776\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6617\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f1b2dea3759\nCode: 48 83 c4 28 c3 e8 d7 19 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffd4de452f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f1b2def0390 RCX: 00007f1b2dea3759\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004\nRBP: 0000000000000003 R08: 0000555500000000 R09: 0000555500000000\nR10: 0000555500000000 R11: 0000000000000246 R12: 00007ffd4de45340\nR13: 00007ffd4de45310 R14: 0000000000000001 R15: 00007ffd4de45340",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26815",
"url": "https://www.suse.com/security/cve/CVE-2024-26815"
},
{
"category": "external",
"summary": "SUSE Bug 1222635 for CVE-2024-26815",
"url": "https://bugzilla.suse.com/1222635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26815"
},
{
"cve": "CVE-2024-26816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26816",
"url": "https://www.suse.com/security/cve/CVE-2024-26816"
},
{
"category": "external",
"summary": "SUSE Bug 1222624 for CVE-2024-26816",
"url": "https://bugzilla.suse.com/1222624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26816"
},
{
"cve": "CVE-2024-26822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: set correct id, uid and cruid for multiuser automounts\n\nWhen uid, gid and cruid are not specified, we need to dynamically\nset them into the filesystem context used for automounting otherwise\nthey\u0027ll end up reusing the values from the parent mount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26822",
"url": "https://www.suse.com/security/cve/CVE-2024-26822"
},
{
"category": "external",
"summary": "SUSE Bug 1223011 for CVE-2024-26822",
"url": "https://bugzilla.suse.com/1223011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26822"
},
{
"cve": "CVE-2024-26826",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26826"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix data re-injection from stale subflow\n\nWhen the MPTCP PM detects that a subflow is stale, all the packet\nscheduler must re-inject all the mptcp-level unacked data. To avoid\nacquiring unneeded locks, it first try to check if any unacked data\nis present at all in the RTX queue, but such check is currently\nbroken, as it uses TCP-specific helper on an MPTCP socket.\n\nFunnily enough fuzzers and static checkers are happy, as the accessed\nmemory still belongs to the mptcp_sock struct, and even from a\nfunctional perspective the recovery completed successfully, as\nthe short-cut test always failed.\n\nA recent unrelated TCP change - commit d5fed5addb2b (\"tcp: reorganize\ntcp_sock fast path variables\") - exposed the issue, as the tcp field\nreorganization makes the mptcp code always skip the re-inection.\n\nFix the issue dropping the bogus call: we are on a slow path, the early\noptimization proved once again to be evil.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26826",
"url": "https://www.suse.com/security/cve/CVE-2024-26826"
},
{
"category": "external",
"summary": "SUSE Bug 1223010 for CVE-2024-26826",
"url": "https://bugzilla.suse.com/1223010"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26826"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix missing folio cleanup in writeback race path\n\nIn zswap_writeback_entry(), after we get a folio from\n__read_swap_cache_async(), we grab the tree lock again to check that the\nswap entry was not invalidated and recycled. If it was, we delete the\nfolio we just added to the swap cache and exit.\n\nHowever, __read_swap_cache_async() returns the folio locked when it is\nnewly allocated, which is always true for this path, and the folio is\nref\u0027d. Make sure to unlock and put the folio before returning.\n\nThis was discovered by code inspection, probably because this path handles\na race condition that should not happen often, and the bug would not crash\nthe system, it will only strand the folio indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26832",
"url": "https://www.suse.com/security/cve/CVE-2024-26832"
},
{
"category": "external",
"summary": "SUSE Bug 1223007 for CVE-2024-26832",
"url": "https://bugzilla.suse.com/1223007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26832"
},
{
"cve": "CVE-2024-26836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: think-lmi: Fix password opcode ordering for workstations\n\nThe Lenovo workstations require the password opcode to be run before\nthe attribute value is changed (if Admin password is enabled).\n\nTested on some Thinkpads to confirm they are OK with this order too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26836",
"url": "https://www.suse.com/security/cve/CVE-2024-26836"
},
{
"category": "external",
"summary": "SUSE Bug 1222968 for CVE-2024-26836",
"url": "https://bugzilla.suse.com/1222968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26836"
},
{
"cve": "CVE-2024-26844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix WARNING in _copy_from_iter\n\nSyzkaller reports a warning in _copy_from_iter because an\niov_iter is supposedly used in the wrong direction. The reason\nis that syzcaller managed to generate a request with\na transfer direction of SG_DXFER_TO_FROM_DEV. This instructs\nthe kernel to copy user buffers into the kernel, read into\nthe copied buffers and then copy the data back to user space.\n\nThus the iovec is used in both directions.\n\nDetect this situation in the block layer and construct a new\niterator with the correct direction for the copy-in.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26844",
"url": "https://www.suse.com/security/cve/CVE-2024-26844"
},
{
"category": "external",
"summary": "SUSE Bug 1223015 for CVE-2024-26844",
"url": "https://bugzilla.suse.com/1223015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26844"
},
{
"cve": "CVE-2024-26845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: core: Add TMF to tmr_list handling\n\nAn abort that is responded to by iSCSI itself is added to tmr_list but does\nnot go to target core. A LUN_RESET that goes through tmr_list takes a\nrefcounter on the abort and waits for completion. However, the abort will\nbe never complete because it was not started in target core.\n\n Unable to locate ITT: 0x05000000 on CID: 0\n Unable to locate RefTaskTag: 0x05000000 on CID: 0.\n wait_for_tasks: Stopping tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop\n wait for tasks: tmf LUN_RESET with tag 0x0 ref_task_tag 0x0 i_state 34 t_state ISTATE_PROCESSING refcnt 2 transport_state active,stop,fabric_stop\n...\n INFO: task kworker/0:2:49 blocked for more than 491 seconds.\n task:kworker/0:2 state:D stack: 0 pid: 49 ppid: 2 flags:0x00000800\n Workqueue: events target_tmr_work [target_core_mod]\nCall Trace:\n __switch_to+0x2c4/0x470\n _schedule+0x314/0x1730\n schedule+0x64/0x130\n schedule_timeout+0x168/0x430\n wait_for_completion+0x140/0x270\n target_put_cmd_and_wait+0x64/0xb0 [target_core_mod]\n core_tmr_lun_reset+0x30/0xa0 [target_core_mod]\n target_tmr_work+0xc8/0x1b0 [target_core_mod]\n process_one_work+0x2d4/0x5d0\n worker_thread+0x78/0x6c0\n\nTo fix this, only add abort to tmr_list if it will be handled by target\ncore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26845",
"url": "https://www.suse.com/security/cve/CVE-2024-26845"
},
{
"category": "external",
"summary": "SUSE Bug 1223018 for CVE-2024-26845",
"url": "https://bugzilla.suse.com/1223018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26845"
},
{
"cve": "CVE-2024-26846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-fc: do not wait in vain when unloading module\n\nThe module exit path has race between deleting all controllers and\nfreeing \u0027left over IDs\u0027. To prevent double free a synchronization\nbetween nvme_delete_ctrl and ida_destroy has been added by the initial\ncommit.\n\nThere is some logic around trying to prevent from hanging forever in\nwait_for_completion, though it does not handling all cases. E.g.\nblktests is able to reproduce the situation where the module unload\nhangs forever.\n\nIf we completely rely on the cleanup code executed from the\nnvme_delete_ctrl path, all IDs will be freed eventually. This makes\ncalling ida_destroy unnecessary. We only have to ensure that all\nnvme_delete_ctrl code has been executed before we leave\nnvme_fc_exit_module. This is done by flushing the nvme_delete_wq\nworkqueue.\n\nWhile at it, remove the unused nvme_fc_wq workqueue too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26846",
"url": "https://www.suse.com/security/cve/CVE-2024-26846"
},
{
"category": "external",
"summary": "SUSE Bug 1223023 for CVE-2024-26846",
"url": "https://bugzilla.suse.com/1223023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26846"
},
{
"cve": "CVE-2024-26853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: avoid returning frame twice in XDP_REDIRECT\n\nWhen a frame can not be transmitted in XDP_REDIRECT\n(e.g. due to a full queue), it is necessary to free\nit by calling xdp_return_frame_rx_napi.\n\nHowever, this is the responsibility of the caller of\nthe ndo_xdp_xmit (see for example bq_xmit_all in\nkernel/bpf/devmap.c) and thus calling it inside\nigc_xdp_xmit (which is the ndo_xdp_xmit of the igc\ndriver) as well will lead to memory corruption.\n\nIn fact, bq_xmit_all expects that it can return all\nframes after the last successfully transmitted one.\nTherefore, break for the first not transmitted frame,\nbut do not call xdp_return_frame_rx_napi in igc_xdp_xmit.\nThis is equally implemented in other Intel drivers\nsuch as the igb.\n\nThere are two alternatives to this that were rejected:\n1. Return num_frames as all the frames would have been\n transmitted and release them inside igc_xdp_xmit.\n While it might work technically, it is not what\n the return value is meant to represent (i.e. the\n number of SUCCESSFULLY transmitted packets).\n2. Rework kernel/bpf/devmap.c and all drivers to\n support non-consecutively dropped packets.\n Besides being complex, it likely has a negative\n performance impact without a significant gain\n since it is anyway unlikely that the next frame\n can be transmitted if the previous one was dropped.\n\nThe memory corruption can be reproduced with\nthe following script which leads to a kernel panic\nafter a few seconds. It basically generates more\ntraffic than a i225 NIC can transmit and pushes it\nvia XDP_REDIRECT from a virtual interface to the\nphysical interface where frames get dropped.\n\n #!/bin/bash\n INTERFACE=enp4s0\n INTERFACE_IDX=`cat /sys/class/net/$INTERFACE/ifindex`\n\n sudo ip link add dev veth1 type veth peer name veth2\n sudo ip link set up $INTERFACE\n sudo ip link set up veth1\n sudo ip link set up veth2\n\n cat \u003c\u003c EOF \u003e redirect.bpf.c\n\n SEC(\"prog\")\n int redirect(struct xdp_md *ctx)\n {\n return bpf_redirect($INTERFACE_IDX, 0);\n }\n\n char _license[] SEC(\"license\") = \"GPL\";\n EOF\n clang -O2 -g -Wall -target bpf -c redirect.bpf.c -o redirect.bpf.o\n sudo ip link set veth2 xdp obj redirect.bpf.o\n\n cat \u003c\u003c EOF \u003e pass.bpf.c\n\n SEC(\"prog\")\n int pass(struct xdp_md *ctx)\n {\n return XDP_PASS;\n }\n\n char _license[] SEC(\"license\") = \"GPL\";\n EOF\n clang -O2 -g -Wall -target bpf -c pass.bpf.c -o pass.bpf.o\n sudo ip link set $INTERFACE xdp obj pass.bpf.o\n\n cat \u003c\u003c EOF \u003e trafgen.cfg\n\n {\n /* Ethernet Header */\n 0xe8, 0x6a, 0x64, 0x41, 0xbf, 0x46,\n 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,\n const16(ETH_P_IP),\n\n /* IPv4 Header */\n 0b01000101, 0, # IPv4 version, IHL, TOS\n const16(1028), # IPv4 total length (UDP length + 20 bytes (IP header))\n const16(2), # IPv4 ident\n 0b01000000, 0, # IPv4 flags, fragmentation off\n 64, # IPv4 TTL\n 17, # Protocol UDP\n csumip(14, 33), # IPv4 checksum\n\n /* UDP Header */\n 10, 0, 1, 1, # IP Src - adapt as needed\n 10, 0, 1, 2, # IP Dest - adapt as needed\n const16(6666), # UDP Src Port\n const16(6666), # UDP Dest Port\n const16(1008), # UDP length (UDP header 8 bytes + payload length)\n csumudp(14, 34), # UDP checksum\n\n /* Payload */\n fill(\u0027W\u0027, 1000),\n }\n EOF\n\n sudo trafgen -i trafgen.cfg -b3000MB -o veth1 --cpp",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26853",
"url": "https://www.suse.com/security/cve/CVE-2024-26853"
},
{
"category": "external",
"summary": "SUSE Bug 1223061 for CVE-2024-26853",
"url": "https://bugzilla.suse.com/1223061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26853"
},
{
"cve": "CVE-2024-26854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix uninitialized dplls mutex usage\n\nThe pf-\u003edplls.lock mutex is initialized too late, after its first use.\nMove it to the top of ice_dpll_init.\nNote that the \"err_exit\" error path destroys the mutex. And the mutex is\nthe last thing destroyed in ice_dpll_deinit.\nThis fixes the following warning with CONFIG_DEBUG_MUTEXES:\n\n ice 0000:10:00.0: The DDP package was successfully loaded: ICE OS Default Package version 1.3.36.0\n ice 0000:10:00.0: 252.048 Gb/s available PCIe bandwidth (16.0 GT/s PCIe x16 link)\n ice 0000:10:00.0: PTP init successful\n ------------[ cut here ]------------\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 0 PID: 410 at kernel/locking/mutex.c:587 __mutex_lock+0x773/0xd40\n Modules linked in: crct10dif_pclmul crc32_pclmul crc32c_intel polyval_clmulni polyval_generic ice(+) nvme nvme_c\u003e\n CPU: 0 PID: 410 Comm: kworker/0:4 Not tainted 6.8.0-rc5+ #3\n Hardware name: HPE ProLiant DL110 Gen10 Plus/ProLiant DL110 Gen10 Plus, BIOS U56 10/19/2023\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__mutex_lock+0x773/0xd40\n Code: c0 0f 84 1d f9 ff ff 44 8b 35 0d 9c 69 01 45 85 f6 0f 85 0d f9 ff ff 48 c7 c6 12 a2 a9 85 48 c7 c7 12 f1 a\u003e\n RSP: 0018:ff7eb1a3417a7ae0 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: ffffffff85ac2bff RDI: 00000000ffffffff\n RBP: ff7eb1a3417a7b80 R08: 0000000000000000 R09: 00000000ffffbfff\n R10: ff7eb1a3417a7978 R11: ff32b80f7fd2e568 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: ff32b7f02c50e0d8\n FS: 0000000000000000(0000) GS:ff32b80efe800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055b5852cc000 CR3: 000000003c43a004 CR4: 0000000000771ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x84/0x170\n ? __mutex_lock+0x773/0xd40\n ? report_bug+0x1c7/0x1d0\n ? prb_read_valid+0x1b/0x30\n ? handle_bug+0x42/0x70\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __mutex_lock+0x773/0xd40\n ? rcu_is_watching+0x11/0x50\n ? __kmalloc_node_track_caller+0x346/0x490\n ? ice_dpll_lock_status_get+0x28/0x50 [ice]\n ? __pfx_ice_dpll_lock_status_get+0x10/0x10 [ice]\n ? ice_dpll_lock_status_get+0x28/0x50 [ice]\n ice_dpll_lock_status_get+0x28/0x50 [ice]\n dpll_device_get_one+0x14f/0x2e0\n dpll_device_event_send+0x7d/0x150\n dpll_device_register+0x124/0x180\n ice_dpll_init_dpll+0x7b/0xd0 [ice]\n ice_dpll_init+0x224/0xa40 [ice]\n ? _dev_info+0x70/0x90\n ice_load+0x468/0x690 [ice]\n ice_probe+0x75b/0xa10 [ice]\n ? _raw_spin_unlock_irqrestore+0x4f/0x80\n ? process_one_work+0x1a3/0x500\n local_pci_probe+0x47/0xa0\n work_for_cpu_fn+0x17/0x30\n process_one_work+0x20d/0x500\n worker_thread+0x1df/0x3e0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x103/0x140\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n irq event stamp: 125197\n hardirqs last enabled at (125197): [\u003cffffffff8416409d\u003e] finish_task_switch.isra.0+0x12d/0x3d0\n hardirqs last disabled at (125196): [\u003cffffffff85134044\u003e] __schedule+0xea4/0x19f0\n softirqs last enabled at (105334): [\u003cffffffff84e1e65a\u003e] napi_get_frags_check+0x1a/0x60\n softirqs last disabled at (105332): [\u003cffffffff84e1e65a\u003e] napi_get_frags_check+0x1a/0x60\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26854",
"url": "https://www.suse.com/security/cve/CVE-2024-26854"
},
{
"category": "external",
"summary": "SUSE Bug 1223039 for CVE-2024-26854",
"url": "https://bugzilla.suse.com/1223039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26854"
},
{
"cve": "CVE-2024-26855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()\n\nThe function ice_bridge_setlink() may encounter a NULL pointer dereference\nif nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently\nin nla_for_each_nested(). To address this issue, add a check to ensure that\nbr_spec is not NULL before proceeding with the nested attribute iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26855",
"url": "https://www.suse.com/security/cve/CVE-2024-26855"
},
{
"category": "external",
"summary": "SUSE Bug 1223051 for CVE-2024-26855",
"url": "https://bugzilla.suse.com/1223051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26855"
},
{
"cve": "CVE-2024-26856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sparx5: Fix use after free inside sparx5_del_mact_entry\n\nBased on the static analyzis of the code it looks like when an entry\nfrom the MAC table was removed, the entry was still used after being\nfreed. More precise the vid of the mac_entry was used after calling\ndevm_kfree on the mac_entry.\nThe fix consists in first using the vid of the mac_entry to delete the\nentry from the HW and after that to free it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26856",
"url": "https://www.suse.com/security/cve/CVE-2024-26856"
},
{
"category": "external",
"summary": "SUSE Bug 1223052 for CVE-2024-26856",
"url": "https://bugzilla.suse.com/1223052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26856"
},
{
"cve": "CVE-2024-26857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: make sure to pull inner header in geneve_rx()\n\nsyzbot triggered a bug in geneve_rx() [1]\n\nIssue is similar to the one I fixed in commit 8d975c15c0cd\n(\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\n[1]\nBUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in geneve_rx drivers/net/geneve.c:279 [inline]\n BUG: KMSAN: uninit-value in geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n geneve_rx drivers/net/geneve.c:279 [inline]\n geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n udp_queue_rcv_one_skb+0x1d39/0x1f20 net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x6ae/0x6e0 net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x184/0x4b0 net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x1c6b/0x3010 net/ipv4/udp.c:2422\n udp_rcv+0x7d/0xa0 net/ipv4/udp.c:2604\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n process_backlog+0x480/0x8b0 net/core/dev.c:5976\n __napi_poll+0xe3/0x980 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x8b8/0x1870 net/core/dev.c:6778\n __do_softirq+0x1b7/0x7c5 kernel/softirq.c:553\n do_softirq+0x9a/0xf0 kernel/softirq.c:454\n __local_bh_enable_ip+0x9b/0xa0 kernel/softirq.c:381\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:820 [inline]\n __dev_queue_xmit+0x2768/0x51c0 net/core/dev.c:4378\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x5cb/0xbc0 mm/slub.c:3903\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x352/0x790 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1296 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6394\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2783\n packet_alloc_skb net/packet/af_packet.c:2930 [inline]\n packet_snd net/packet/af_packet.c:3024 [inline]\n packet_sendmsg+0x70c2/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26857",
"url": "https://www.suse.com/security/cve/CVE-2024-26857"
},
{
"category": "external",
"summary": "SUSE Bug 1223058 for CVE-2024-26857",
"url": "https://bugzilla.suse.com/1223058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26857"
},
{
"cve": "CVE-2024-26858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map\n\nJust simply reordering the functions mlx5e_ptp_metadata_map_put and\nmlx5e_ptpsq_track_metadata in the mlx5e_txwqe_complete context is not good\nenough since both the compiler and CPU are free to reorder these two\nfunctions. If reordering does occur, the issue that was supposedly fixed by\n7e3f3ba97e6c (\"net/mlx5e: Track xmit submission to PTP WQ after populating\nmetadata map\") will be seen. This will lead to NULL pointer dereferences in\nmlx5e_ptpsq_mark_ts_cqes_undelivered in the NAPI polling context due to the\ntracking list being populated before the metadata map.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26858",
"url": "https://www.suse.com/security/cve/CVE-2024-26858"
},
{
"category": "external",
"summary": "SUSE Bug 1223020 for CVE-2024-26858",
"url": "https://bugzilla.suse.com/1223020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26858"
},
{
"cve": "CVE-2024-26860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-integrity: fix a memory leak when rechecking the data\n\nMemory for the \"checksums\" pointer will leak if the data is rechecked\nafter checksum failure (because the associated kfree won\u0027t happen due\nto \u0027goto skip_io\u0027).\n\nFix this by freeing the checksums memory before recheck, and just use\nthe \"checksum_onstack\" memory for storing checksum during recheck.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26860",
"url": "https://www.suse.com/security/cve/CVE-2024-26860"
},
{
"category": "external",
"summary": "SUSE Bug 1223077 for CVE-2024-26860",
"url": "https://bugzilla.suse.com/1223077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26860"
},
{
"cve": "CVE-2024-26861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: receive: annotate data-race around receiving_counter.counter\n\nSyzkaller with KCSAN identified a data-race issue when accessing\nkeypair-\u003ereceiving_counter.counter. Use READ_ONCE() and WRITE_ONCE()\nannotations to mark the data race as intentional.\n\n BUG: KCSAN: data-race in wg_packet_decrypt_worker / wg_packet_rx_poll\n\n write to 0xffff888107765888 of 8 bytes by interrupt on cpu 0:\n counter_validate drivers/net/wireguard/receive.c:321 [inline]\n wg_packet_rx_poll+0x3ac/0xf00 drivers/net/wireguard/receive.c:461\n __napi_poll+0x60/0x3b0 net/core/dev.c:6536\n napi_poll net/core/dev.c:6605 [inline]\n net_rx_action+0x32b/0x750 net/core/dev.c:6738\n __do_softirq+0xc4/0x279 kernel/softirq.c:553\n do_softirq+0x5e/0x90 kernel/softirq.c:454\n __local_bh_enable_ip+0x64/0x70 kernel/softirq.c:381\n __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]\n _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210\n spin_unlock_bh include/linux/spinlock.h:396 [inline]\n ptr_ring_consume_bh include/linux/ptr_ring.h:367 [inline]\n wg_packet_decrypt_worker+0x6c5/0x700 drivers/net/wireguard/receive.c:499\n process_one_work kernel/workqueue.c:2633 [inline]\n ...\n\n read to 0xffff888107765888 of 8 bytes by task 3196 on cpu 1:\n decrypt_packet drivers/net/wireguard/receive.c:252 [inline]\n wg_packet_decrypt_worker+0x220/0x700 drivers/net/wireguard/receive.c:501\n process_one_work kernel/workqueue.c:2633 [inline]\n process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2706\n worker_thread+0x525/0x730 kernel/workqueue.c:2787\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26861",
"url": "https://www.suse.com/security/cve/CVE-2024-26861"
},
{
"category": "external",
"summary": "SUSE Bug 1223076 for CVE-2024-26861",
"url": "https://bugzilla.suse.com/1223076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26861"
},
{
"cve": "CVE-2024-26862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npacket: annotate data-races around ignore_outgoing\n\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\n\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\n\nsyzbot reported:\n\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\n\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\n packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\n do_sock_setsockopt net/socket.c:2311 [inline]\n __sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\n dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\n xmit_one net/core/dev.c:3527 [inline]\n dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\n batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\n batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\n batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\n worker_thread+0x526/0x730 kernel/workqueue.c:3416\n kthread+0x1d1/0x210 kernel/kthread.c:388\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n\nvalue changed: 0x00 -\u003e 0x01\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26862",
"url": "https://www.suse.com/security/cve/CVE-2024-26862"
},
{
"category": "external",
"summary": "SUSE Bug 1223111 for CVE-2024-26862",
"url": "https://bugzilla.suse.com/1223111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26862"
},
{
"cve": "CVE-2024-26863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhsr: Fix uninit-value access in hsr_get_node()\n\nKMSAN reported the following uninit-value access issue [1]:\n\n=====================================================\nBUG: KMSAN: uninit-value in hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246\n hsr_get_node+0xa2e/0xa40 net/hsr/hsr_framereg.c:246\n fill_frame_info net/hsr/hsr_forward.c:577 [inline]\n hsr_forward_skb+0xe12/0x30e0 net/hsr/hsr_forward.c:615\n hsr_dev_xmit+0x1a1/0x270 net/hsr/hsr_device.c:223\n __netdev_start_xmit include/linux/netdevice.h:4940 [inline]\n netdev_start_xmit include/linux/netdevice.h:4954 [inline]\n xmit_one net/core/dev.c:3548 [inline]\n dev_hard_start_xmit+0x247/0xa10 net/core/dev.c:3564\n __dev_queue_xmit+0x33b8/0x5130 net/core/dev.c:4349\n dev_queue_xmit include/linux/netdevice.h:3134 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3087 [inline]\n packet_sendmsg+0x8b1d/0x9f30 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n kmem_cache_alloc_node+0x5e9/0xb10 mm/slub.c:3523\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x318/0x740 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1286 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6334\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2787\n packet_alloc_skb net/packet/af_packet.c:2936 [inline]\n packet_snd net/packet/af_packet.c:3030 [inline]\n packet_sendmsg+0x70e8/0x9f30 net/packet/af_packet.c:3119\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x6d/0x140 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nCPU: 1 PID: 5033 Comm: syz-executor334 Not tainted 6.7.0-syzkaller-00562-g9f8413c4a66f #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\n=====================================================\n\nIf the packet type ID field in the Ethernet header is either ETH_P_PRP or\nETH_P_HSR, but it is not followed by an HSR tag, hsr_get_skb_sequence_nr()\nreads an invalid value as a sequence number. This causes the above issue.\n\nThis patch fixes the issue by returning NULL if the Ethernet header is not\nfollowed by an HSR tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26863",
"url": "https://www.suse.com/security/cve/CVE-2024-26863"
},
{
"category": "external",
"summary": "SUSE Bug 1223021 for CVE-2024-26863",
"url": "https://bugzilla.suse.com/1223021"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26863"
},
{
"cve": "CVE-2024-26865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrds: tcp: Fix use-after-free of net in reqsk_timer_handler().\n\nsyzkaller reported a warning of netns tracker [0] followed by KASAN\nsplat [1] and another ref tracker warning [1].\n\nsyzkaller could not find a repro, but in the log, the only suspicious\nsequence was as follows:\n\n 18:26:22 executing program 1:\n r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)\n ...\n connect$inet6(r0, \u0026(0x7f0000000080)={0xa, 0x4001, 0x0, @loopback}, 0x1c) (async)\n\nThe notable thing here is 0x4001 in connect(), which is RDS_TCP_PORT.\n\nSo, the scenario would be:\n\n 1. unshare(CLONE_NEWNET) creates a per netns tcp listener in\n rds_tcp_listen_init().\n 2. syz-executor connect()s to it and creates a reqsk.\n 3. syz-executor exit()s immediately.\n 4. netns is dismantled. [0]\n 5. reqsk timer is fired, and UAF happens while freeing reqsk. [1]\n 6. listener is freed after RCU grace period. [2]\n\nBasically, reqsk assumes that the listener guarantees netns safety\nuntil all reqsk timers are expired by holding the listener\u0027s refcount.\nHowever, this was not the case for kernel sockets.\n\nCommit 740ea3c4a0b2 (\"tcp: Clean up kernel listener\u0027s reqsk in\ninet_twsk_purge()\") fixed this issue only for per-netns ehash.\n\nLet\u0027s apply the same fix for the global ehash.\n\n[0]:\nref_tracker: net notrefcnt@0000000065449cc3 has 1/1 users at\n sk_alloc (./include/net/net_namespace.h:337 net/core/sock.c:2146)\n inet6_create (net/ipv6/af_inet6.c:192 net/ipv6/af_inet6.c:119)\n __sock_create (net/socket.c:1572)\n rds_tcp_listen_init (net/rds/tcp_listen.c:279)\n rds_tcp_init_net (net/rds/tcp.c:577)\n ops_init (net/core/net_namespace.c:137)\n setup_net (net/core/net_namespace.c:340)\n copy_net_ns (net/core/net_namespace.c:497)\n create_new_namespaces (kernel/nsproxy.c:110)\n unshare_nsproxy_namespaces (kernel/nsproxy.c:228 (discriminator 4))\n ksys_unshare (kernel/fork.c:3429)\n __x64_sys_unshare (kernel/fork.c:3496)\n do_syscall_64 (arch/x86/entry/common.c:52 arch/x86/entry/common.c:83)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n...\nWARNING: CPU: 0 PID: 27 at lib/ref_tracker.c:179 ref_tracker_dir_exit (lib/ref_tracker.c:179)\n\n[1]:\nBUG: KASAN: slab-use-after-free in inet_csk_reqsk_queue_drop (./include/net/inet_hashtables.h:180 net/ipv4/inet_connection_sock.c:952 net/ipv4/inet_connection_sock.c:966)\nRead of size 8 at addr ffff88801b370400 by task swapper/0/0\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl (lib/dump_stack.c:107 (discriminator 1))\n print_report (mm/kasan/report.c:378 mm/kasan/report.c:488)\n kasan_report (mm/kasan/report.c:603)\n inet_csk_reqsk_queue_drop (./include/net/inet_hashtables.h:180 net/ipv4/inet_connection_sock.c:952 net/ipv4/inet_connection_sock.c:966)\n reqsk_timer_handler (net/ipv4/inet_connection_sock.c:979 net/ipv4/inet_connection_sock.c:1092)\n call_timer_fn (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/timer.h:127 kernel/time/timer.c:1701)\n __run_timers.part.0 (kernel/time/timer.c:1752 kernel/time/timer.c:2038)\n run_timer_softirq (kernel/time/timer.c:2053)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27 ./include/linux/jump_label.h:207 ./include/trace/events/irq.h:142 kernel/softirq.c:554)\n irq_exit_rcu (kernel/softirq.c:427 kernel/softirq.c:632 kernel/softirq.c:644)\n sysvec_apic_timer_interrupt (arch/x86/kernel/apic/apic.c:1076 (discriminator 14))\n \u003c/IRQ\u003e\n\nAllocated by task 258 on cpu 0 at 83.612050s:\n kasan_save_stack (mm/kasan/common.c:48)\n kasan_save_track (mm/kasan/common.c:68)\n __kasan_slab_alloc (mm/kasan/common.c:343)\n kmem_cache_alloc (mm/slub.c:3813 mm/slub.c:3860 mm/slub.c:3867)\n copy_net_ns (./include/linux/slab.h:701 net/core/net_namespace.c:421 net/core/net_namespace.c:480)\n create_new_namespaces (kernel/nsproxy.c:110)\n unshare_nsproxy_name\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26865",
"url": "https://www.suse.com/security/cve/CVE-2024-26865"
},
{
"category": "external",
"summary": "SUSE Bug 1223062 for CVE-2024-26865",
"url": "https://bugzilla.suse.com/1223062"
},
{
"category": "external",
"summary": "SUSE Bug 1223063 for CVE-2024-26865",
"url": "https://bugzilla.suse.com/1223063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-26865"
},
{
"cve": "CVE-2024-26866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: lpspi: Avoid potential use-after-free in probe()\n\nfsl_lpspi_probe() is allocating/disposing memory manually with\nspi_alloc_host()/spi_alloc_target(), but uses\ndevm_spi_register_controller(). In case of error after the latter call the\nmemory will be explicitly freed in the probe function by\nspi_controller_put() call, but used afterwards by \"devm\" management outside\nprobe() (spi_unregister_controller() \u003c- devm_spi_unregister() below).\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000070\n...\nCall trace:\n kernfs_find_ns\n kernfs_find_and_get_ns\n sysfs_remove_group\n sysfs_remove_groups\n device_remove_attrs\n device_del\n spi_unregister_controller\n devm_spi_unregister\n release_nodes\n devres_release_all\n really_probe\n driver_probe_device\n __device_attach_driver\n bus_for_each_drv\n __device_attach\n device_initial_probe\n bus_probe_device\n deferred_probe_work_func\n process_one_work\n worker_thread\n kthread\n ret_from_fork",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26866",
"url": "https://www.suse.com/security/cve/CVE-2024-26866"
},
{
"category": "external",
"summary": "SUSE Bug 1223024 for CVE-2024-26866",
"url": "https://bugzilla.suse.com/1223024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26866"
},
{
"cve": "CVE-2024-26868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix panic when nfs4_ff_layout_prepare_ds() fails\n\nWe\u0027ve been seeing the following panic in production\n\nBUG: kernel NULL pointer dereference, address: 0000000000000065\nPGD 2f485f067 P4D 2f485f067 PUD 2cc5d8067 PMD 0\nRIP: 0010:ff_layout_cancel_io+0x3a/0x90 [nfs_layout_flexfiles]\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x286/0x380\n ? __rpc_execute+0x2c3/0x470 [sunrpc]\n ? rpc_new_task+0x42/0x1c0 [sunrpc]\n ? exc_page_fault+0x5d/0x110\n ? asm_exc_page_fault+0x22/0x30\n ? ff_layout_free_layoutreturn+0x110/0x110 [nfs_layout_flexfiles]\n ? ff_layout_cancel_io+0x3a/0x90 [nfs_layout_flexfiles]\n ? ff_layout_cancel_io+0x6f/0x90 [nfs_layout_flexfiles]\n pnfs_mark_matching_lsegs_return+0x1b0/0x360 [nfsv4]\n pnfs_error_mark_layout_for_return+0x9e/0x110 [nfsv4]\n ? ff_layout_send_layouterror+0x50/0x160 [nfs_layout_flexfiles]\n nfs4_ff_layout_prepare_ds+0x11f/0x290 [nfs_layout_flexfiles]\n ff_layout_pg_init_write+0xf0/0x1f0 [nfs_layout_flexfiles]\n __nfs_pageio_add_request+0x154/0x6c0 [nfs]\n nfs_pageio_add_request+0x26b/0x380 [nfs]\n nfs_do_writepage+0x111/0x1e0 [nfs]\n nfs_writepages_callback+0xf/0x30 [nfs]\n write_cache_pages+0x17f/0x380\n ? nfs_pageio_init_write+0x50/0x50 [nfs]\n ? nfs_writepages+0x6d/0x210 [nfs]\n ? nfs_writepages+0x6d/0x210 [nfs]\n nfs_writepages+0x125/0x210 [nfs]\n do_writepages+0x67/0x220\n ? generic_perform_write+0x14b/0x210\n filemap_fdatawrite_wbc+0x5b/0x80\n file_write_and_wait_range+0x6d/0xc0\n nfs_file_fsync+0x81/0x170 [nfs]\n ? nfs_file_mmap+0x60/0x60 [nfs]\n __x64_sys_fsync+0x53/0x90\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nInspecting the core with drgn I was able to pull this\n\n \u003e\u003e\u003e prog.crashed_thread().stack_trace()[0]\n #0 at 0xffffffffa079657a (ff_layout_cancel_io+0x3a/0x84) in ff_layout_cancel_io at fs/nfs/flexfilelayout/flexfilelayout.c:2021:27\n \u003e\u003e\u003e prog.crashed_thread().stack_trace()[0][\u0027idx\u0027]\n (u32)1\n \u003e\u003e\u003e prog.crashed_thread().stack_trace()[0][\u0027flseg\u0027].mirror_array[1].mirror_ds\n (struct nfs4_ff_layout_ds *)0xffffffffffffffed\n\nThis is clear from the stack trace, we call nfs4_ff_layout_prepare_ds()\nwhich could error out initializing the mirror_ds, and then we go to\nclean it all up and our check is only for if (!mirror-\u003emirror_ds). This\nis inconsistent with the rest of the users of mirror_ds, which have\n\n if (IS_ERR_OR_NULL(mirror_ds))\n\nto keep from tripping over this exact scenario. Fix this up in\nff_layout_cancel_io() to make sure we don\u0027t panic when we get an error.\nI also spot checked all the other instances of checking mirror_ds and we\nappear to be doing the correct checks everywhere, only unconditionally\ndereferencing mirror_ds when we know it would be valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26868",
"url": "https://www.suse.com/security/cve/CVE-2024-26868"
},
{
"category": "external",
"summary": "SUSE Bug 1223038 for CVE-2024-26868",
"url": "https://bugzilla.suse.com/1223038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26868"
},
{
"cve": "CVE-2024-26870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102\n\nA call to listxattr() with a buffer size = 0 returns the actual\nsize of the buffer needed for a subsequent call. When size \u003e 0,\nnfs4_listxattr() does not return an error because either\ngeneric_listxattr() or nfs4_listxattr_nfs4_label() consumes\nexactly all the bytes then size is 0 when calling\nnfs4_listxattr_nfs4_user() which then triggers the following\nkernel BUG:\n\n [ 99.403778] kernel BUG at mm/usercopy.c:102!\n [ 99.404063] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n [ 99.408463] CPU: 0 PID: 3310 Comm: python3 Not tainted 6.6.0-61.fc40.aarch64 #1\n [ 99.415827] Call trace:\n [ 99.415985] usercopy_abort+0x70/0xa0\n [ 99.416227] __check_heap_object+0x134/0x158\n [ 99.416505] check_heap_object+0x150/0x188\n [ 99.416696] __check_object_size.part.0+0x78/0x168\n [ 99.416886] __check_object_size+0x28/0x40\n [ 99.417078] listxattr+0x8c/0x120\n [ 99.417252] path_listxattr+0x78/0xe0\n [ 99.417476] __arm64_sys_listxattr+0x28/0x40\n [ 99.417723] invoke_syscall+0x78/0x100\n [ 99.417929] el0_svc_common.constprop.0+0x48/0xf0\n [ 99.418186] do_el0_svc+0x24/0x38\n [ 99.418376] el0_svc+0x3c/0x110\n [ 99.418554] el0t_64_sync_handler+0x120/0x130\n [ 99.418788] el0t_64_sync+0x194/0x198\n [ 99.418994] Code: aa0003e3 d000a3e0 91310000 97f49bdb (d4210000)\n\nIssue is reproduced when generic_listxattr() returns \u0027system.nfs4_acl\u0027,\nthus calling lisxattr() with size = 16 will trigger the bug.\n\nAdd check on nfs4_listxattr() to return ERANGE error when it is\ncalled with size \u003e 0 and the return value is greater than size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26870",
"url": "https://www.suse.com/security/cve/CVE-2024-26870"
},
{
"category": "external",
"summary": "SUSE Bug 1223113 for CVE-2024-26870",
"url": "https://bugzilla.suse.com/1223113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26870"
},
{
"cve": "CVE-2024-26878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t drop_dquot_ref\n\t\t\t\t\t remove_dquot_ref\n\t\t\t\t\t dquots = i_dquot(inode)\n dquots = i_dquot(inode)\n srcu_read_lock\n dquots[cnt]) != NULL (1)\n\t\t\t\t\t dquots[type] = NULL (2)\n spin_lock(\u0026dquots[cnt]-\u003edq_dqb_lock) (3)\n ....\n\nIf dquot_free_inode(or other routines) checks inode\u0027s quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let\u0027s fix it by using a temporary pointer to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26878",
"url": "https://www.suse.com/security/cve/CVE-2024-26878"
},
{
"category": "external",
"summary": "SUSE Bug 1223060 for CVE-2024-26878",
"url": "https://bugzilla.suse.com/1223060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26878"
},
{
"cve": "CVE-2024-26881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when 1588 is received on HIP08 devices\n\nThe HIP08 devices does not register the ptp devices, so the\nhdev-\u003eptp is NULL, but the hardware can receive 1588 messages,\nand set the HNS3_RXD_TS_VLD_B bit, so, if match this case, the\naccess of hdev-\u003eptp-\u003eflags will cause a kernel crash:\n\n[ 5888.946472] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018\n[ 5888.946475] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018\n...\n[ 5889.266118] pc : hclge_ptp_get_rx_hwts+0x40/0x170 [hclge]\n[ 5889.272612] lr : hclge_ptp_get_rx_hwts+0x34/0x170 [hclge]\n[ 5889.279101] sp : ffff800012c3bc50\n[ 5889.283516] x29: ffff800012c3bc50 x28: ffff2040002be040\n[ 5889.289927] x27: ffff800009116484 x26: 0000000080007500\n[ 5889.296333] x25: 0000000000000000 x24: ffff204001c6f000\n[ 5889.302738] x23: ffff204144f53c00 x22: 0000000000000000\n[ 5889.309134] x21: 0000000000000000 x20: ffff204004220080\n[ 5889.315520] x19: ffff204144f53c00 x18: 0000000000000000\n[ 5889.321897] x17: 0000000000000000 x16: 0000000000000000\n[ 5889.328263] x15: 0000004000140ec8 x14: 0000000000000000\n[ 5889.334617] x13: 0000000000000000 x12: 00000000010011df\n[ 5889.340965] x11: bbfeff4d22000000 x10: 0000000000000000\n[ 5889.347303] x9 : ffff800009402124 x8 : 0200f78811dfbb4d\n[ 5889.353637] x7 : 2200000000191b01 x6 : ffff208002a7d480\n[ 5889.359959] x5 : 0000000000000000 x4 : 0000000000000000\n[ 5889.366271] x3 : 0000000000000000 x2 : 0000000000000000\n[ 5889.372567] x1 : 0000000000000000 x0 : ffff20400095c080\n[ 5889.378857] Call trace:\n[ 5889.382285] hclge_ptp_get_rx_hwts+0x40/0x170 [hclge]\n[ 5889.388304] hns3_handle_bdinfo+0x324/0x410 [hns3]\n[ 5889.394055] hns3_handle_rx_bd+0x60/0x150 [hns3]\n[ 5889.399624] hns3_clean_rx_ring+0x84/0x170 [hns3]\n[ 5889.405270] hns3_nic_common_poll+0xa8/0x220 [hns3]\n[ 5889.411084] napi_poll+0xcc/0x264\n[ 5889.415329] net_rx_action+0xd4/0x21c\n[ 5889.419911] __do_softirq+0x130/0x358\n[ 5889.424484] irq_exit+0x134/0x154\n[ 5889.428700] __handle_domain_irq+0x88/0xf0\n[ 5889.433684] gic_handle_irq+0x78/0x2c0\n[ 5889.438319] el1_irq+0xb8/0x140\n[ 5889.442354] arch_cpu_idle+0x18/0x40\n[ 5889.446816] default_idle_call+0x5c/0x1c0\n[ 5889.451714] cpuidle_idle_call+0x174/0x1b0\n[ 5889.456692] do_idle+0xc8/0x160\n[ 5889.460717] cpu_startup_entry+0x30/0xfc\n[ 5889.465523] secondary_start_kernel+0x158/0x1ec\n[ 5889.470936] Code: 97ffab78 f9411c14 91408294 f9457284 (f9400c80)\n[ 5889.477950] SMP: stopping secondary CPUs\n[ 5890.514626] SMP: failed to stop secondary CPUs 0-69,71-95\n[ 5890.522951] Starting crashdump kernel...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26881",
"url": "https://www.suse.com/security/cve/CVE-2024-26881"
},
{
"category": "external",
"summary": "SUSE Bug 1223041 for CVE-2024-26881",
"url": "https://bugzilla.suse.com/1223041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26881"
},
{
"cve": "CVE-2024-26882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()\n\nApply the same fix than ones found in :\n\n8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\nsyzbot reported:\nBUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409\n __ipgre_rcv+0x9bc/0xbc0 net/ipv4/ip_gre.c:389\n ipgre_rcv net/ipv4/ip_gre.c:411 [inline]\n gre_rcv+0x423/0x19f0 net/ipv4/ip_gre.c:447\n gre_rcv+0x2a4/0x390 net/ipv4/gre_demux.c:163\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n netif_receive_skb_internal net/core/dev.c:5734 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5793\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1556\n tun_get_user+0x53b9/0x66e0 drivers/net/tun.c:2009\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055\n call_write_iter include/linux/fs.h:2087 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb6b/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4590\n alloc_pages_mpol+0x62b/0x9d0 mm/mempolicy.c:2133\n alloc_pages+0x1be/0x1e0 mm/mempolicy.c:2204\n skb_page_frag_refill+0x2bf/0x7c0 net/core/sock.c:2909\n tun_build_skb drivers/net/tun.c:1686 [inline]\n tun_get_user+0xe0a/0x66e0 drivers/net/tun.c:1826\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055\n call_write_iter include/linux/fs.h:2087 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb6b/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26882",
"url": "https://www.suse.com/security/cve/CVE-2024-26882"
},
{
"category": "external",
"summary": "SUSE Bug 1223034 for CVE-2024-26882",
"url": "https://bugzilla.suse.com/1223034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26882"
},
{
"cve": "CVE-2024-26883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stackmap overflow check on 32-bit arches\n\nThe stackmap code relies on roundup_pow_of_two() to compute the number\nof hash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code.\n\nThe commit in the fixes tag actually attempted to fix this, but the fix\ndid not account for the UB, so the fix only works on CPUs where an\noverflow does result in a neat truncation to zero, which is not\nguaranteed. Checking the value before rounding does not have this\nproblem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26883",
"url": "https://www.suse.com/security/cve/CVE-2024-26883"
},
{
"category": "external",
"summary": "SUSE Bug 1223035 for CVE-2024-26883",
"url": "https://bugzilla.suse.com/1223035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26883"
},
{
"cve": "CVE-2024-26884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix hashtab overflow check on 32-bit arches\n\nThe hashtab code relies on roundup_pow_of_two() to compute the number of\nhash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code. So apply the same\nfix to hashtab, by moving the overflow check to before the roundup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26884",
"url": "https://www.suse.com/security/cve/CVE-2024-26884"
},
{
"category": "external",
"summary": "SUSE Bug 1223189 for CVE-2024-26884",
"url": "https://bugzilla.suse.com/1223189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26884"
},
{
"cve": "CVE-2024-26885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix DEVMAP_HASH overflow check on 32-bit arches\n\nThe devmap code allocates a number hash buckets equal to the next power\nof two of the max_entries value provided when creating the map. When\nrounding up to the next power of two, the 32-bit variable storing the\nnumber of buckets can overflow, and the code checks for overflow by\nchecking if the truncated 32-bit value is equal to 0. However, on 32-bit\narches the rounding up itself can overflow mid-way through, because it\nends up doing a left-shift of 32 bits on an unsigned long value. If the\nsize of an unsigned long is four bytes, this is undefined behaviour, so\nthere is no guarantee that we\u0027ll end up with a nice and tidy 0-value at\nthe end.\n\nSyzbot managed to turn this into a crash on arm32 by creating a\nDEVMAP_HASH with max_entries \u003e 0x80000000 and then trying to update it.\nFix this by moving the overflow check to before the rounding up\noperation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26885",
"url": "https://www.suse.com/security/cve/CVE-2024-26885"
},
{
"category": "external",
"summary": "SUSE Bug 1223190 for CVE-2024-26885",
"url": "https://bugzilla.suse.com/1223190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26885"
},
{
"cve": "CVE-2024-26889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_core: Fix possible buffer overflow\n\nstruct hci_dev_info has a fixed size name[8] field so in the event that\nhdev-\u003ename is bigger than that strcpy would attempt to write past its\nsize, so this fixes this problem by switching to use strscpy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26889",
"url": "https://www.suse.com/security/cve/CVE-2024-26889"
},
{
"category": "external",
"summary": "SUSE Bug 1228195 for CVE-2024-26889",
"url": "https://bugzilla.suse.com/1228195"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26889"
},
{
"cve": "CVE-2024-26898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\n\nThis patch is against CVE-2023-6270. The description of cve is:\n\n A flaw was found in the ATA over Ethernet (AoE) driver in the Linux\n kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on\n `struct net_device`, and a use-after-free can be triggered by racing\n between the free on the struct and the access through the `skbtxq`\n global queue. This could lead to a denial of service condition or\n potential code execution.\n\nIn aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial\ncode is finished. But the net_device ifp will still be used in\nlater tx()-\u003edev_queue_xmit() in kthread. Which means that the\ndev_put(ifp) should NOT be called in the success path of skb\ninitial code in aoecmd_cfg_pkts(). Otherwise tx() may run into\nuse-after-free because the net_device is freed.\n\nThis patch removed the dev_put(ifp) in the success path in\naoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26898",
"url": "https://www.suse.com/security/cve/CVE-2024-26898"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1223017 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-26899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix deadlock between bd_link_disk_holder and partition scan\n\n\u0027open_mutex\u0027 of gendisk is used to protect open/close block devices. But\nin bd_link_disk_holder(), it is used to protect the creation of symlink\nbetween holding disk and slave bdev, which introduces some issues.\n\nWhen bd_link_disk_holder() is called, the driver is usually in the process\nof initialization/modification and may suspend submitting io. At this\ntime, any io hold \u0027open_mutex\u0027, such as scanning partitions, can cause\ndeadlocks. For example, in raid:\n\nT1 T2\nbdev_open_by_dev\n lock open_mutex [1]\n ...\n efi_partition\n ...\n md_submit_bio\n\t\t\t\tmd_ioctl mddev_syspend\n\t\t\t\t -\u003e suspend all io\n\t\t\t\t md_add_new_disk\n\t\t\t\t bind_rdev_to_array\n\t\t\t\t bd_link_disk_holder\n\t\t\t\t try lock open_mutex [2]\n md_handle_request\n -\u003e wait mddev_resume\n\nT1 scan partition, T2 add a new device to raid. T1 waits for T2 to resume\nmddev, but T2 waits for open_mutex held by T1. Deadlock occurs.\n\nFix it by introducing a local mutex \u0027blk_holder_mutex\u0027 to replace\n\u0027open_mutex\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26899",
"url": "https://www.suse.com/security/cve/CVE-2024-26899"
},
{
"category": "external",
"summary": "SUSE Bug 1223045 for CVE-2024-26899",
"url": "https://bugzilla.suse.com/1223045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26899"
},
{
"cve": "CVE-2024-26900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev-\u003eserial\n\nIf kobject_add() is fail in bind_rdev_to_array(), \u0027rdev-\u003eserial\u0027 will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [\u003c0000000058b0a453\u003e] kmemleak_alloc+0x61/0xe0\n [\u003c00000000366adf14\u003e] __kmalloc_large_node+0x15e/0x270\n [\u003c000000002e82961b\u003e] __kmalloc_node.cold+0x11/0x7f\n [\u003c00000000f206d60a\u003e] kvmalloc_node+0x74/0x150\n [\u003c0000000034bf3363\u003e] rdev_init_serial+0x67/0x170\n [\u003c0000000010e08fe9\u003e] mddev_create_serial_pool+0x62/0x220\n [\u003c00000000c3837bf0\u003e] bind_rdev_to_array+0x2af/0x630\n [\u003c0000000073c28560\u003e] md_add_new_disk+0x400/0x9f0\n [\u003c00000000770e30ff\u003e] md_ioctl+0x15bf/0x1c10\n [\u003c000000006cfab718\u003e] blkdev_ioctl+0x191/0x3f0\n [\u003c0000000085086a11\u003e] vfs_ioctl+0x22/0x60\n [\u003c0000000018b656fe\u003e] __x64_sys_ioctl+0xba/0xe0\n [\u003c00000000e54e675e\u003e] do_syscall_64+0x71/0x150\n [\u003c000000008b0ad622\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26900",
"url": "https://www.suse.com/security/cve/CVE-2024-26900"
},
{
"category": "external",
"summary": "SUSE Bug 1223046 for CVE-2024-26900",
"url": "https://bugzilla.suse.com/1223046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26900"
},
{
"cve": "CVE-2024-26901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak\n\nsyzbot identified a kernel information leak vulnerability in\ndo_sys_name_to_handle() and issued the following report [1].\n\n[1]\n\"BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n do_sys_name_to_handle fs/fhandle.c:73 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n __do_kmalloc_node mm/slab_common.c:1006 [inline]\n __kmalloc+0x121/0x3c0 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n do_sys_name_to_handle fs/fhandle.c:39 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nBytes 18-19 of 20 are uninitialized\nMemory access of size 20 starts at ffff888128a46380\nData copied to user address 0000000020000240\"\n\nPer Chuck Lever\u0027s suggestion, use kzalloc() instead of kmalloc() to\nsolve the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26901",
"url": "https://www.suse.com/security/cve/CVE-2024-26901"
},
{
"category": "external",
"summary": "SUSE Bug 1223198 for CVE-2024-26901",
"url": "https://bugzilla.suse.com/1223198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26901"
},
{
"cve": "CVE-2024-26903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security\n\nDuring our fuzz testing of the connection and disconnection process at the\nRFCOMM layer, we discovered this bug. By comparing the packets from a\nnormal connection and disconnection process with the testcase that\ntriggered a KASAN report. We analyzed the cause of this bug as follows:\n\n1. In the packets captured during a normal connection, the host sends a\n`Read Encryption Key Size` type of `HCI_CMD` packet\n(Command Opcode: 0x1408) to the controller to inquire the length of\nencryption key.After receiving this packet, the controller immediately\nreplies with a Command Completepacket (Event Code: 0x0e) to return the\nEncryption Key Size.\n\n2. In our fuzz test case, the timing of the controller\u0027s response to this\npacket was delayed to an unexpected point: after the RFCOMM and L2CAP\nlayers had disconnected but before the HCI layer had disconnected.\n\n3. After receiving the Encryption Key Size Response at the time described\nin point 2, the host still called the rfcomm_check_security function.\nHowever, by this time `struct l2cap_conn *conn = l2cap_pi(sk)-\u003echan-\u003econn;`\nhad already been released, and when the function executed\n`return hci_conn_security(conn-\u003ehcon, d-\u003esec_level, auth_type, d-\u003eout);`,\nspecifically when accessing `conn-\u003ehcon`, a null-ptr-deref error occurred.\n\nTo fix this bug, check if `sk-\u003esk_state` is BT_CLOSED before calling\nrfcomm_recv_frame in rfcomm_process_rx.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26903",
"url": "https://www.suse.com/security/cve/CVE-2024-26903"
},
{
"category": "external",
"summary": "SUSE Bug 1223187 for CVE-2024-26903",
"url": "https://bugzilla.suse.com/1223187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26903"
},
{
"cve": "CVE-2024-26906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()\n\nWhen trying to use copy_from_kernel_nofault() to read vsyscall page\nthrough a bpf program, the following oops was reported:\n\n BUG: unable to handle page fault for address: ffffffffff600000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 3231067 P4D 3231067 PUD 3233067 PMD 3235067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 20390 Comm: test_progs ...... 6.7.0+ #58\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ......\n RIP: 0010:copy_from_kernel_nofault+0x6f/0x110\n ......\n Call Trace:\n \u003cTASK\u003e\n ? copy_from_kernel_nofault+0x6f/0x110\n bpf_probe_read_kernel+0x1d/0x50\n bpf_prog_2061065e56845f08_do_probe_read+0x51/0x8d\n trace_call_bpf+0xc5/0x1c0\n perf_call_bpf_enter.isra.0+0x69/0xb0\n perf_syscall_enter+0x13e/0x200\n syscall_trace_enter+0x188/0x1c0\n do_syscall_64+0xb5/0xe0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n \u003c/TASK\u003e\n ......\n ---[ end trace 0000000000000000 ]---\n\nThe oops is triggered when:\n\n1) A bpf program uses bpf_probe_read_kernel() to read from the vsyscall\npage and invokes copy_from_kernel_nofault() which in turn calls\n__get_user_asm().\n\n2) Because the vsyscall page address is not readable from kernel space,\na page fault exception is triggered accordingly.\n\n3) handle_page_fault() considers the vsyscall page address as a user\nspace address instead of a kernel space address. This results in the\nfix-up setup by bpf not being applied and a page_fault_oops() is invoked\ndue to SMAP.\n\nConsidering handle_page_fault() has already considered the vsyscall page\naddress as a userspace address, fix the problem by disallowing vsyscall\npage read for copy_from_kernel_nofault().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26906",
"url": "https://www.suse.com/security/cve/CVE-2024-26906"
},
{
"category": "external",
"summary": "SUSE Bug 1223202 for CVE-2024-26906",
"url": "https://bugzilla.suse.com/1223202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26906"
},
{
"cve": "CVE-2024-26909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pmic_glink_altmode: fix drm bridge use-after-free\n\nA recent DRM series purporting to simplify support for \"transparent\nbridges\" and handling of probe deferrals ironically exposed a\nuse-after-free issue on pmic_glink_altmode probe deferral.\n\nThis has manifested itself as the display subsystem occasionally failing\nto initialise and NULL-pointer dereferences during boot of machines like\nthe Lenovo ThinkPad X13s.\n\nSpecifically, the dp-hpd bridge is currently registered before all\nresources have been acquired which means that it can also be\nderegistered on probe deferrals.\n\nIn the meantime there is a race window where the new aux bridge driver\n(or PHY driver previously) may have looked up the dp-hpd bridge and\nstored a (non-reference-counted) pointer to the bridge which is about to\nbe deallocated.\n\nWhen the display controller is later initialised, this triggers a\nuse-after-free when attaching the bridges:\n\n\tdp -\u003e aux -\u003e dp-hpd (freed)\n\nwhich may, for example, result in the freed bridge failing to attach:\n\n\t[drm:drm_bridge_attach [drm]] *ERROR* failed to attach bridge /soc@0/phy@88eb000 to encoder TMDS-31: -16\n\nor a NULL-pointer dereference:\n\n\tUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n\t...\n\tCall trace:\n\t drm_bridge_attach+0x70/0x1a8 [drm]\n\t drm_aux_bridge_attach+0x24/0x38 [aux_bridge]\n\t drm_bridge_attach+0x80/0x1a8 [drm]\n\t dp_bridge_init+0xa8/0x15c [msm]\n\t msm_dp_modeset_init+0x28/0xc4 [msm]\n\nThe DRM bridge implementation is clearly fragile and implicitly built on\nthe assumption that bridges may never go away. In this case, the fix is\nto move the bridge registration in the pmic_glink_altmode driver to\nafter all resources have been looked up.\n\nIncidentally, with the new dp-hpd bridge implementation, which registers\nchild devices, this is also a requirement due to a long-standing issue\nin driver core that can otherwise lead to a probe deferral loop (see\ncommit fbc35b45f9f6 (\"Add documentation on meaning of -EPROBE_DEFER\")).\n\n[DB: slightly fixed commit message by adding the word \u0027commit\u0027]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26909",
"url": "https://www.suse.com/security/cve/CVE-2024-26909"
},
{
"category": "external",
"summary": "SUSE Bug 1223143 for CVE-2024-26909",
"url": "https://bugzilla.suse.com/1223143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26909"
},
{
"cve": "CVE-2024-26919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: Fix debugfs directory leak\n\nThe ULPI per-device debugfs root is named after the ulpi device\u0027s\nparent, but ulpi_unregister_interface tries to remove a debugfs\ndirectory named after the ulpi device itself. This results in the\ndirectory sticking around and preventing subsequent (deferred) probes\nfrom succeeding. Change the directory name to match the ulpi device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26919",
"url": "https://www.suse.com/security/cve/CVE-2024-26919"
},
{
"category": "external",
"summary": "SUSE Bug 1223847 for CVE-2024-26919",
"url": "https://bugzilla.suse.com/1223847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26919"
},
{
"cve": "CVE-2024-26920",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26920"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing/trigger: Fix to return error if failed to alloc snapshot\n\nFix register_snapshot_trigger() to return error code if it failed to\nallocate a snapshot instead of 0 (success). Unless that, it will register\nsnapshot trigger without an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26920",
"url": "https://www.suse.com/security/cve/CVE-2024-26920"
},
{
"category": "external",
"summary": "SUSE Bug 1228237 for CVE-2024-26920",
"url": "https://bugzilla.suse.com/1228237"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26920"
},
{
"cve": "CVE-2024-26921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb-\u003esk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb-\u003esk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead-\u003esk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff-\u003esk member, we must move the\noffset into the FRAG_CB, else skb-\u003esk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won\u0027t continue past reasm engine.\n\nIn the latter case, we will steal the skb-\u003esk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26921",
"url": "https://www.suse.com/security/cve/CVE-2024-26921"
},
{
"category": "external",
"summary": "SUSE Bug 1223138 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "external",
"summary": "SUSE Bug 1223139 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26921"
},
{
"cve": "CVE-2024-26922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: validate the parameters of bo mapping operations more clearly\n\nVerify the parameters of\namdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26922",
"url": "https://www.suse.com/security/cve/CVE-2024-26922"
},
{
"category": "external",
"summary": "SUSE Bug 1223315 for CVE-2024-26922",
"url": "https://bugzilla.suse.com/1223315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26922"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: release mutex after nft_gc_seq_end from abort path\n\nThe commit mutex should not be released during the critical section\nbetween nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC\nworker could collect expired objects and get the released commit lock\nwithin the same GC sequence.\n\nnf_tables_module_autoload() temporarily releases the mutex to load\nmodule dependencies, then it goes back to replay the transaction again.\nMove it at the end of the abort phase after nft_gc_seq_end() is called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26925",
"url": "https://www.suse.com/security/cve/CVE-2024-26925"
},
{
"category": "external",
"summary": "SUSE Bug 1223390 for CVE-2024-26925",
"url": "https://bugzilla.suse.com/1223390"
},
{
"category": "external",
"summary": "SUSE Bug 1224175 for CVE-2024-26925",
"url": "https://bugzilla.suse.com/1224175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-26925"
},
{
"cve": "CVE-2024-26928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_debug_files_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26928",
"url": "https://www.suse.com/security/cve/CVE-2024-26928"
},
{
"category": "external",
"summary": "SUSE Bug 1223532 for CVE-2024-26928",
"url": "https://bugzilla.suse.com/1223532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26928"
},
{
"cve": "CVE-2024-26929",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26929"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26929",
"url": "https://www.suse.com/security/cve/CVE-2024-26929"
},
{
"category": "external",
"summary": "SUSE Bug 1223715 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223715"
},
{
"category": "external",
"summary": "SUSE Bug 1223716 for CVE-2024-26929",
"url": "https://bugzilla.suse.com/1223716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-26929"
},
{
"cve": "CVE-2024-26930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer\n\nCoverity scan reported potential risk of double free of the pointer\nha-\u003evp_map. ha-\u003evp_map was freed in qla2x00_mem_alloc(), and again freed\nin function qla2x00_mem_free(ha).\n\nAssign NULL to vp_map and kfree take care of NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26930",
"url": "https://www.suse.com/security/cve/CVE-2024-26930"
},
{
"category": "external",
"summary": "SUSE Bug 1223626 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223626"
},
{
"category": "external",
"summary": "SUSE Bug 1223681 for CVE-2024-26930",
"url": "https://bugzilla.suse.com/1223681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-26930"
},
{
"cve": "CVE-2024-26931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix command flush on cable pull\n\nSystem crash due to command failed to flush back to SCSI layer.\n\n BUG: unable to handle kernel NULL pointer dereference at 0000000000000000\n PGD 0 P4D 0\n Oops: 0000 [#1] SMP NOPTI\n CPU: 27 PID: 793455 Comm: kworker/u130:6 Kdump: loaded Tainted: G OE --------- - - 4.18.0-372.9.1.el8.x86_64 #1\n Hardware name: HPE ProLiant DL360 Gen10/ProLiant DL360 Gen10, BIOS U32 09/03/2021\n Workqueue: nvme-wq nvme_fc_connect_ctrl_work [nvme_fc]\n RIP: 0010:__wake_up_common+0x4c/0x190\n Code: 24 10 4d 85 c9 74 0a 41 f6 01 04 0f 85 9d 00 00 00 48 8b 43 08 48 83 c3 08 4c 8d 48 e8 49 8d 41 18 48 39 c3 0f 84 f0 00 00 00 \u003c49\u003e 8b 41 18 89 54 24 08 31 ed 4c 8d 70 e8 45 8b 29 41 f6 c5 04 75\n RSP: 0018:ffff95f3e0cb7cd0 EFLAGS: 00010086\n RAX: 0000000000000000 RBX: ffff8b08d3b26328 RCX: 0000000000000000\n RDX: 0000000000000001 RSI: 0000000000000003 RDI: ffff8b08d3b26320\n RBP: 0000000000000001 R08: 0000000000000000 R09: ffffffffffffffe8\n R10: 0000000000000000 R11: ffff95f3e0cb7a60 R12: ffff95f3e0cb7d20\n R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000\n FS: 0000000000000000(0000) GS:ffff8b2fdf6c0000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 0000000000000000 CR3: 0000002f1e410002 CR4: 00000000007706e0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n __wake_up_common_lock+0x7c/0xc0\n qla_nvme_ls_req+0x355/0x4c0 [qla2xxx]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae1407ca000 from port 21:32:00:02:ac:07:ee:b8 loop_id 0x02 s_id 01:02:00 logout 1 keep 0 els_logo 0\n ? __nvme_fc_send_ls_req+0x260/0x380 [nvme_fc]\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:00:02:ac:07:ee:b8 state transitioned from ONLINE to LOST - portid=010200.\n ? nvme_fc_send_ls_req.constprop.42+0x1a/0x45 [nvme_fc]\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320002ac07eeb8. rport ffff8ae598122000 roles 1\n ? nvme_fc_connect_ctrl_work.cold.63+0x1e3/0xa7d [nvme_fc]\n qla2xxx [0000:12:00.1]-f084:3: qlt_free_session_done: se_sess 0000000000000000 / sess ffff8ae14801e000 from port 21:32:01:02:ad:f7:ee:b8 loop_id 0x04 s_id 01:02:01 logout 1 keep 0 els_logo 0\n ? __switch_to+0x10c/0x450\n ? process_one_work+0x1a7/0x360\n qla2xxx [0000:12:00.1]-207d:3: FCPort 21:32:01:02:ad:f7:ee:b8 state transitioned from ONLINE to LOST - portid=010201.\n ? worker_thread+0x1ce/0x390\n ? create_worker+0x1a0/0x1a0\n qla2xxx [0000:12:00.1]-2109:3: qla2x00_schedule_rport_del 21320102adf7eeb8. rport ffff8ae3b2312800 roles 70\n ? kthread+0x10a/0x120\n qla2xxx [0000:12:00.1]-2112:3: qla_nvme_unregister_remote_port: unregister remoteport on ffff8ae14801e000 21320102adf7eeb8\n ? set_kthread_struct+0x40/0x40\n qla2xxx [0000:12:00.1]-2110:3: remoteport_delete of ffff8ae14801e000 21320102adf7eeb8 completed.\n ? ret_from_fork+0x1f/0x40\n qla2xxx [0000:12:00.1]-f086:3: qlt_free_session_done: waiting for sess ffff8ae14801e000 logout\n\nThe system was under memory stress where driver was not able to allocate an\nSRB to carry out error recovery of cable pull. The failure to flush causes\nupper layer to start modifying scsi_cmnd. When the system frees up some\nmemory, the subsequent cable pull trigger another command flush. At this\npoint the driver access a null pointer when attempting to DMA unmap the\nSGL.\n\nAdd a check to make sure commands are flush back on session tear down to\nprevent the null pointer access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26931",
"url": "https://www.suse.com/security/cve/CVE-2024-26931"
},
{
"category": "external",
"summary": "SUSE Bug 1223627 for CVE-2024-26931",
"url": "https://bugzilla.suse.com/1223627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26931"
},
{
"cve": "CVE-2024-26932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd()\n\nWhen unregister pd capabilitie in tcpm, KASAN will capture below double\n-free issue. The root cause is the same capabilitiy will be kfreed twice,\nthe first time is kfreed by pd_capabilities_release() and the second time\nis explicitly kfreed by tcpm_port_unregister_pd().\n\n[ 3.988059] BUG: KASAN: double-free in tcpm_port_unregister_pd+0x1a4/0x3dc\n[ 3.995001] Free of addr ffff0008164d3000 by task kworker/u16:0/10\n[ 4.001206]\n[ 4.002712] CPU: 2 PID: 10 Comm: kworker/u16:0 Not tainted 6.8.0-rc5-next-20240220-05616-g52728c567a55 #53\n[ 4.012402] Hardware name: Freescale i.MX8QXP MEK (DT)\n[ 4.017569] Workqueue: events_unbound deferred_probe_work_func\n[ 4.023456] Call trace:\n[ 4.025920] dump_backtrace+0x94/0xec\n[ 4.029629] show_stack+0x18/0x24\n[ 4.032974] dump_stack_lvl+0x78/0x90\n[ 4.036675] print_report+0xfc/0x5c0\n[ 4.040289] kasan_report_invalid_free+0xa0/0xc0\n[ 4.044937] __kasan_slab_free+0x124/0x154\n[ 4.049072] kfree+0xb4/0x1e8\n[ 4.052069] tcpm_port_unregister_pd+0x1a4/0x3dc\n[ 4.056725] tcpm_register_port+0x1dd0/0x2558\n[ 4.061121] tcpci_register_port+0x420/0x71c\n[ 4.065430] tcpci_probe+0x118/0x2e0\n\nTo fix the issue, this will remove kree() from tcpm_port_unregister_pd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26932",
"url": "https://www.suse.com/security/cve/CVE-2024-26932"
},
{
"category": "external",
"summary": "SUSE Bug 1223649 for CVE-2024-26932",
"url": "https://bugzilla.suse.com/1223649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26932"
},
{
"cve": "CVE-2024-26933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in port \"disable\" sysfs attribute\n\nThe show and store callback routines for the \"disable\" sysfs attribute\nfile in port.c acquire the device lock for the port\u0027s parent hub\ndevice. This can cause problems if another process has locked the hub\nto remove it or change its configuration:\n\n\tRemoving the hub or changing its configuration requires the\n\thub interface to be removed, which requires the port device\n\tto be removed, and device_del() waits until all outstanding\n\tsysfs attribute callbacks for the ports have returned. The\n\tlock can\u0027t be released until then.\n\n\tBut the disable_show() or disable_store() routine can\u0027t return\n\tuntil after it has acquired the lock.\n\nThe resulting deadlock can be avoided by calling\nsysfs_break_active_protection(). This will cause the sysfs core not\nto wait for the attribute\u0027s callback routine to return, allowing the\nremoval to proceed. The disadvantage is that after making this call,\nthere is no guarantee that the hub structure won\u0027t be deallocated at\nany moment. To prevent this, we have to acquire a reference to it\nfirst by calling hub_get().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26933",
"url": "https://www.suse.com/security/cve/CVE-2024-26933"
},
{
"category": "external",
"summary": "SUSE Bug 1223670 for CVE-2024-26933",
"url": "https://bugzilla.suse.com/1223670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26933"
},
{
"cve": "CVE-2024-26934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface\u0027s parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can\u0027t complete\nuntil the device lock has been released, and the lock won\u0027t be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \u003csamsun1006219@gmail.com\u003e\nReported by: xingwei lee \u003cxrivendell7@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26934",
"url": "https://www.suse.com/security/cve/CVE-2024-26934"
},
{
"category": "external",
"summary": "SUSE Bug 1223671 for CVE-2024-26934",
"url": "https://bugzilla.suse.com/1223671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix unremoved procfs host directory regression\n\nCommit fc663711b944 (\"scsi: core: Remove the /proc/scsi/${proc_name}\ndirectory earlier\") fixed a bug related to modules loading/unloading, by\nadding a call to scsi_proc_hostdir_rm() on scsi_remove_host(). But that led\nto a potential duplicate call to the hostdir_rm() routine, since it\u0027s also\ncalled from scsi_host_dev_release(). That triggered a regression report,\nwhich was then fixed by commit be03df3d4bfe (\"scsi: core: Fix a procfs host\ndirectory removal regression\"). The fix just dropped the hostdir_rm() call\nfrom dev_release().\n\nBut it happens that this proc directory is created on scsi_host_alloc(),\nand that function \"pairs\" with scsi_host_dev_release(), while\nscsi_remove_host() pairs with scsi_add_host(). In other words, it seems the\nreason for removing the proc directory on dev_release() was meant to cover\ncases in which a SCSI host structure was allocated, but the call to\nscsi_add_host() didn\u0027t happen. And that pattern happens to exist in some\nerror paths, for example.\n\nSyzkaller causes that by using USB raw gadget device, error\u0027ing on\nusb-storage driver, at usb_stor_probe2(). By checking that path, we can see\nthat the BadDevice label leads to a scsi_host_put() after a SCSI host\nallocation, but there\u0027s no call to scsi_add_host() in such path. That leads\nto messages like this in dmesg (and a leak of the SCSI host proc\nstructure):\n\nusb-storage 4-1:87.51: USB Mass Storage device detected\nproc_dir_entry \u0027scsi/usb-storage\u0027 already registered\nWARNING: CPU: 1 PID: 3519 at fs/proc/generic.c:377 proc_register+0x347/0x4e0 fs/proc/generic.c:376\n\nThe proper fix seems to still call scsi_proc_hostdir_rm() on dev_release(),\nbut guard that with the state check for SHOST_CREATED; there is even a\ncomment in scsi_host_dev_release() detailing that: such conditional is\nmeant for cases where the SCSI host was allocated but there was no calls to\n{add,remove}_host(), like the usb-storage case.\n\nThis is what we propose here and with that, the error path of usb-storage\ndoes not trigger the warning anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26935",
"url": "https://www.suse.com/security/cve/CVE-2024-26935"
},
{
"category": "external",
"summary": "SUSE Bug 1223675 for CVE-2024-26935",
"url": "https://bugzilla.suse.com/1223675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26935"
},
{
"cve": "CVE-2024-26937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Reset queue_priority_hint on parking\n\nOriginally, with strict in order execution, we could complete execution\nonly when the queue was empty. Preempt-to-busy allows replacement of an\nactive request that may complete before the preemption is processed by\nHW. If that happens, the request is retired from the queue, but the\nqueue_priority_hint remains set, preventing direct submission until\nafter the next CS interrupt is processed.\n\nThis preempt-to-busy race can be triggered by the heartbeat, which will\nalso act as the power-management barrier and upon completion allow us to\nidle the HW. We may process the completion of the heartbeat, and begin\nparking the engine before the CS event that restores the\nqueue_priority_hint, causing us to fail the assertion that it is MIN.\n\n\u003c3\u003e[ 166.210729] __engine_park:283 GEM_BUG_ON(engine-\u003esched_engine-\u003equeue_priority_hint != (-((int)(~0U \u003e\u003e 1)) - 1))\n\u003c0\u003e[ 166.210781] Dumping ftrace buffer:\n\u003c0\u003e[ 166.210795] ---------------------------------\n...\n\u003c0\u003e[ 167.302811] drm_fdin-1097 2..s1. 165741070us : trace_ports: 0000:00:02.0 rcs0: promote { ccid:20 1217:2 prio 0 }\n\u003c0\u003e[ 167.302861] drm_fdin-1097 2d.s2. 165741072us : execlists_submission_tasklet: 0000:00:02.0 rcs0: preempting last=1217:2, prio=0, hint=2147483646\n\u003c0\u003e[ 167.302928] drm_fdin-1097 2d.s2. 165741072us : __i915_request_unsubmit: 0000:00:02.0 rcs0: fence 1217:2, current 0\n\u003c0\u003e[ 167.302992] drm_fdin-1097 2d.s2. 165741073us : __i915_request_submit: 0000:00:02.0 rcs0: fence 3:4660, current 4659\n\u003c0\u003e[ 167.303044] drm_fdin-1097 2d.s1. 165741076us : execlists_submission_tasklet: 0000:00:02.0 rcs0: context:3 schedule-in, ccid:40\n\u003c0\u003e[ 167.303095] drm_fdin-1097 2d.s1. 165741077us : trace_ports: 0000:00:02.0 rcs0: submit { ccid:40 3:4660* prio 2147483646 }\n\u003c0\u003e[ 167.303159] kworker/-89 11..... 165741139us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence c90:2, current 2\n\u003c0\u003e[ 167.303208] kworker/-89 11..... 165741148us : __intel_context_do_unpin: 0000:00:02.0 rcs0: context:c90 unpin\n\u003c0\u003e[ 167.303272] kworker/-89 11..... 165741159us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence 1217:2, current 2\n\u003c0\u003e[ 167.303321] kworker/-89 11..... 165741166us : __intel_context_do_unpin: 0000:00:02.0 rcs0: context:1217 unpin\n\u003c0\u003e[ 167.303384] kworker/-89 11..... 165741170us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence 3:4660, current 4660\n\u003c0\u003e[ 167.303434] kworker/-89 11d..1. 165741172us : __intel_context_retire: 0000:00:02.0 rcs0: context:1216 retire runtime: { total:56028ns, avg:56028ns }\n\u003c0\u003e[ 167.303484] kworker/-89 11..... 165741198us : __engine_park: 0000:00:02.0 rcs0: parked\n\u003c0\u003e[ 167.303534] \u003cidle\u003e-0 5d.H3. 165741207us : execlists_irq_handler: 0000:00:02.0 rcs0: semaphore yield: 00000040\n\u003c0\u003e[ 167.303583] kworker/-89 11..... 165741397us : __intel_context_retire: 0000:00:02.0 rcs0: context:1217 retire runtime: { total:325575ns, avg:0ns }\n\u003c0\u003e[ 167.303756] kworker/-89 11..... 165741777us : __intel_context_retire: 0000:00:02.0 rcs0: context:c90 retire runtime: { total:0ns, avg:0ns }\n\u003c0\u003e[ 167.303806] kworker/-89 11..... 165742017us : __engine_park: __engine_park:283 GEM_BUG_ON(engine-\u003esched_engine-\u003equeue_priority_hint != (-((int)(~0U \u003e\u003e 1)) - 1))\n\u003c0\u003e[ 167.303811] ---------------------------------\n\u003c4\u003e[ 167.304722] ------------[ cut here ]------------\n\u003c2\u003e[ 167.304725] kernel BUG at drivers/gpu/drm/i915/gt/intel_engine_pm.c:283!\n\u003c4\u003e[ 167.304731] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n\u003c4\u003e[ 167.304734] CPU: 11 PID: 89 Comm: kworker/11:1 Tainted: G W 6.8.0-rc2-CI_DRM_14193-gc655e0fd2804+ #1\n\u003c4\u003e[ 167.304736] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.3173.A03.2204210138 04/21/2022\n\u003c4\u003e[ 167.304738] Workqueue: i915-unordered retire_work_handler [i915]\n\u003c4\u003e[ 16\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26937",
"url": "https://www.suse.com/security/cve/CVE-2024-26937"
},
{
"category": "external",
"summary": "SUSE Bug 1223677 for CVE-2024-26937",
"url": "https://bugzilla.suse.com/1223677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26937"
},
{
"cve": "CVE-2024-26938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode()\n\nIf we have no VBT, or the VBT didn\u0027t declare the encoder\nin question, we won\u0027t have the \u0027devdata\u0027 for the encoder.\nInstead of oopsing just bail early.\n\nWe won\u0027t be able to tell whether the port is DP++ or not,\nbut so be it.\n\n(cherry picked from commit 26410896206342c8a80d2b027923e9ee7d33b733)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26938",
"url": "https://www.suse.com/security/cve/CVE-2024-26938"
},
{
"category": "external",
"summary": "SUSE Bug 1223678 for CVE-2024-26938",
"url": "https://bugzilla.suse.com/1223678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26938"
},
{
"cve": "CVE-2024-26939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26939"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/vma: Fix UAF on destroy against retire race\n\nObject debugging tools were sporadically reporting illegal attempts to\nfree a still active i915 VMA object when parking a GT believed to be idle.\n\n[161.359441] ODEBUG: free active (active state 0) object: ffff88811643b958 object type: i915_active hint: __i915_vma_active+0x0/0x50 [i915]\n[161.360082] WARNING: CPU: 5 PID: 276 at lib/debugobjects.c:514 debug_print_object+0x80/0xb0\n...\n[161.360304] CPU: 5 PID: 276 Comm: kworker/5:2 Not tainted 6.5.0-rc1-CI_DRM_13375-g003f860e5577+ #1\n[161.360314] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.3173.A03.2204210138 04/21/2022\n[161.360322] Workqueue: i915-unordered __intel_wakeref_put_work [i915]\n[161.360592] RIP: 0010:debug_print_object+0x80/0xb0\n...\n[161.361347] debug_object_free+0xeb/0x110\n[161.361362] i915_active_fini+0x14/0x130 [i915]\n[161.361866] release_references+0xfe/0x1f0 [i915]\n[161.362543] i915_vma_parked+0x1db/0x380 [i915]\n[161.363129] __gt_park+0x121/0x230 [i915]\n[161.363515] ____intel_wakeref_put_last+0x1f/0x70 [i915]\n\nThat has been tracked down to be happening when another thread is\ndeactivating the VMA inside __active_retire() helper, after the VMA\u0027s\nactive counter has been already decremented to 0, but before deactivation\nof the VMA\u0027s object is reported to the object debugging tool.\n\nWe could prevent from that race by serializing i915_active_fini() with\n__active_retire() via ref-\u003etree_lock, but that wouldn\u0027t stop the VMA from\nbeing used, e.g. from __i915_vma_retire() called at the end of\n__active_retire(), after that VMA has been already freed by a concurrent\ni915_vma_destroy() on return from the i915_active_fini(). Then, we should\nrather fix the issue at the VMA level, not in i915_active.\n\nSince __i915_vma_parked() is called from __gt_park() on last put of the\nGT\u0027s wakeref, the issue could be addressed by holding the GT wakeref long\nenough for __active_retire() to complete before that wakeref is released\nand the GT parked.\n\nI believe the issue was introduced by commit d93939730347 (\"drm/i915:\nRemove the vma refcount\") which moved a call to i915_active_fini() from\na dropped i915_vma_release(), called on last put of the removed VMA kref,\nto i915_vma_parked() processing path called on last put of a GT wakeref.\nHowever, its visibility to the object debugging tool was suppressed by a\nbug in i915_active that was fixed two weeks later with commit e92eb246feb9\n(\"drm/i915/active: Fix missing debug object activation\").\n\nA VMA associated with a request doesn\u0027t acquire a GT wakeref by itself.\nInstead, it depends on a wakeref held directly by the request\u0027s active\nintel_context for a GT associated with its VM, and indirectly on that\nintel_context\u0027s engine wakeref if the engine belongs to the same GT as the\nVMA\u0027s VM. Those wakerefs are released asynchronously to VMA deactivation.\n\nFix the issue by getting a wakeref for the VMA\u0027s GT when activating it,\nand putting that wakeref only after the VMA is deactivated. However,\nexclude global GTT from that processing path, otherwise the GPU never goes\nidle. Since __i915_vma_retire() may be called from atomic contexts, use\nasync variant of wakeref put. Also, to avoid circular locking dependency,\ntake care of acquiring the wakeref before VM mutex when both are needed.\n\nv7: Add inline comments with justifications for:\n - using untracked variants of intel_gt_pm_get/put() (Nirmoy),\n - using async variant of _put(),\n - not getting the wakeref in case of a global GTT,\n - always getting the first wakeref outside vm-\u003emutex.\nv6: Since __i915_vma_active/retire() callbacks are not serialized, storing\n a wakeref tracking handle inside struct i915_vma is not safe, and\n there is no other good place for that. Use untracked variants of\n intel_gt_pm_get/put_async().\nv5: Replace \"tile\" with \"GT\" across commit description (Rodrigo),\n - \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26939",
"url": "https://www.suse.com/security/cve/CVE-2024-26939"
},
{
"category": "external",
"summary": "SUSE Bug 1223679 for CVE-2024-26939",
"url": "https://bugzilla.suse.com/1223679"
},
{
"category": "external",
"summary": "SUSE Bug 1223680 for CVE-2024-26939",
"url": "https://bugzilla.suse.com/1223680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-26939"
},
{
"cve": "CVE-2024-26940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed\n\nThe driver creates /sys/kernel/debug/dri/0/mob_ttm even when the\ncorresponding ttm_resource_manager is not allocated.\nThis leads to a crash when trying to read from this file.\n\nAdd a check to create mob_ttm, system_mob_ttm, and gmr_ttm debug file\nonly when the corresponding ttm_resource_manager is allocated.\n\ncrash\u003e bt\nPID: 3133409 TASK: ffff8fe4834a5000 CPU: 3 COMMAND: \"grep\"\n #0 [ffffb954506b3b20] machine_kexec at ffffffffb2a6bec3\n #1 [ffffb954506b3b78] __crash_kexec at ffffffffb2bb598a\n #2 [ffffb954506b3c38] crash_kexec at ffffffffb2bb68c1\n #3 [ffffb954506b3c50] oops_end at ffffffffb2a2a9b1\n #4 [ffffb954506b3c70] no_context at ffffffffb2a7e913\n #5 [ffffb954506b3cc8] __bad_area_nosemaphore at ffffffffb2a7ec8c\n #6 [ffffb954506b3d10] do_page_fault at ffffffffb2a7f887\n #7 [ffffb954506b3d40] page_fault at ffffffffb360116e\n [exception RIP: ttm_resource_manager_debug+0x11]\n RIP: ffffffffc04afd11 RSP: ffffb954506b3df0 RFLAGS: 00010246\n RAX: ffff8fe41a6d1200 RBX: 0000000000000000 RCX: 0000000000000940\n RDX: 0000000000000000 RSI: ffffffffc04b4338 RDI: 0000000000000000\n RBP: ffffb954506b3e08 R8: ffff8fee3ffad000 R9: 0000000000000000\n R10: ffff8fe41a76a000 R11: 0000000000000001 R12: 00000000ffffffff\n R13: 0000000000000001 R14: ffff8fe5bb6f3900 R15: ffff8fe41a6d1200\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #8 [ffffb954506b3e00] ttm_resource_manager_show at ffffffffc04afde7 [ttm]\n #9 [ffffb954506b3e30] seq_read at ffffffffb2d8f9f3\n RIP: 00007f4c4eda8985 RSP: 00007ffdbba9e9f8 RFLAGS: 00000246\n RAX: ffffffffffffffda RBX: 000000000037e000 RCX: 00007f4c4eda8985\n RDX: 000000000037e000 RSI: 00007f4c41573000 RDI: 0000000000000003\n RBP: 000000000037e000 R8: 0000000000000000 R9: 000000000037fe30\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4c41573000\n R13: 0000000000000003 R14: 00007f4c41572010 R15: 0000000000000003\n ORIG_RAX: 0000000000000000 CS: 0033 SS: 002b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26940",
"url": "https://www.suse.com/security/cve/CVE-2024-26940"
},
{
"category": "external",
"summary": "SUSE Bug 1223718 for CVE-2024-26940",
"url": "https://bugzilla.suse.com/1223718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26940"
},
{
"cve": "CVE-2024-26943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/dmem: handle kcalloc() allocation failure\n\nThe kcalloc() in nouveau_dmem_evict_chunk() will return null if\nthe physical memory has run out. As a result, if we dereference\nsrc_pfns, dst_pfns or dma_addrs, the null pointer dereference bugs\nwill happen.\n\nMoreover, the GPU is going away. If the kcalloc() fails, we could not\nevict all pages mapping a chunk. So this patch adds a __GFP_NOFAIL\nflag in kcalloc().\n\nFinally, as there is no need to have physically contiguous memory,\nthis patch switches kcalloc() to kvcalloc() in order to avoid\nfailing allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26943",
"url": "https://www.suse.com/security/cve/CVE-2024-26943"
},
{
"category": "external",
"summary": "SUSE Bug 1230527 for CVE-2024-26943",
"url": "https://bugzilla.suse.com/1230527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26943"
},
{
"cve": "CVE-2024-26944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: zoned: fix use-after-free in do_zone_finish()\n\nShinichiro reported the following use-after-free triggered by the device\nreplace operation in fstests btrfs/070.\n\n BTRFS info (device nullb1): scrub: finished on devid 1 with status: 0\n ==================================================================\n BUG: KASAN: slab-use-after-free in do_zone_finish+0x91a/0xb90 [btrfs]\n Read of size 8 at addr ffff8881543c8060 by task btrfs-cleaner/3494007\n\n CPU: 0 PID: 3494007 Comm: btrfs-cleaner Tainted: G W 6.8.0-rc5-kts #1\n Hardware name: Supermicro Super Server/X11SPi-TF, BIOS 3.3 02/21/2020\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5b/0x90\n print_report+0xcf/0x670\n ? __virt_addr_valid+0x200/0x3e0\n kasan_report+0xd8/0x110\n ? do_zone_finish+0x91a/0xb90 [btrfs]\n ? do_zone_finish+0x91a/0xb90 [btrfs]\n do_zone_finish+0x91a/0xb90 [btrfs]\n btrfs_delete_unused_bgs+0x5e1/0x1750 [btrfs]\n ? __pfx_btrfs_delete_unused_bgs+0x10/0x10 [btrfs]\n ? btrfs_put_root+0x2d/0x220 [btrfs]\n ? btrfs_clean_one_deleted_snapshot+0x299/0x430 [btrfs]\n cleaner_kthread+0x21e/0x380 [btrfs]\n ? __pfx_cleaner_kthread+0x10/0x10 [btrfs]\n kthread+0x2e3/0x3c0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x70\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\n Allocated by task 3493983:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0xaa/0xb0\n btrfs_alloc_device+0xb3/0x4e0 [btrfs]\n device_list_add.constprop.0+0x993/0x1630 [btrfs]\n btrfs_scan_one_device+0x219/0x3d0 [btrfs]\n btrfs_control_ioctl+0x26e/0x310 [btrfs]\n __x64_sys_ioctl+0x134/0x1b0\n do_syscall_64+0x99/0x190\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\n Freed by task 3494056:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3f/0x60\n poison_slab_object+0x102/0x170\n __kasan_slab_free+0x32/0x70\n kfree+0x11b/0x320\n btrfs_rm_dev_replace_free_srcdev+0xca/0x280 [btrfs]\n btrfs_dev_replace_finishing+0xd7e/0x14f0 [btrfs]\n btrfs_dev_replace_by_ioctl+0x1286/0x25a0 [btrfs]\n btrfs_ioctl+0xb27/0x57d0 [btrfs]\n __x64_sys_ioctl+0x134/0x1b0\n do_syscall_64+0x99/0x190\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\n The buggy address belongs to the object at ffff8881543c8000\n which belongs to the cache kmalloc-1k of size 1024\n The buggy address is located 96 bytes inside of\n freed 1024-byte region [ffff8881543c8000, ffff8881543c8400)\n\n The buggy address belongs to the physical page:\n page:00000000fe2c1285 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1543c8\n head:00000000fe2c1285 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n flags: 0x17ffffc0000840(slab|head|node=0|zone=2|lastcpupid=0x1fffff)\n page_type: 0xffffffff()\n raw: 0017ffffc0000840 ffff888100042dc0 ffffea0019e8f200 dead000000000002\n raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000\n page dumped because: kasan: bad access detected\n\n Memory state around the buggy address:\n ffff8881543c7f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n ffff8881543c7f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n \u003effff8881543c8000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ^\n ffff8881543c8080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n ffff8881543c8100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb\n\nThis UAF happens because we\u0027re accessing stale zone information of a\nalready removed btrfs_device in do_zone_finish().\n\nThe sequence of events is as follows:\n\nbtrfs_dev_replace_start\n btrfs_scrub_dev\n btrfs_dev_replace_finishing\n btrfs_dev_replace_update_device_in_mapping_tree \u003c-- devices replaced\n btrfs_rm_dev_replace_free_srcdev\n btrfs_free_device \u003c-- device freed\n\ncleaner_kthread\n btrfs_delete_unused_bgs\n btrfs_zone_finish\n do_zone_finish \u003c-- refers the freed device\n\nThe reason for this is that we\u0027re using a\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26944",
"url": "https://www.suse.com/security/cve/CVE-2024-26944"
},
{
"category": "external",
"summary": "SUSE Bug 1223731 for CVE-2024-26944",
"url": "https://bugzilla.suse.com/1223731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26944"
},
{
"cve": "CVE-2024-26945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: iaa - Fix nr_cpus \u003c nr_iaa case\n\nIf nr_cpus \u003c nr_iaa, the calculated cpus_per_iaa will be 0, which\ncauses a divide-by-0 in rebalance_wq_table().\n\nMake sure cpus_per_iaa is 1 in that case, and also in the nr_iaa == 0\ncase, even though cpus_per_iaa is never used if nr_iaa == 0, for\nparanoia.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26945",
"url": "https://www.suse.com/security/cve/CVE-2024-26945"
},
{
"category": "external",
"summary": "SUSE Bug 1223732 for CVE-2024-26945",
"url": "https://bugzilla.suse.com/1223732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26945"
},
{
"cve": "CVE-2024-26946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address\n\nRead from an unsafe address with copy_from_kernel_nofault() in\narch_adjust_kprobe_addr() because this function is used before checking\nthe address is in text or not. Syzcaller bot found a bug and reported\nthe case if user specifies inaccessible data area,\narch_adjust_kprobe_addr() will cause a kernel panic.\n\n[ mingo: Clarified the comment. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26946",
"url": "https://www.suse.com/security/cve/CVE-2024-26946"
},
{
"category": "external",
"summary": "SUSE Bug 1223669 for CVE-2024-26946",
"url": "https://bugzilla.suse.com/1223669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26946"
},
{
"cve": "CVE-2024-26948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add a dc_state NULL check in dc_state_release\n\n[How]\nCheck wheather state is NULL before releasing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26948",
"url": "https://www.suse.com/security/cve/CVE-2024-26948"
},
{
"category": "external",
"summary": "SUSE Bug 1223664 for CVE-2024-26948",
"url": "https://bugzilla.suse.com/1223664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26948"
},
{
"cve": "CVE-2024-26949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/pm: Fix NULL pointer dereference when get power limit\n\nBecause powerplay_table initialization is skipped under\nsriov case, We check and set default lower and upper OD\nvalue if powerplay_table is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26949",
"url": "https://www.suse.com/security/cve/CVE-2024-26949"
},
{
"category": "external",
"summary": "SUSE Bug 1223665 for CVE-2024-26949",
"url": "https://bugzilla.suse.com/1223665"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26949"
},
{
"cve": "CVE-2024-26950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: netlink: access device through ctx instead of peer\n\nThe previous commit fixed a bug that led to a NULL peer-\u003edevice being\ndereferenced. It\u0027s actually easier and faster performance-wise to\ninstead get the device from ctx-\u003ewg. This semantically makes more sense\ntoo, since ctx-\u003ewg-\u003epeer_allowedips.seq is compared with\nctx-\u003eallowedips_seq, basing them both in ctx. This also acts as a\ndefence in depth provision against freed peers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26950",
"url": "https://www.suse.com/security/cve/CVE-2024-26950"
},
{
"category": "external",
"summary": "SUSE Bug 1223661 for CVE-2024-26950",
"url": "https://bugzilla.suse.com/1223661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26950"
},
{
"cve": "CVE-2024-26951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: netlink: check for dangling peer via is_dead instead of empty list\n\nIf all peers are removed via wg_peer_remove_all(), rather than setting\npeer_list to empty, the peer is added to a temporary list with a head on\nthe stack of wg_peer_remove_all(). If a netlink dump is resumed and the\ncursored peer is one that has been removed via wg_peer_remove_all(), it\nwill iterate from that peer and then attempt to dump freed peers.\n\nFix this by instead checking peer-\u003eis_dead, which was explictly created\nfor this purpose. Also move up the device_update_lock lockdep assertion,\nsince reading is_dead relies on that.\n\nIt can be reproduced by a small script like:\n\n echo \"Setting config...\"\n ip link add dev wg0 type wireguard\n wg setconf wg0 /big-config\n (\n while true; do\n echo \"Showing config...\"\n wg showconf wg0 \u003e /dev/null\n done\n ) \u0026\n sleep 4\n wg setconf wg0 \u003c(printf \"[Peer]\\nPublicKey=$(wg genkey)\\n\")\n\nResulting in:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x182a/0x1b20\n Read of size 8 at addr ffff88811956ec70 by task wg/59\n CPU: 2 PID: 59 Comm: wg Not tainted 6.8.0-rc2-debug+ #5\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x47/0x70\n print_address_description.constprop.0+0x2c/0x380\n print_report+0xab/0x250\n kasan_report+0xba/0xf0\n __lock_acquire+0x182a/0x1b20\n lock_acquire+0x191/0x4b0\n down_read+0x80/0x440\n get_peer+0x140/0xcb0\n wg_get_device_dump+0x471/0x1130",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26951",
"url": "https://www.suse.com/security/cve/CVE-2024-26951"
},
{
"category": "external",
"summary": "SUSE Bug 1223660 for CVE-2024-26951",
"url": "https://bugzilla.suse.com/1223660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26951"
},
{
"cve": "CVE-2024-26955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: prevent kernel bug at submit_bh_wbc()\n\nFix a bug where nilfs_get_block() returns a successful status when\nsearching and inserting the specified block both fail inconsistently. If\nthis inconsistent behavior is not due to a previously fixed bug, then an\nunexpected race is occurring, so return a temporary error -EAGAIN instead.\n\nThis prevents callers such as __block_write_begin_int() from requesting a\nread into a buffer that is not mapped, which would cause the BUG_ON check\nfor the BH_Mapped flag in submit_bh_wbc() to fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26955",
"url": "https://www.suse.com/security/cve/CVE-2024-26955"
},
{
"category": "external",
"summary": "SUSE Bug 1223657 for CVE-2024-26955",
"url": "https://bugzilla.suse.com/1223657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26955"
},
{
"cve": "CVE-2024-26956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix failure to detect DAT corruption in btree and direct mappings\n\nPatch series \"nilfs2: fix kernel bug at submit_bh_wbc()\".\n\nThis resolves a kernel BUG reported by syzbot. Since there are two\nflaws involved, I\u0027ve made each one a separate patch.\n\nThe first patch alone resolves the syzbot-reported bug, but I think\nboth fixes should be sent to stable, so I\u0027ve tagged them as such.\n\n\nThis patch (of 2):\n\nSyzbot has reported a kernel bug in submit_bh_wbc() when writing file data\nto a nilfs2 file system whose metadata is corrupted.\n\nThere are two flaws involved in this issue.\n\nThe first flaw is that when nilfs_get_block() locates a data block using\nbtree or direct mapping, if the disk address translation routine\nnilfs_dat_translate() fails with internal code -ENOENT due to DAT metadata\ncorruption, it can be passed back to nilfs_get_block(). This causes\nnilfs_get_block() to misidentify an existing block as non-existent,\ncausing both data block lookup and insertion to fail inconsistently.\n\nThe second flaw is that nilfs_get_block() returns a successful status in\nthis inconsistent state. This causes the caller __block_write_begin_int()\nor others to request a read even though the buffer is not mapped,\nresulting in a BUG_ON check for the BH_Mapped flag in submit_bh_wbc()\nfailing.\n\nThis fixes the first issue by changing the return value to code -EINVAL\nwhen a conversion using DAT fails with code -ENOENT, avoiding the\nconflicting condition that leads to the kernel bug described above. Here,\ncode -EINVAL indicates that metadata corruption was detected during the\nblock lookup, which will be properly handled as a file system error and\nconverted to -EIO when passing through the nilfs2 bmap layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26956",
"url": "https://www.suse.com/security/cve/CVE-2024-26956"
},
{
"category": "external",
"summary": "SUSE Bug 1223663 for CVE-2024-26956",
"url": "https://bugzilla.suse.com/1223663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26956"
},
{
"cve": "CVE-2024-26957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/zcrypt: fix reference counting on zcrypt card objects\n\nTests with hot-plugging crytpo cards on KVM guests with debug\nkernel build revealed an use after free for the load field of\nthe struct zcrypt_card. The reason was an incorrect reference\nhandling of the zcrypt card object which could lead to a free\nof the zcrypt card object while it was still in use.\n\nThis is an example of the slab message:\n\n kernel: 0x00000000885a7512-0x00000000885a7513 @offset=1298. First byte 0x68 instead of 0x6b\n kernel: Allocated in zcrypt_card_alloc+0x36/0x70 [zcrypt] age=18046 cpu=3 pid=43\n kernel: kmalloc_trace+0x3f2/0x470\n kernel: zcrypt_card_alloc+0x36/0x70 [zcrypt]\n kernel: zcrypt_cex4_card_probe+0x26/0x380 [zcrypt_cex4]\n kernel: ap_device_probe+0x15c/0x290\n kernel: really_probe+0xd2/0x468\n kernel: driver_probe_device+0x40/0xf0\n kernel: __device_attach_driver+0xc0/0x140\n kernel: bus_for_each_drv+0x8c/0xd0\n kernel: __device_attach+0x114/0x198\n kernel: bus_probe_device+0xb4/0xc8\n kernel: device_add+0x4d2/0x6e0\n kernel: ap_scan_adapter+0x3d0/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: Freed in zcrypt_card_put+0x54/0x80 [zcrypt] age=9024 cpu=3 pid=43\n kernel: kfree+0x37e/0x418\n kernel: zcrypt_card_put+0x54/0x80 [zcrypt]\n kernel: ap_device_remove+0x4c/0xe0\n kernel: device_release_driver_internal+0x1c4/0x270\n kernel: bus_remove_device+0x100/0x188\n kernel: device_del+0x164/0x3c0\n kernel: device_unregister+0x30/0x90\n kernel: ap_scan_adapter+0xc8/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: kthread+0x150/0x168\n kernel: __ret_from_fork+0x3c/0x58\n kernel: ret_from_fork+0xa/0x30\n kernel: Slab 0x00000372022169c0 objects=20 used=18 fp=0x00000000885a7c88 flags=0x3ffff00000000a00(workingset|slab|node=0|zone=1|lastcpupid=0x1ffff)\n kernel: Object 0x00000000885a74b8 @offset=1208 fp=0x00000000885a7c88\n kernel: Redzone 00000000885a74b0: bb bb bb bb bb bb bb bb ........\n kernel: Object 00000000885a74b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74f8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a7508: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 68 4b 6b 6b 6b a5 kkkkkkkkkkhKkkk.\n kernel: Redzone 00000000885a7518: bb bb bb bb bb bb bb bb ........\n kernel: Padding 00000000885a756c: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ\n kernel: CPU: 0 PID: 387 Comm: systemd-udevd Not tainted 6.8.0-HF #2\n kernel: Hardware name: IBM 3931 A01 704 (KVM/Linux)\n kernel: Call Trace:\n kernel: [\u003c00000000ca5ab5b8\u003e] dump_stack_lvl+0x90/0x120\n kernel: [\u003c00000000c99d78bc\u003e] check_bytes_and_report+0x114/0x140\n kernel: [\u003c00000000c99d53cc\u003e] check_object+0x334/0x3f8\n kernel: [\u003c00000000c99d820c\u003e] alloc_debug_processing+0xc4/0x1f8\n kernel: [\u003c00000000c99d852e\u003e] get_partial_node.part.0+0x1ee/0x3e0\n kernel: [\u003c00000000c99d94ec\u003e] ___slab_alloc+0xaf4/0x13c8\n kernel: [\u003c00000000c99d9e38\u003e] __slab_alloc.constprop.0+0x78/0xb8\n kernel: [\u003c00000000c99dc8dc\u003e] __kmalloc+0x434/0x590\n kernel: [\u003c00000000c9b4c0ce\u003e] ext4_htree_store_dirent+0x4e/0x1c0\n kernel: [\u003c00000000c9b908a2\u003e] htree_dirblock_to_tree+0x17a/0x3f0\n kernel: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26957",
"url": "https://www.suse.com/security/cve/CVE-2024-26957"
},
{
"category": "external",
"summary": "SUSE Bug 1223666 for CVE-2024-26957",
"url": "https://bugzilla.suse.com/1223666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26957"
},
{
"cve": "CVE-2024-26958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix UAF in direct writes\n\nIn production we have been hitting the following warning consistently\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28 refcount_warn_saturate+0x9c/0xe0\nWorkqueue: nfsiod nfs_direct_write_schedule_work [nfs]\nRIP: 0010:refcount_warn_saturate+0x9c/0xe0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x9f/0x130\n ? refcount_warn_saturate+0x9c/0xe0\n ? report_bug+0xcc/0x150\n ? handle_bug+0x3d/0x70\n ? exc_invalid_op+0x16/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? refcount_warn_saturate+0x9c/0xe0\n nfs_direct_write_schedule_work+0x237/0x250 [nfs]\n process_one_work+0x12f/0x4a0\n worker_thread+0x14e/0x3b0\n ? ZSTD_getCParams_internal+0x220/0x220\n kthread+0xdc/0x120\n ? __btf_name_valid+0xa0/0xa0\n ret_from_fork+0x1f/0x30\n\nThis is because we\u0027re completing the nfs_direct_request twice in a row.\n\nThe source of this is when we have our commit requests to submit, we\nprocess them and send them off, and then in the completion path for the\ncommit requests we have\n\nif (nfs_commit_end(cinfo.mds))\n\tnfs_direct_write_complete(dreq);\n\nHowever since we\u0027re submitting asynchronous requests we sometimes have\none that completes before we submit the next one, so we end up calling\ncomplete on the nfs_direct_request twice.\n\nThe only other place we use nfs_generic_commit_list() is in\n__nfs_commit_inode, which wraps this call in a\n\nnfs_commit_begin();\nnfs_commit_end();\n\nWhich is a common pattern for this style of completion handling, one\nthat is also repeated in the direct code with get_dreq()/put_dreq()\ncalls around where we process events as well as in the completion paths.\n\nFix this by using the same pattern for the commit requests.\n\nBefore with my 200 node rocksdb stress running this warning would pop\nevery 10ish minutes. With my patch the stress test has been running for\nseveral hours without popping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26958",
"url": "https://www.suse.com/security/cve/CVE-2024-26958"
},
{
"category": "external",
"summary": "SUSE Bug 1223653 for CVE-2024-26958",
"url": "https://bugzilla.suse.com/1223653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btnxpuart: Fix btnxpuart_close\n\nFix scheduling while atomic BUG in btnxpuart_close(), properly\npurge the transmit queue and free the receive skb.\n\n[ 10.973809] BUG: scheduling while atomic: kworker/u9:0/80/0x00000002\n...\n[ 10.980740] CPU: 3 PID: 80 Comm: kworker/u9:0 Not tainted 6.8.0-rc7-0.0.0-devel-00005-g61fdfceacf09 #1\n[ 10.980751] Hardware name: Toradex Verdin AM62 WB on Dahlia Board (DT)\n[ 10.980760] Workqueue: hci0 hci_power_off [bluetooth]\n[ 10.981169] Call trace:\n...\n[ 10.981363] uart_update_mctrl+0x58/0x78\n[ 10.981373] uart_dtr_rts+0x104/0x114\n[ 10.981381] tty_port_shutdown+0xd4/0xdc\n[ 10.981396] tty_port_close+0x40/0xbc\n[ 10.981407] uart_close+0x34/0x9c\n[ 10.981414] ttyport_close+0x50/0x94\n[ 10.981430] serdev_device_close+0x40/0x50\n[ 10.981442] btnxpuart_close+0x24/0x98 [btnxpuart]\n[ 10.981469] hci_dev_close_sync+0x2d8/0x718 [bluetooth]\n[ 10.981728] hci_dev_do_close+0x2c/0x70 [bluetooth]\n[ 10.981862] hci_power_off+0x20/0x64 [bluetooth]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26959",
"url": "https://www.suse.com/security/cve/CVE-2024-26959"
},
{
"category": "external",
"summary": "SUSE Bug 1223667 for CVE-2024-26959",
"url": "https://bugzilla.suse.com/1223667"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26959"
},
{
"cve": "CVE-2024-26960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: fix race between free_swap_and_cache() and swapoff()\n\nThere was previously a theoretical window where swapoff() could run and\nteardown a swap_info_struct while a call to free_swap_and_cache() was\nrunning in another thread. This could cause, amongst other bad\npossibilities, swap_page_trans_huge_swapped() (called by\nfree_swap_and_cache()) to access the freed memory for swap_map.\n\nThis is a theoretical problem and I haven\u0027t been able to provoke it from a\ntest case. But there has been agreement based on code review that this is\npossible (see link below).\n\nFix it by using get_swap_device()/put_swap_device(), which will stall\nswapoff(). There was an extra check in _swap_info_get() to confirm that\nthe swap entry was not free. This isn\u0027t present in get_swap_device()\nbecause it doesn\u0027t make sense in general due to the race between getting\nthe reference and swapoff. So I\u0027ve added an equivalent check directly in\nfree_swap_and_cache().\n\nDetails of how to provoke one possible issue (thanks to David Hildenbrand\nfor deriving this):\n\n--8\u003c-----\n\n__swap_entry_free() might be the last user and result in\n\"count == SWAP_HAS_CACHE\".\n\nswapoff-\u003etry_to_unuse() will stop as soon as soon as si-\u003einuse_pages==0.\n\nSo the question is: could someone reclaim the folio and turn\nsi-\u003einuse_pages==0, before we completed swap_page_trans_huge_swapped().\n\nImagine the following: 2 MiB folio in the swapcache. Only 2 subpages are\nstill references by swap entries.\n\nProcess 1 still references subpage 0 via swap entry.\nProcess 2 still references subpage 1 via swap entry.\n\nProcess 1 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n[then, preempted in the hypervisor etc.]\n\nProcess 2 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n\nProcess 2 goes ahead, passes swap_page_trans_huge_swapped(), and calls\n__try_to_reclaim_swap().\n\n__try_to_reclaim_swap()-\u003efolio_free_swap()-\u003edelete_from_swap_cache()-\u003e\nput_swap_folio()-\u003efree_swap_slot()-\u003eswapcache_free_entries()-\u003e\nswap_entry_free()-\u003eswap_range_free()-\u003e\n...\nWRITE_ONCE(si-\u003einuse_pages, si-\u003einuse_pages - nr_entries);\n\nWhat stops swapoff to succeed after process 2 reclaimed the swap cache\nbut before process1 finished its call to swap_page_trans_huge_swapped()?\n\n--8\u003c-----",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26960",
"url": "https://www.suse.com/security/cve/CVE-2024-26960"
},
{
"category": "external",
"summary": "SUSE Bug 1223655 for CVE-2024-26960",
"url": "https://bugzilla.suse.com/1223655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26960"
},
{
"cve": "CVE-2024-26961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: fix llsec key resources release in mac802154_llsec_key_del\n\nmac802154_llsec_key_del() can free resources of a key directly without\nfollowing the RCU rules for waiting before the end of a grace period. This\nmay lead to use-after-free in case llsec_lookup_key() is traversing the\nlist of keys in parallel with a key deletion:\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 4 PID: 16000 at lib/refcount.c:25 refcount_warn_saturate+0x162/0x2a0\nModules linked in:\nCPU: 4 PID: 16000 Comm: wpan-ping Not tainted 6.7.0 #19\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x162/0x2a0\nCall Trace:\n \u003cTASK\u003e\n llsec_lookup_key.isra.0+0x890/0x9e0\n mac802154_llsec_encrypt+0x30c/0x9c0\n ieee802154_subif_start_xmit+0x24/0x1e0\n dev_hard_start_xmit+0x13e/0x690\n sch_direct_xmit+0x2ae/0xbc0\n __dev_queue_xmit+0x11dd/0x3c20\n dgram_sendmsg+0x90b/0xd60\n __sys_sendto+0x466/0x4c0\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x45/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nAlso, ieee802154_llsec_key_entry structures are not freed by\nmac802154_llsec_key_del():\n\nunreferenced object 0xffff8880613b6980 (size 64):\n comm \"iwpan\", pid 2176, jiffies 4294761134 (age 60.475s)\n hex dump (first 32 bytes):\n 78 0d 8f 18 80 88 ff ff 22 01 00 00 00 00 ad de x.......\".......\n 00 00 00 00 00 00 00 00 03 00 cd ab 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81dcfa62\u003e] __kmem_cache_alloc_node+0x1e2/0x2d0\n [\u003cffffffff81c43865\u003e] kmalloc_trace+0x25/0xc0\n [\u003cffffffff88968b09\u003e] mac802154_llsec_key_add+0xac9/0xcf0\n [\u003cffffffff8896e41a\u003e] ieee802154_add_llsec_key+0x5a/0x80\n [\u003cffffffff8892adc6\u003e] nl802154_add_llsec_key+0x426/0x5b0\n [\u003cffffffff86ff293e\u003e] genl_family_rcv_msg_doit+0x1fe/0x2f0\n [\u003cffffffff86ff46d1\u003e] genl_rcv_msg+0x531/0x7d0\n [\u003cffffffff86fee7a9\u003e] netlink_rcv_skb+0x169/0x440\n [\u003cffffffff86ff1d88\u003e] genl_rcv+0x28/0x40\n [\u003cffffffff86fec15c\u003e] netlink_unicast+0x53c/0x820\n [\u003cffffffff86fecd8b\u003e] netlink_sendmsg+0x93b/0xe60\n [\u003cffffffff86b91b35\u003e] ____sys_sendmsg+0xac5/0xca0\n [\u003cffffffff86b9c3dd\u003e] ___sys_sendmsg+0x11d/0x1c0\n [\u003cffffffff86b9c65a\u003e] __sys_sendmsg+0xfa/0x1d0\n [\u003cffffffff88eadbf5\u003e] do_syscall_64+0x45/0xf0\n [\u003cffffffff890000ea\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nHandle the proper resource release in the RCU callback function\nmac802154_llsec_key_del_rcu().\n\nNote that if llsec_lookup_key() finds a key, it gets a refcount via\nllsec_key_get() and locally copies key id from key_entry (which is a\nlist element). So it\u0027s safe to call llsec_key_put() and free the list\nentry after the RCU grace period elapses.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26961",
"url": "https://www.suse.com/security/cve/CVE-2024-26961"
},
{
"category": "external",
"summary": "SUSE Bug 1223652 for CVE-2024-26961",
"url": "https://bugzilla.suse.com/1223652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26961"
},
{
"cve": "CVE-2024-26962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape\n\nFor raid456, if reshape is still in progress, then IO across reshape\nposition will wait for reshape to make progress. However, for dm-raid,\nin following cases reshape will never make progress hence IO will hang:\n\n1) the array is read-only;\n2) MD_RECOVERY_WAIT is set;\n3) MD_RECOVERY_FROZEN is set;\n\nAfter commit c467e97f079f (\"md/raid6: use valid sector values to determine\nif an I/O should wait on the reshape\") fix the problem that IO across\nreshape position doesn\u0027t wait for reshape, the dm-raid test\nshell/lvconvert-raid-reshape.sh start to hang:\n\n[root@fedora ~]# cat /proc/979/stack\n[\u003c0\u003e] wait_woken+0x7d/0x90\n[\u003c0\u003e] raid5_make_request+0x929/0x1d70 [raid456]\n[\u003c0\u003e] md_handle_request+0xc2/0x3b0 [md_mod]\n[\u003c0\u003e] raid_map+0x2c/0x50 [dm_raid]\n[\u003c0\u003e] __map_bio+0x251/0x380 [dm_mod]\n[\u003c0\u003e] dm_submit_bio+0x1f0/0x760 [dm_mod]\n[\u003c0\u003e] __submit_bio+0xc2/0x1c0\n[\u003c0\u003e] submit_bio_noacct_nocheck+0x17f/0x450\n[\u003c0\u003e] submit_bio_noacct+0x2bc/0x780\n[\u003c0\u003e] submit_bio+0x70/0xc0\n[\u003c0\u003e] mpage_readahead+0x169/0x1f0\n[\u003c0\u003e] blkdev_readahead+0x18/0x30\n[\u003c0\u003e] read_pages+0x7c/0x3b0\n[\u003c0\u003e] page_cache_ra_unbounded+0x1ab/0x280\n[\u003c0\u003e] force_page_cache_ra+0x9e/0x130\n[\u003c0\u003e] page_cache_sync_ra+0x3b/0x110\n[\u003c0\u003e] filemap_get_pages+0x143/0xa30\n[\u003c0\u003e] filemap_read+0xdc/0x4b0\n[\u003c0\u003e] blkdev_read_iter+0x75/0x200\n[\u003c0\u003e] vfs_read+0x272/0x460\n[\u003c0\u003e] ksys_read+0x7a/0x170\n[\u003c0\u003e] __x64_sys_read+0x1c/0x30\n[\u003c0\u003e] do_syscall_64+0xc6/0x230\n[\u003c0\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74\n\nThis is because reshape can\u0027t make progress.\n\nFor md/raid, the problem doesn\u0027t exist because register new sync_thread\ndoesn\u0027t rely on the IO to be done any more:\n\n1) If array is read-only, it can switch to read-write by ioctl/sysfs;\n2) md/raid never set MD_RECOVERY_WAIT;\n3) If MD_RECOVERY_FROZEN is set, mddev_suspend() doesn\u0027t hold\n \u0027reconfig_mutex\u0027, hence it can be cleared and reshape can continue by\n sysfs api \u0027sync_action\u0027.\n\nHowever, I\u0027m not sure yet how to avoid the problem in dm-raid yet. This\npatch on the one hand make sure raid_message() can\u0027t change\nsync_thread() through raid_message() after presuspend(), on the other\nhand detect the above 3 cases before wait for IO do be done in\ndm_suspend(), and let dm-raid requeue those IO.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26962",
"url": "https://www.suse.com/security/cve/CVE-2024-26962"
},
{
"category": "external",
"summary": "SUSE Bug 1223654 for CVE-2024-26962",
"url": "https://bugzilla.suse.com/1223654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26962"
},
{
"cve": "CVE-2024-26963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3-am62: fix module unload/reload behavior\n\nAs runtime PM is enabled, the module can be runtime\nsuspended when .remove() is called.\n\nDo a pm_runtime_get_sync() to make sure module is active\nbefore doing any register operations.\n\nDoing a pm_runtime_put_sync() should disable the refclk\nso no need to disable it again.\n\nFixes the below warning at module removel.\n\n[ 39.705310] ------------[ cut here ]------------\n[ 39.710004] clk:162:3 already disabled\n[ 39.713941] WARNING: CPU: 0 PID: 921 at drivers/clk/clk.c:1090 clk_core_disable+0xb0/0xb8\n\nWe called of_platform_populate() in .probe() so call the\ncleanup function of_platform_depopulate() in .remove().\nGet rid of the now unnnecessary dwc3_ti_remove_core().\nWithout this, module re-load doesn\u0027t work properly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26963",
"url": "https://www.suse.com/security/cve/CVE-2024-26963"
},
{
"category": "external",
"summary": "SUSE Bug 1223651 for CVE-2024-26963",
"url": "https://bugzilla.suse.com/1223651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26963"
},
{
"cve": "CVE-2024-26964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Add error handling in xhci_map_urb_for_dma\n\nCurrently xhci_map_urb_for_dma() creates a temporary buffer and copies\nthe SG list to the new linear buffer. But if the kzalloc_node() fails,\nthen the following sg_pcopy_to_buffer() can lead to crash since it\ntries to memcpy to NULL pointer.\n\nSo return -ENOMEM if kzalloc returns null pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26964",
"url": "https://www.suse.com/security/cve/CVE-2024-26964"
},
{
"category": "external",
"summary": "SUSE Bug 1223650 for CVE-2024-26964",
"url": "https://bugzilla.suse.com/1223650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26964"
},
{
"cve": "CVE-2024-26965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: mmcc-msm8974: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26965",
"url": "https://www.suse.com/security/cve/CVE-2024-26965"
},
{
"category": "external",
"summary": "SUSE Bug 1223648 for CVE-2024-26965",
"url": "https://bugzilla.suse.com/1223648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26965"
},
{
"cve": "CVE-2024-26966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: mmcc-apq8084: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26966",
"url": "https://www.suse.com/security/cve/CVE-2024-26966"
},
{
"category": "external",
"summary": "SUSE Bug 1223646 for CVE-2024-26966",
"url": "https://bugzilla.suse.com/1223646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26966"
},
{
"cve": "CVE-2024-26968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26968"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq9574: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26968",
"url": "https://www.suse.com/security/cve/CVE-2024-26968"
},
{
"category": "external",
"summary": "SUSE Bug 1223642 for CVE-2024-26968",
"url": "https://bugzilla.suse.com/1223642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26968"
},
{
"cve": "CVE-2024-26969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq8074: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26969",
"url": "https://www.suse.com/security/cve/CVE-2024-26969"
},
{
"category": "external",
"summary": "SUSE Bug 1223645 for CVE-2024-26969",
"url": "https://bugzilla.suse.com/1223645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26969"
},
{
"cve": "CVE-2024-26970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: qcom: gcc-ipq6018: fix terminating of frequency table arrays\n\nThe frequency table arrays are supposed to be terminated with an\nempty element. Add such entry to the end of the arrays where it\nis missing in order to avoid possible out-of-bound access when\nthe table is traversed by functions like qcom_find_freq() or\nqcom_find_freq_floor().\n\nOnly compile tested.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26970",
"url": "https://www.suse.com/security/cve/CVE-2024-26970"
},
{
"category": "external",
"summary": "SUSE Bug 1223644 for CVE-2024-26970",
"url": "https://bugzilla.suse.com/1223644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26970"
},
{
"cve": "CVE-2024-26972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26972"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26972",
"url": "https://www.suse.com/security/cve/CVE-2024-26972"
},
{
"category": "external",
"summary": "SUSE Bug 1223643 for CVE-2024-26972",
"url": "https://bugzilla.suse.com/1223643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26972"
},
{
"cve": "CVE-2024-26973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfat: fix uninitialized field in nostale filehandles\n\nWhen fat_encode_fh_nostale() encodes file handle without a parent it\nstores only first 10 bytes of the file handle. However the length of the\nfile handle must be a multiple of 4 so the file handle is actually 12\nbytes long and the last two bytes remain uninitialized. This is not\ngreat at we potentially leak uninitialized information with the handle\nto userspace. Properly initialize the full handle length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26973",
"url": "https://www.suse.com/security/cve/CVE-2024-26973"
},
{
"category": "external",
"summary": "SUSE Bug 1223641 for CVE-2024-26973",
"url": "https://bugzilla.suse.com/1223641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26973"
},
{
"cve": "CVE-2024-26974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: qat - resolve race condition during AER recovery\n\nDuring the PCI AER system\u0027s error recovery process, the kernel driver\nmay encounter a race condition with freeing the reset_data structure\u0027s\nmemory. If the device restart will take more than 10 seconds the function\nscheduling that restart will exit due to a timeout, and the reset_data\nstructure will be freed. However, this data structure is used for\ncompletion notification after the restart is completed, which leads\nto a UAF bug.\n\nThis results in a KFENCE bug notice.\n\n BUG: KFENCE: use-after-free read in adf_device_reset_worker+0x38/0xa0 [intel_qat]\n Use-after-free read at 0x00000000bc56fddf (in kfence-#142):\n adf_device_reset_worker+0x38/0xa0 [intel_qat]\n process_one_work+0x173/0x340\n\nTo resolve this race condition, the memory associated to the container\nof the work_struct is freed on the worker if the timeout expired,\notherwise on the function that schedules the worker.\nThe timeout detection can be done by checking if the caller is\nstill waiting for completion or not by using completion_done() function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26974",
"url": "https://www.suse.com/security/cve/CVE-2024-26974"
},
{
"category": "external",
"summary": "SUSE Bug 1223638 for CVE-2024-26974",
"url": "https://bugzilla.suse.com/1223638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26974"
},
{
"cve": "CVE-2024-26975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowercap: intel_rapl: Fix a NULL pointer dereference\n\nA NULL pointer dereference is triggered when probing the MMIO RAPL\ndriver on platforms with CPU ID not listed in intel_rapl_common CPU\nmodel list.\n\nThis is because the intel_rapl_common module still probes on such\nplatforms even if \u0027defaults_msr\u0027 is not set after commit 1488ac990ac8\n(\"powercap: intel_rapl: Allow probing without CPUID match\"). Thus the\nMMIO RAPL rp-\u003epriv-\u003edefaults is NULL when registering to RAPL framework.\n\nFix the problem by adding sanity check to ensure rp-\u003epriv-\u003erapl_defaults\nis always valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26975",
"url": "https://www.suse.com/security/cve/CVE-2024-26975"
},
{
"category": "external",
"summary": "SUSE Bug 1223632 for CVE-2024-26975",
"url": "https://bugzilla.suse.com/1223632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26975"
},
{
"cve": "CVE-2024-26977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npci_iounmap(): Fix MMIO mapping leak\n\nThe #ifdef ARCH_HAS_GENERIC_IOPORT_MAP accidentally also guards iounmap(),\nwhich means MMIO mappings are leaked.\n\nMove the guard so we call iounmap() for MMIO mappings.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26977",
"url": "https://www.suse.com/security/cve/CVE-2024-26977"
},
{
"category": "external",
"summary": "SUSE Bug 1223631 for CVE-2024-26977",
"url": "https://bugzilla.suse.com/1223631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26977"
},
{
"cve": "CVE-2024-26978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max310x: fix NULL pointer dereference in I2C instantiation\n\nWhen trying to instantiate a max14830 device from userspace:\n\n echo max14830 0x60 \u003e /sys/bus/i2c/devices/i2c-2/new_device\n\nwe get the following error:\n\n Unable to handle kernel NULL pointer dereference at virtual address...\n ...\n Call trace:\n max310x_i2c_probe+0x48/0x170 [max310x]\n i2c_device_probe+0x150/0x2a0\n ...\n\nAdd check for validity of devtype to prevent the error, and abort probe\nwith a meaningful error message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26978",
"url": "https://www.suse.com/security/cve/CVE-2024-26978"
},
{
"category": "external",
"summary": "SUSE Bug 1223629 for CVE-2024-26978",
"url": "https://bugzilla.suse.com/1223629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26978"
},
{
"cve": "CVE-2024-26981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix OOB in nilfs_set_de_type\n\nThe size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is\ndefined as \"S_IFMT \u003e\u003e S_SHIFT\", but the nilfs_set_de_type() function,\nwhich uses this array, specifies the index to read from the array in the\nsame way as \"(mode \u0026 S_IFMT) \u003e\u003e S_SHIFT\".\n\nstatic void nilfs_set_de_type(struct nilfs_dir_entry *de, struct inode\n *inode)\n{\n\tumode_t mode = inode-\u003ei_mode;\n\n\tde-\u003efile_type = nilfs_type_by_mode[(mode \u0026 S_IFMT)\u003e\u003eS_SHIFT]; // oob\n}\n\nHowever, when the index is determined this way, an out-of-bounds (OOB)\nerror occurs by referring to an index that is 1 larger than the array size\nwhen the condition \"mode \u0026 S_IFMT == S_IFMT\" is satisfied. Therefore, a\npatch to resize the nilfs_type_by_mode array should be applied to prevent\nOOB errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26981",
"url": "https://www.suse.com/security/cve/CVE-2024-26981"
},
{
"category": "external",
"summary": "SUSE Bug 1223668 for CVE-2024-26981",
"url": "https://bugzilla.suse.com/1223668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26981"
},
{
"cve": "CVE-2024-26982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check the inode number is not the invalid value of zero\n\nSyskiller has produced an out of bounds access in fill_meta_index().\n\nThat out of bounds access is ultimately caused because the inode\nhas an inode number with the invalid value of zero, which was not checked.\n\nThe reason this causes the out of bounds access is due to following\nsequence of events:\n\n1. Fill_meta_index() is called to allocate (via empty_meta_index())\n and fill a metadata index. It however suffers a data read error\n and aborts, invalidating the newly returned empty metadata index.\n It does this by setting the inode number of the index to zero,\n which means unused (zero is not a valid inode number).\n\n2. When fill_meta_index() is subsequently called again on another\n read operation, locate_meta_index() returns the previous index\n because it matches the inode number of 0. Because this index\n has been returned it is expected to have been filled, and because\n it hasn\u0027t been, an out of bounds access is performed.\n\nThis patch adds a sanity check which checks that the inode number\nis not zero when the inode is created and returns -EINVAL if it is.\n\n[phillip@squashfs.org.uk: whitespace fix]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26982",
"url": "https://www.suse.com/security/cve/CVE-2024-26982"
},
{
"category": "external",
"summary": "SUSE Bug 1223634 for CVE-2024-26982",
"url": "https://bugzilla.suse.com/1223634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26982"
},
{
"cve": "CVE-2024-26983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbootconfig: use memblock_free_late to free xbc memory to buddy\n\nOn the time to free xbc memory in xbc_exit(), memblock may has handed\nover memory to buddy allocator. So it doesn\u0027t make sense to free memory\nback to memblock. memblock_free() called by xbc_exit() even causes UAF bugs\non architectures with CONFIG_ARCH_KEEP_MEMBLOCK disabled like x86.\nFollowing KASAN logs shows this case.\n\nThis patch fixes the xbc memory free problem by calling memblock_free()\nin early xbc init error rewind path and calling memblock_free_late() in\nxbc exit path to free memory to buddy allocator.\n\n[ 9.410890] ==================================================================\n[ 9.418962] BUG: KASAN: use-after-free in memblock_isolate_range+0x12d/0x260\n[ 9.426850] Read of size 8 at addr ffff88845dd30000 by task swapper/0/1\n\n[ 9.435901] CPU: 9 PID: 1 Comm: swapper/0 Tainted: G U 6.9.0-rc3-00208-g586b5dfb51b9 #5\n[ 9.446403] Hardware name: Intel Corporation RPLP LP5 (CPU:RaptorLake)/RPLP LP5 (ID:13), BIOS IRPPN02.01.01.00.00.19.015.D-00000000 Dec 28 2023\n[ 9.460789] Call Trace:\n[ 9.463518] \u003cTASK\u003e\n[ 9.465859] dump_stack_lvl+0x53/0x70\n[ 9.469949] print_report+0xce/0x610\n[ 9.473944] ? __virt_addr_valid+0xf5/0x1b0\n[ 9.478619] ? memblock_isolate_range+0x12d/0x260\n[ 9.483877] kasan_report+0xc6/0x100\n[ 9.487870] ? memblock_isolate_range+0x12d/0x260\n[ 9.493125] memblock_isolate_range+0x12d/0x260\n[ 9.498187] memblock_phys_free+0xb4/0x160\n[ 9.502762] ? __pfx_memblock_phys_free+0x10/0x10\n[ 9.508021] ? mutex_unlock+0x7e/0xd0\n[ 9.512111] ? __pfx_mutex_unlock+0x10/0x10\n[ 9.516786] ? kernel_init_freeable+0x2d4/0x430\n[ 9.521850] ? __pfx_kernel_init+0x10/0x10\n[ 9.526426] xbc_exit+0x17/0x70\n[ 9.529935] kernel_init+0x38/0x1e0\n[ 9.533829] ? _raw_spin_unlock_irq+0xd/0x30\n[ 9.538601] ret_from_fork+0x2c/0x50\n[ 9.542596] ? __pfx_kernel_init+0x10/0x10\n[ 9.547170] ret_from_fork_asm+0x1a/0x30\n[ 9.551552] \u003c/TASK\u003e\n\n[ 9.555649] The buggy address belongs to the physical page:\n[ 9.561875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x45dd30\n[ 9.570821] flags: 0x200000000000000(node=0|zone=2)\n[ 9.576271] page_type: 0xffffffff()\n[ 9.580167] raw: 0200000000000000 ffffea0011774c48 ffffea0012ba1848 0000000000000000\n[ 9.588823] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000\n[ 9.597476] page dumped because: kasan: bad access detected\n\n[ 9.605362] Memory state around the buggy address:\n[ 9.610714] ffff88845dd2ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 9.618786] ffff88845dd2ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 9.626857] \u003effff88845dd30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.634930] ^\n[ 9.638534] ffff88845dd30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.646605] ffff88845dd30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.654675] ==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26983",
"url": "https://www.suse.com/security/cve/CVE-2024-26983"
},
{
"category": "external",
"summary": "SUSE Bug 1223637 for CVE-2024-26983",
"url": "https://bugzilla.suse.com/1223637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26983"
},
{
"cve": "CVE-2024-26984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: fix instmem race condition around ptr stores\n\nRunning a lot of VK CTS in parallel against nouveau, once every\nfew hours you might see something like this crash.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 8000000114e6e067 P4D 8000000114e6e067 PUD 109046067 PMD 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 7 PID: 53891 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\nHardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\nRIP: 0010:gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\nCode: c7 48 01 c8 49 89 45 58 85 d2 0f 84 95 00 00 00 41 0f b7 46 12 49 8b 7e 08 89 da 42 8d 2c f8 48 8b 47 08 41 83 c7 01 48 89 ee \u003c48\u003e 8b 40 08 ff d0 0f 1f 00 49 8b 7e 08 48 89 d9 48 8d 75 04 48 c1\nRSP: 0000:ffffac20c5857838 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000004d8001 RCX: 0000000000000001\nRDX: 00000000004d8001 RSI: 00000000000006d8 RDI: ffffa07afe332180\nRBP: 00000000000006d8 R08: ffffac20c5857ad0 R09: 0000000000ffff10\nR10: 0000000000000001 R11: ffffa07af27e2de0 R12: 000000000000001c\nR13: ffffac20c5857ad0 R14: ffffa07a96fe9040 R15: 000000000000001c\nFS: 00007fe395eed7c0(0000) GS:ffffa07e2c980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000011febe001 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n...\n\n ? gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\n ? gp100_vmm_pgt_mem+0x37/0x180 [nouveau]\n nvkm_vmm_iter+0x351/0xa20 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __lock_acquire+0x3ed/0x2170\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_ptes_get_map+0xc2/0x100 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_map_locked+0x224/0x3a0 [nouveau]\n\nAdding any sort of useful debug usually makes it go away, so I hand\nwrote the function in a line, and debugged the asm.\n\nEvery so often pt-\u003ememory-\u003eptrs is NULL. This ptrs ptr is set in\nthe nv50_instobj_acquire called from nvkm_kmap.\n\nIf Thread A and Thread B both get to nv50_instobj_acquire around\nthe same time, and Thread A hits the refcount_set line, and in\nlockstep thread B succeeds at refcount_inc_not_zero, there is a\nchance the ptrs value won\u0027t have been stored since refcount_set\nis unordered. Force a memory barrier here, I picked smp_mb, since\nwe want it on all CPUs and it\u0027s write followed by a read.\n\nv2: use paired smp_rmb/smp_wmb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26984",
"url": "https://www.suse.com/security/cve/CVE-2024-26984"
},
{
"category": "external",
"summary": "SUSE Bug 1223633 for CVE-2024-26984",
"url": "https://bugzilla.suse.com/1223633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26984"
},
{
"cve": "CVE-2024-26986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix memory leak in create_process failure\n\nFix memory leak due to a leaked mmget reference on an error handling\ncode path that is triggered when attempting to create KFD processes\nwhile a GPU reset is in progress.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26986",
"url": "https://www.suse.com/security/cve/CVE-2024-26986"
},
{
"category": "external",
"summary": "SUSE Bug 1223728 for CVE-2024-26986",
"url": "https://bugzilla.suse.com/1223728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26986"
},
{
"cve": "CVE-2024-26988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninit/main.c: Fix potential static_command_line memory overflow\n\nWe allocate memory of size \u0027xlen + strlen(boot_command_line) + 1\u0027 for\nstatic_command_line, but the strings copied into static_command_line are\nextra_command_line and command_line, rather than extra_command_line and\nboot_command_line.\n\nWhen strlen(command_line) \u003e strlen(boot_command_line), static_command_line\nwill overflow.\n\nThis patch just recovers strlen(command_line) which was miss-consolidated\nwith strlen(boot_command_line) in the commit f5c7310ac73e (\"init/main: add\nchecks for the return value of memblock_alloc*()\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26988",
"url": "https://www.suse.com/security/cve/CVE-2024-26988"
},
{
"category": "external",
"summary": "SUSE Bug 1223747 for CVE-2024-26988",
"url": "https://bugzilla.suse.com/1223747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26988"
},
{
"cve": "CVE-2024-26989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: hibernate: Fix level3 translation fault in swsusp_save()\n\nOn arm64 machines, swsusp_save() faults if it attempts to access\nMEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI\nwhen booting with rodata=off debug_pagealloc=off and CONFIG_KFENCE=n:\n\n Unable to handle kernel paging request at virtual address ffffff8000000000\n Mem abort info:\n ESR = 0x0000000096000007\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x07: level 3 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n swapper pgtable: 4k pages, 39-bit VAs, pgdp=00000000eeb0b000\n [ffffff8000000000] pgd=180000217fff9803, p4d=180000217fff9803, pud=180000217fff9803, pmd=180000217fff8803, pte=0000000000000000\n Internal error: Oops: 0000000096000007 [#1] SMP\n Internal error: Oops: 0000000096000007 [#1] SMP\n Modules linked in: xt_multiport ipt_REJECT nf_reject_ipv4 xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_filter bpfilter rfkill at803x snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg dwmac_generic stmmac_platform snd_hda_codec stmmac joydev pcs_xpcs snd_hda_core phylink ppdev lp parport ramoops reed_solomon ip_tables x_tables nls_iso8859_1 vfat multipath linear amdgpu amdxcp drm_exec gpu_sched drm_buddy hid_generic usbhid hid radeon video drm_suballoc_helper drm_ttm_helper ttm i2c_algo_bit drm_display_helper cec drm_kms_helper drm\n CPU: 0 PID: 3663 Comm: systemd-sleep Not tainted 6.6.2+ #76\n Source Version: 4e22ed63a0a48e7a7cff9b98b7806d8d4add7dc0\n Hardware name: Greatwall GW-XXXXXX-XXX/GW-XXXXXX-XXX, BIOS KunLun BIOS V4.0 01/19/2021\n pstate: 600003c5 (nZCv DAIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : swsusp_save+0x280/0x538\n lr : swsusp_save+0x280/0x538\n sp : ffffffa034a3fa40\n x29: ffffffa034a3fa40 x28: ffffff8000001000 x27: 0000000000000000\n x26: ffffff8001400000 x25: ffffffc08113e248 x24: 0000000000000000\n x23: 0000000000080000 x22: ffffffc08113e280 x21: 00000000000c69f2\n x20: ffffff8000000000 x19: ffffffc081ae2500 x18: 0000000000000000\n x17: 6666662074736420 x16: 3030303030303030 x15: 3038666666666666\n x14: 0000000000000b69 x13: ffffff9f89088530 x12: 00000000ffffffea\n x11: 00000000ffff7fff x10: 00000000ffff7fff x9 : ffffffc08193f0d0\n x8 : 00000000000bffe8 x7 : c0000000ffff7fff x6 : 0000000000000001\n x5 : ffffffa0fff09dc8 x4 : 0000000000000000 x3 : 0000000000000027\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 000000000000004e\n Call trace:\n swsusp_save+0x280/0x538\n swsusp_arch_suspend+0x148/0x190\n hibernation_snapshot+0x240/0x39c\n hibernate+0xc4/0x378\n state_store+0xf0/0x10c\n kobj_attr_store+0x14/0x24\n\nThe reason is swsusp_save() -\u003e copy_data_pages() -\u003e page_is_saveable()\n-\u003e kernel_page_present() assuming that a page is always present when\ncan_set_direct_map() is false (all of rodata_full,\ndebug_pagealloc_enabled() and arm64_kfence_can_set_direct_map() false),\nirrespective of the MEMBLOCK_NOMAP ranges. Such MEMBLOCK_NOMAP regions\nshould not be saved during hibernation.\n\nThis problem was introduced by changes to the pfn_valid() logic in\ncommit a7d9f306ba70 (\"arm64: drop pfn_valid_within() and simplify\npfn_valid()\").\n\nSimilar to other architectures, drop the !can_set_direct_map() check in\nkernel_page_present() so that page_is_savable() skips such pages.\n\n[catalin.marinas@arm.com: rework commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26989",
"url": "https://www.suse.com/security/cve/CVE-2024-26989"
},
{
"category": "external",
"summary": "SUSE Bug 1223748 for CVE-2024-26989",
"url": "https://bugzilla.suse.com/1223748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26989"
},
{
"cve": "CVE-2024-26990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status\n\nCheck kvm_mmu_page_ad_need_write_protect() when deciding whether to\nwrite-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU\naccounts for any role-specific reasons for disabling D-bit dirty logging.\n\nSpecifically, TDP MMU SPTEs must be write-protected when the TDP MMU is\nbeing used to run an L2 (i.e. L1 has disabled EPT) and PML is enabled.\nKVM always disables PML when running L2, even when L1 and L2 GPAs are in\nthe some domain, so failing to write-protect TDP MMU SPTEs will cause\nwrites made by L2 to not be reflected in the dirty log.\n\n[sean: massage shortlog and changelog, tweak ternary op formatting]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26990",
"url": "https://www.suse.com/security/cve/CVE-2024-26990"
},
{
"category": "external",
"summary": "SUSE Bug 1223749 for CVE-2024-26990",
"url": "https://bugzilla.suse.com/1223749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26990"
},
{
"cve": "CVE-2024-26991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: x86: Don\u0027t overflow lpage_info when checking attributes\n\nFix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info array and trigger\nKASAN splat, as seen in the private_mem_conversions_test selftest.\n\nWhen memory attributes are set on a GFN range, that range will have\nspecific properties applied to the TDP. A huge page cannot be used when\nthe attributes are inconsistent, so they are disabled for those the\nspecific huge pages. For internal KVM reasons, huge pages are also not\nallowed to span adjacent memslots regardless of whether the backing memory\ncould be mapped as huge.\n\nWhat GFNs support which huge page sizes is tracked by an array of arrays\n\u0027lpage_info\u0027 on the memslot, of \u0027kvm_lpage_info\u0027 structs. Each index of\nlpage_info contains a vmalloc allocated array of these for a specific\nsupported page size. The kvm_lpage_info denotes whether a specific huge\npage (GFN and page size) on the memslot is supported. These arrays include\nindices for unaligned head and tail huge pages.\n\nPreventing huge pages from spanning adjacent memslot is covered by\nincrementing the count in head and tail kvm_lpage_info when the memslot is\nallocated, but disallowing huge pages for memory that has mixed attributes\nhas to be done in a more complicated way. During the\nKVM_SET_MEMORY_ATTRIBUTES ioctl KVM updates lpage_info for each memslot in\nthe range that has mismatched attributes. KVM does this a memslot at a\ntime, and marks a special bit, KVM_LPAGE_MIXED_FLAG, in the kvm_lpage_info\nfor any huge page. This bit is essentially a permanently elevated count.\nSo huge pages will not be mapped for the GFN at that page size if the\ncount is elevated in either case: a huge head or tail page unaligned to\nthe memslot or if KVM_LPAGE_MIXED_FLAG is set because it has mixed\nattributes.\n\nTo determine whether a huge page has consistent attributes, the\nKVM_SET_MEMORY_ATTRIBUTES operation checks an xarray to make sure it\nconsistently has the incoming attribute. Since level - 1 huge pages are\naligned to level huge pages, it employs an optimization. As long as the\nlevel - 1 huge pages are checked first, it can just check these and assume\nthat if each level - 1 huge page contained within the level sized huge\npage is not mixed, then the level size huge page is not mixed. This\noptimization happens in the helper hugepage_has_attrs().\n\nUnfortunately, although the kvm_lpage_info array representing page size\n\u0027level\u0027 will contain an entry for an unaligned tail page of size level,\nthe array for level - 1 will not contain an entry for each GFN at page\nsize level. The level - 1 array will only contain an index for any\nunaligned region covered by level - 1 huge page size, which can be a\nsmaller region. So this causes the optimization to overflow the level - 1\nkvm_lpage_info and perform a vmalloc out of bounds read.\n\nIn some cases of head and tail pages where an overflow could happen,\ncallers skip the operation completely as KVM_LPAGE_MIXED_FLAG is not\nrequired to prevent huge pages as discussed earlier. But for memslots that\nare smaller than the 1GB page size, it does call hugepage_has_attrs(). In\nthis case the huge page is both the head and tail page. The issue can be\nobserved simply by compiling the kernel with CONFIG_KASAN_VMALLOC and\nrunning the selftest \"private_mem_conversions_test\", which produces the\noutput like the following:\n\nBUG: KASAN: vmalloc-out-of-bounds in hugepage_has_attrs+0x7e/0x110\nRead of size 4 at addr ffffc900000a3008 by task private_mem_con/169\nCall Trace:\n dump_stack_lvl\n print_report\n ? __virt_addr_valid\n ? hugepage_has_attrs\n ? hugepage_has_attrs\n kasan_report\n ? hugepage_has_attrs\n hugepage_has_attrs\n kvm_arch_post_set_memory_attributes\n kvm_vm_ioctl\n\nIt is a little ambiguous whether the unaligned head page (in the bug case\nalso the tail page) should be expected to have KVM_LPAGE_MIXED_FLAG set.\nIt is not functionally required, as the unal\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26991",
"url": "https://www.suse.com/security/cve/CVE-2024-26991"
},
{
"category": "external",
"summary": "SUSE Bug 1223695 for CVE-2024-26991",
"url": "https://bugzilla.suse.com/1223695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26991"
},
{
"cve": "CVE-2024-26992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/pmu: Disable support for adaptive PEBS\n\nDrop support for virtualizing adaptive PEBS, as KVM\u0027s implementation is\narchitecturally broken without an obvious/easy path forward, and because\nexposing adaptive PEBS can leak host LBRs to the guest, i.e. can leak\nhost kernel addresses to the guest.\n\nBug #1 is that KVM doesn\u0027t account for the upper 32 bits of\nIA32_FIXED_CTR_CTRL when (re)programming fixed counters, e.g\nfixed_ctrl_field() drops the upper bits, reprogram_fixed_counters()\nstores local variables as u8s and truncates the upper bits too, etc.\n\nBug #2 is that, because KVM _always_ sets precise_ip to a non-zero value\nfor PEBS events, perf will _always_ generate an adaptive record, even if\nthe guest requested a basic record. Note, KVM will also enable adaptive\nPEBS in individual *counter*, even if adaptive PEBS isn\u0027t exposed to the\nguest, but this is benign as MSR_PEBS_DATA_CFG is guaranteed to be zero,\ni.e. the guest will only ever see Basic records.\n\nBug #3 is in perf. intel_pmu_disable_fixed() doesn\u0027t clear the upper\nbits either, i.e. leaves ICL_FIXED_0_ADAPTIVE set, and\nintel_pmu_enable_fixed() effectively doesn\u0027t clear ICL_FIXED_0_ADAPTIVE\neither. I.e. perf _always_ enables ADAPTIVE counters, regardless of what\nKVM requests.\n\nBug #4 is that adaptive PEBS *might* effectively bypass event filters set\nby the host, as \"Updated Memory Access Info Group\" records information\nthat might be disallowed by userspace via KVM_SET_PMU_EVENT_FILTER.\n\nBug #5 is that KVM doesn\u0027t ensure LBR MSRs hold guest values (or at least\nzeros) when entering a vCPU with adaptive PEBS, which allows the guest\nto read host LBRs, i.e. host RIPs/addresses, by enabling \"LBR Entries\"\nrecords.\n\nDisable adaptive PEBS support as an immediate fix due to the severity of\nthe LBR leak in particular, and because fixing all of the bugs will be\nnon-trivial, e.g. not suitable for backporting to stable kernels.\n\nNote! This will break live migration, but trying to make KVM play nice\nwith live migration would be quite complicated, wouldn\u0027t be guaranteed to\nwork (i.e. KVM might still kill/confuse the guest), and it\u0027s not clear\nthat there are any publicly available VMMs that support adaptive PEBS,\nlet alone live migrate VMs that support adaptive PEBS, e.g. QEMU doesn\u0027t\nsupport PEBS in any capacity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26992",
"url": "https://www.suse.com/security/cve/CVE-2024-26992"
},
{
"category": "external",
"summary": "SUSE Bug 1223692 for CVE-2024-26992",
"url": "https://bugzilla.suse.com/1223692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26992"
},
{
"cve": "CVE-2024-26993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26993",
"url": "https://www.suse.com/security/cve/CVE-2024-26993"
},
{
"category": "external",
"summary": "SUSE Bug 1223693 for CVE-2024-26993",
"url": "https://bugzilla.suse.com/1223693"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-26994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspeakup: Avoid crash on very long word\n\nIn case a console is set up really large and contains a really long word\n(\u003e 256 characters), we have to stop before the length of the word buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26994",
"url": "https://www.suse.com/security/cve/CVE-2024-26994"
},
{
"category": "external",
"summary": "SUSE Bug 1223750 for CVE-2024-26994",
"url": "https://bugzilla.suse.com/1223750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26994"
},
{
"cve": "CVE-2024-26995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Correct the PDO counting in pd_set\n\nOff-by-one errors happen because nr_snk_pdo and nr_src_pdo are\nincorrectly added one. The index of the loop is equal to the number of\nPDOs to be updated when leaving the loop and it doesn\u0027t need to be added\none.\n\nWhen doing the power negotiation, TCPM relies on the \"nr_snk_pdo\" as\nthe size of the local sink PDO array to match the Source capabilities\nof the partner port. If the off-by-one overflow occurs, a wrong RDO\nmight be sent and unexpected power transfer might happen such as over\nvoltage or over current (than expected).\n\n\"nr_src_pdo\" is used to set the Rp level when the port is in Source\nrole. It is also the array size of the local Source capabilities when\nfilling up the buffer which will be sent as the Source PDOs (such as\nin Power Negotiation). If the off-by-one overflow occurs, a wrong Rp\nlevel might be set and wrong Source PDOs will be sent to the partner\nport. This could potentially cause over current or port resets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26995",
"url": "https://www.suse.com/security/cve/CVE-2024-26995"
},
{
"category": "external",
"summary": "SUSE Bug 1223696 for CVE-2024-26995",
"url": "https://bugzilla.suse.com/1223696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26995"
},
{
"cve": "CVE-2024-26996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error\n\nWhen ncm function is working and then stop usb0 interface for link down,\neth_stop() is called. At this piont, accidentally if usb transport error\nshould happen in usb_ep_enable(), \u0027in_ep\u0027 and/or \u0027out_ep\u0027 may not be enabled.\n\nAfter that, ncm_disable() is called to disable for ncm unbind\nbut gether_disconnect() is never called since \u0027in_ep\u0027 is not enabled.\n\nAs the result, ncm object is released in ncm unbind\nbut \u0027dev-\u003eport_usb\u0027 associated to \u0027ncm-\u003eport\u0027 is not NULL.\n\nAnd when ncm bind again to recover netdev, ncm object is reallocated\nbut usb0 interface is already associated to previous released ncm object.\n\nTherefore, once usb0 interface is up and eth_start_xmit() is called,\nreleased ncm object is dereferrenced and it might cause use-after-free memory.\n\n[function unlink via configfs]\n usb0: eth_stop dev-\u003eport_usb=ffffff9b179c3200\n --\u003e error happens in usb_ep_enable().\n NCM: ncm_disable: ncm=ffffff9b179c3200\n --\u003e no gether_disconnect() since ncm-\u003eport.in_ep-\u003eenabled is false.\n NCM: ncm_unbind: ncm unbind ncm=ffffff9b179c3200\n NCM: ncm_free: ncm free ncm=ffffff9b179c3200 \u003c-- released ncm\n\n[function link via configfs]\n NCM: ncm_alloc: ncm alloc ncm=ffffff9ac4f8a000\n NCM: ncm_bind: ncm bind ncm=ffffff9ac4f8a000\n NCM: ncm_set_alt: ncm=ffffff9ac4f8a000 alt=0\n usb0: eth_open dev-\u003eport_usb=ffffff9b179c3200 \u003c-- previous released ncm\n usb0: eth_start dev-\u003eport_usb=ffffff9b179c3200 \u003c--\n eth_start_xmit()\n --\u003e dev-\u003ewrap()\n Unable to handle kernel paging request at virtual address dead00000000014f\n\nThis patch addresses the issue by checking if \u0027ncm-\u003enetdev\u0027 is not NULL at\nncm_disable() to call gether_disconnect() to deassociate \u0027dev-\u003eport_usb\u0027.\nIt\u0027s more reasonable to check \u0027ncm-\u003enetdev\u0027 to call gether_connect/disconnect\nrather than check \u0027ncm-\u003eport.in_ep-\u003eenabled\u0027 since it might not be enabled\nbut the gether connection might be established.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26996",
"url": "https://www.suse.com/security/cve/CVE-2024-26996"
},
{
"category": "external",
"summary": "SUSE Bug 1223752 for CVE-2024-26996",
"url": "https://bugzilla.suse.com/1223752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26996"
},
{
"cve": "CVE-2024-26997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: host: Fix dereference issue in DDMA completion flow.\n\nFixed variable dereference issue in DDMA completion flow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26997",
"url": "https://www.suse.com/security/cve/CVE-2024-26997"
},
{
"category": "external",
"summary": "SUSE Bug 1223741 for CVE-2024-26997",
"url": "https://bugzilla.suse.com/1223741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26997"
},
{
"cve": "CVE-2024-26999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial/pmac_zilog: Remove flawed mitigation for rx irq flood\n\nThe mitigation was intended to stop the irq completely. That may be\nbetter than a hard lock-up but it turns out that you get a crash anyway\nif you\u0027re using pmac_zilog as a serial console:\n\nttyPZ0: pmz: rx irq flood !\nBUG: spinlock recursion on CPU#0, swapper/0\n\nThat\u0027s because the pr_err() call in pmz_receive_chars() results in\npmz_console_write() attempting to lock a spinlock already locked in\npmz_interrupt(). With CONFIG_DEBUG_SPINLOCK=y, this produces a fatal\nBUG splat. The spinlock in question is the one in struct uart_port.\n\nEven when it\u0027s not fatal, the serial port rx function ceases to work.\nAlso, the iteration limit doesn\u0027t play nicely with QEMU, as can be\nseen in the bug report linked below.\n\nA web search for other reports of the error message \"pmz: rx irq flood\"\ndidn\u0027t produce anything. So I don\u0027t think this code is needed any more.\nRemove it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26999",
"url": "https://www.suse.com/security/cve/CVE-2024-26999"
},
{
"category": "external",
"summary": "SUSE Bug 1223754 for CVE-2024-26999",
"url": "https://bugzilla.suse.com/1223754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-26999"
},
{
"cve": "CVE-2024-27000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mxs-auart: add spinlock around changing cts state\n\nThe uart_handle_cts_change() function in serial_core expects the caller\nto hold uport-\u003elock. For example, I have seen the below kernel splat,\nwhen the Bluetooth driver is loaded on an i.MX28 board.\n\n [ 85.119255] ------------[ cut here ]------------\n [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec\n [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs\n [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1\n [ 85.151396] Hardware name: Freescale MXS (Device Tree)\n [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth]\n (...)\n [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4\n [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210\n (...)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27000",
"url": "https://www.suse.com/security/cve/CVE-2024-27000"
},
{
"category": "external",
"summary": "SUSE Bug 1223757 for CVE-2024-27000",
"url": "https://bugzilla.suse.com/1223757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27000"
},
{
"cve": "CVE-2024-27001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix incomplete endpoint checking\n\nWhile vmk80xx does have endpoint checking implemented, some things\ncan fall through the cracks. Depending on the hardware model,\nURBs can have either bulk or interrupt type, and current version\nof vmk80xx_find_usb_endpoints() function does not take that fully\ninto account. While this warning does not seem to be too harmful,\nat the very least it will crash systems with \u0027panic_on_warn\u0027 set on\nthem.\n\nFix the issue found by Syzkaller [1] by somewhat simplifying the\nendpoint checking process with usb_find_common_endpoints() and\nensuring that only expected endpoint types are present.\n\nThis patch has not been tested on real hardware.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 1 != type 3\nWARNING: CPU: 0 PID: 781 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x113/0x520 drivers/usb/core/message.c:59\n vmk80xx_reset_device drivers/comedi/drivers/vmk80xx.c:227 [inline]\n vmk80xx_auto_attach+0xa1c/0x1a40 drivers/comedi/drivers/vmk80xx.c:818\n comedi_auto_config+0x238/0x380 drivers/comedi/drivers.c:1067\n usb_probe_interface+0x5cd/0xb00 drivers/usb/core/driver.c:399\n...\n\nSimilar issue also found by Syzkaller:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27001",
"url": "https://www.suse.com/security/cve/CVE-2024-27001"
},
{
"category": "external",
"summary": "SUSE Bug 1223698 for CVE-2024-27001",
"url": "https://bugzilla.suse.com/1223698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27001"
},
{
"cve": "CVE-2024-27002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: Do a runtime PM get on controllers during probe\n\nmt8183-mfgcfg has a mutual dependency with genpd during the probing\nstage, which leads to a deadlock in the following call stack:\n\nCPU0: genpd_lock --\u003e clk_prepare_lock\ngenpd_power_off_work_fn()\n genpd_lock()\n generic_pm_domain::power_off()\n clk_unprepare()\n clk_prepare_lock()\n\nCPU1: clk_prepare_lock --\u003e genpd_lock\nclk_register()\n __clk_core_init()\n clk_prepare_lock()\n clk_pm_runtime_get()\n genpd_lock()\n\nDo a runtime PM get at the probe function to make sure clk_register()\nwon\u0027t acquire the genpd lock. Instead of only modifying mt8183-mfgcfg,\ndo this on all mediatek clock controller probings because we don\u0027t\nbelieve this would cause any regression.\n\nVerified on MT8183 and MT8192 Chromebooks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27002",
"url": "https://www.suse.com/security/cve/CVE-2024-27002"
},
{
"category": "external",
"summary": "SUSE Bug 1223759 for CVE-2024-27002",
"url": "https://bugzilla.suse.com/1223759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27002"
},
{
"cve": "CVE-2024-27003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Get runtime PM before walking tree for clk_summary\n\nSimilar to the previous commit, we should make sure that all devices are\nruntime resumed before printing the clk_summary through debugfs. Failure\nto do so would result in a deadlock if the thread is resuming a device\nto print clk state and that device is also runtime resuming in another\nthread, e.g the screen is turning on and the display driver is starting\nup. We remove the calls to clk_pm_runtime_{get,put}() in this path\nbecause they\u0027re superfluous now that we know the devices are runtime\nresumed. This also squashes a bug where the return value of\nclk_pm_runtime_get() wasn\u0027t checked, leading to an RPM count underflow\non error paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27003",
"url": "https://www.suse.com/security/cve/CVE-2024-27003"
},
{
"category": "external",
"summary": "SUSE Bug 1223761 for CVE-2024-27003",
"url": "https://bugzilla.suse.com/1223761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27003"
},
{
"cve": "CVE-2024-27004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Get runtime PM before walking tree during disable_unused\n\nDoug reported [1] the following hung task:\n\n INFO: task swapper/0:1 blocked for more than 122 seconds.\n Not tainted 5.15.149-21875-gf795ebc40eb8 #1\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:swapper/0 state:D stack: 0 pid: 1 ppid: 0 flags:0x00000008\n Call trace:\n __switch_to+0xf4/0x1f4\n __schedule+0x418/0xb80\n schedule+0x5c/0x10c\n rpm_resume+0xe0/0x52c\n rpm_resume+0x178/0x52c\n __pm_runtime_resume+0x58/0x98\n clk_pm_runtime_get+0x30/0xb0\n clk_disable_unused_subtree+0x58/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused+0x4c/0xe4\n do_one_initcall+0xcc/0x2d8\n do_initcall_level+0xa4/0x148\n do_initcalls+0x5c/0x9c\n do_basic_setup+0x24/0x30\n kernel_init_freeable+0xec/0x164\n kernel_init+0x28/0x120\n ret_from_fork+0x10/0x20\n INFO: task kworker/u16:0:9 blocked for more than 122 seconds.\n Not tainted 5.15.149-21875-gf795ebc40eb8 #1\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u16:0 state:D stack: 0 pid: 9 ppid: 2 flags:0x00000008\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n __switch_to+0xf4/0x1f4\n __schedule+0x418/0xb80\n schedule+0x5c/0x10c\n schedule_preempt_disabled+0x2c/0x48\n __mutex_lock+0x238/0x488\n __mutex_lock_slowpath+0x1c/0x28\n mutex_lock+0x50/0x74\n clk_prepare_lock+0x7c/0x9c\n clk_core_prepare_lock+0x20/0x44\n clk_prepare+0x24/0x30\n clk_bulk_prepare+0x40/0xb0\n mdss_runtime_resume+0x54/0x1c8\n pm_generic_runtime_resume+0x30/0x44\n __genpd_runtime_resume+0x68/0x7c\n genpd_runtime_resume+0x108/0x1f4\n __rpm_callback+0x84/0x144\n rpm_callback+0x30/0x88\n rpm_resume+0x1f4/0x52c\n rpm_resume+0x178/0x52c\n __pm_runtime_resume+0x58/0x98\n __device_attach+0xe0/0x170\n device_initial_probe+0x1c/0x28\n bus_probe_device+0x3c/0x9c\n device_add+0x644/0x814\n mipi_dsi_device_register_full+0xe4/0x170\n devm_mipi_dsi_device_register_full+0x28/0x70\n ti_sn_bridge_probe+0x1dc/0x2c0\n auxiliary_bus_probe+0x4c/0x94\n really_probe+0xcc/0x2c8\n __driver_probe_device+0xa8/0x130\n driver_probe_device+0x48/0x110\n __device_attach_driver+0xa4/0xcc\n bus_for_each_drv+0x8c/0xd8\n __device_attach+0xf8/0x170\n device_initial_probe+0x1c/0x28\n bus_probe_device+0x3c/0x9c\n deferred_probe_work_func+0x9c/0xd8\n process_one_work+0x148/0x518\n worker_thread+0x138/0x350\n kthread+0x138/0x1e0\n ret_from_fork+0x10/0x20\n\nThe first thread is walking the clk tree and calling\nclk_pm_runtime_get() to power on devices required to read the clk\nhardware via struct clk_ops::is_enabled(). This thread holds the clk\nprepare_lock, and is trying to runtime PM resume a device, when it finds\nthat the device is in the process of resuming so the thread schedule()s\naway waiting for the device to finish resuming before continuing. The\nsecond thread is runtime PM resuming the same device, but the runtime\nresume callback is calling clk_prepare(), trying to grab the\nprepare_lock waiting on the first thread.\n\nThis is a classic ABBA deadlock. To properly fix the deadlock, we must\nnever runtime PM resume or suspend a device with the clk prepare_lock\nheld. Actually doing that is near impossible today because the global\nprepare_lock would have to be dropped in the middle of the tree, the\ndevice runtime PM resumed/suspended, and then the prepare_lock grabbed\nagain to ensure consistency of the clk tree topology. If anything\nchanges with the clk tree in the meantime, we\u0027ve lost and will need to\nstart the operation all over again.\n\nLuckily, most of the time we\u0027re simply incrementing or decrementing the\nruntime PM count on an active device, so we don\u0027t have the chance to\nschedule away with the prepare_lock held. Let\u0027s fix this immediate\nproblem that can be\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27004",
"url": "https://www.suse.com/security/cve/CVE-2024-27004"
},
{
"category": "external",
"summary": "SUSE Bug 1223762 for CVE-2024-27004",
"url": "https://bugzilla.suse.com/1223762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27004"
},
{
"cve": "CVE-2024-27008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: nv04: Fix out of bounds access\n\nWhen Output Resource (dcb-\u003eor) value is assigned in\nfabricate_dcb_output(), there may be out of bounds access to\ndac_users array in case dcb-\u003eor is zero because ffs(dcb-\u003eor) is\nused as index there.\nThe \u0027or\u0027 argument of fabricate_dcb_output() must be interpreted as a\nnumber of bit to set, not value.\n\nUtilize macros from \u0027enum nouveau_or\u0027 in calls instead of hardcoding.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27008",
"url": "https://www.suse.com/security/cve/CVE-2024-27008"
},
{
"category": "external",
"summary": "SUSE Bug 1223802 for CVE-2024-27008",
"url": "https://bugzilla.suse.com/1223802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27008"
},
{
"cve": "CVE-2024-27009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/cio: fix race condition during online processing\n\nA race condition exists in ccw_device_set_online() that can cause the\nonline process to fail, leaving the affected device in an inconsistent\nstate. As a result, subsequent attempts to set that device online fail\nwith return code ENODEV.\n\nThe problem occurs when a path verification request arrives after\na wait for final device state completed, but before the result state\nis evaluated.\n\nFix this by ensuring that the CCW-device lock is held between\ndetermining final state and checking result state.\n\nNote that since:\n\ncommit 2297791c92d0 (\"s390/cio: dont unregister subchannel from child-drivers\")\n\npath verification requests are much more likely to occur during boot,\nresulting in an increased chance of this race condition occurring.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27009",
"url": "https://www.suse.com/security/cve/CVE-2024-27009"
},
{
"category": "external",
"summary": "SUSE Bug 1223699 for CVE-2024-27009",
"url": "https://bugzilla.suse.com/1223699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27009"
},
{
"cve": "CVE-2024-27012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: restore set elements when delete set fails\n\nFrom abort path, nft_mapelem_activate() needs to restore refcounters to\nthe original state. Currently, it uses the set-\u003eops-\u003ewalk() to iterate\nover these set elements. The existing set iterator skips inactive\nelements in the next generation, this does not work from the abort path\nto restore the original state since it has to skip active elements\ninstead (not inactive ones).\n\nThis patch moves the check for inactive elements to the set iterator\ncallback, then it reverses the logic for the .activate case which\nneeds to skip active elements.\n\nToggle next generation bit for elements when delete set command is\ninvoked and call nft_clear() from .activate (abort) path to restore the\nnext generation bit.\n\nThe splat below shows an object in mappings memleak:\n\n[43929.457523] ------------[ cut here ]------------\n[43929.457532] WARNING: CPU: 0 PID: 1139 at include/net/netfilter/nf_tables.h:1237 nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables]\n[...]\n[43929.458014] RIP: 0010:nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables]\n[43929.458076] Code: 83 f8 01 77 ab 49 8d 7c 24 08 e8 37 5e d0 de 49 8b 6c 24 08 48 8d 7d 50 e8 e9 5c d0 de 8b 45 50 8d 50 ff 89 55 50 85 c0 75 86 \u003c0f\u003e 0b eb 82 0f 0b eb b3 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90\n[43929.458081] RSP: 0018:ffff888140f9f4b0 EFLAGS: 00010246\n[43929.458086] RAX: 0000000000000000 RBX: ffff8881434f5288 RCX: dffffc0000000000\n[43929.458090] RDX: 00000000ffffffff RSI: ffffffffa26d28a7 RDI: ffff88810ecc9550\n[43929.458093] RBP: ffff88810ecc9500 R08: 0000000000000001 R09: ffffed10281f3e8f\n[43929.458096] R10: 0000000000000003 R11: ffff0000ffff0000 R12: ffff8881434f52a0\n[43929.458100] R13: ffff888140f9f5f4 R14: ffff888151c7a800 R15: 0000000000000002\n[43929.458103] FS: 00007f0c687c4740(0000) GS:ffff888390800000(0000) knlGS:0000000000000000\n[43929.458107] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[43929.458111] CR2: 00007f58dbe5b008 CR3: 0000000123602005 CR4: 00000000001706f0\n[43929.458114] Call Trace:\n[43929.458118] \u003cTASK\u003e\n[43929.458121] ? __warn+0x9f/0x1a0\n[43929.458127] ? nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables]\n[43929.458188] ? report_bug+0x1b1/0x1e0\n[43929.458196] ? handle_bug+0x3c/0x70\n[43929.458200] ? exc_invalid_op+0x17/0x40\n[43929.458211] ? nft_setelem_data_deactivate+0xd7/0xf0 [nf_tables]\n[43929.458271] ? nft_setelem_data_deactivate+0xe4/0xf0 [nf_tables]\n[43929.458332] nft_mapelem_deactivate+0x24/0x30 [nf_tables]\n[43929.458392] nft_rhash_walk+0xdd/0x180 [nf_tables]\n[43929.458453] ? __pfx_nft_rhash_walk+0x10/0x10 [nf_tables]\n[43929.458512] ? rb_insert_color+0x2e/0x280\n[43929.458520] nft_map_deactivate+0xdc/0x1e0 [nf_tables]\n[43929.458582] ? __pfx_nft_map_deactivate+0x10/0x10 [nf_tables]\n[43929.458642] ? __pfx_nft_mapelem_deactivate+0x10/0x10 [nf_tables]\n[43929.458701] ? __rcu_read_unlock+0x46/0x70\n[43929.458709] nft_delset+0xff/0x110 [nf_tables]\n[43929.458769] nft_flush_table+0x16f/0x460 [nf_tables]\n[43929.458830] nf_tables_deltable+0x501/0x580 [nf_tables]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27012",
"url": "https://www.suse.com/security/cve/CVE-2024-27012"
},
{
"category": "external",
"summary": "SUSE Bug 1223804 for CVE-2024-27012",
"url": "https://bugzilla.suse.com/1223804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27012"
},
{
"cve": "CVE-2024-27013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: limit printing rate when illegal packet received by tun dev\n\nvhost_worker will call tun call backs to receive packets. If too many\nillegal packets arrives, tun_do_read will keep dumping packet contents.\nWhen console is enabled, it will costs much more cpu time to dump\npacket and soft lockup will be detected.\n\nnet_ratelimit mechanism can be used to limit the dumping rate.\n\nPID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: \"vhost-32980\"\n #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253\n #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3\n #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e\n #3 [fffffe00003fced0] do_nmi at ffffffff8922660d\n #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663\n [exception RIP: io_serial_in+20]\n RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002\n RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000\n RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff8af428a0\n RBP: 0000000000002710 R8: 0000000000000004 R9: 000000000000000f\n R10: 0000000000000000 R11: ffffffff8acbf64f R12: 0000000000000020\n R13: ffffffff8acbf698 R14: 0000000000000058 R15: 0000000000000000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #5 [ffffa655314979e8] io_serial_in at ffffffff89792594\n #6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470\n #7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6\n #8 [ffffa65531497a20] uart_console_write at ffffffff8978b605\n #9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558\n #10 [ffffa65531497ac8] console_unlock at ffffffff89316124\n #11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07\n #12 [ffffa65531497b68] printk at ffffffff89318306\n #13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765\n #14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]\n #15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]\n #16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]\n #17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]\n #18 [ffffa65531497f10] kthread at ffffffff892d2e72\n #19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27013",
"url": "https://www.suse.com/security/cve/CVE-2024-27013"
},
{
"category": "external",
"summary": "SUSE Bug 1223745 for CVE-2024-27013",
"url": "https://bugzilla.suse.com/1223745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Prevent deadlock while disabling aRFS\n\nWhen disabling aRFS under the `priv-\u003estate_lock`, any scheduled\naRFS works are canceled using the `cancel_work_sync` function,\nwhich waits for the work to end if it has already started.\nHowever, while waiting for the work handler, the handler will\ntry to acquire the `state_lock` which is already acquired.\n\nThe worker acquires the lock to delete the rules if the state\nis down, which is not the worker\u0027s responsibility since\ndisabling aRFS deletes the rules.\n\nAdd an aRFS state variable, which indicates whether the aRFS is\nenabled and prevent adding rules when the aRFS is disabled.\n\nKernel log:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.7.0-rc4_net_next_mlx5_5483eb2 #1 Tainted: G I\n------------------------------------------------------\nethtool/386089 is trying to acquire lock:\nffff88810f21ce68 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}, at: __flush_work+0x74/0x4e0\n\nbut task is already holding lock:\nffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026priv-\u003estate_lock){+.+.}-{3:3}:\n __mutex_lock+0x80/0xc90\n arfs_handle_work+0x4b/0x3b0 [mlx5_core]\n process_one_work+0x1dc/0x4a0\n worker_thread+0x1bf/0x3c0\n kthread+0xd7/0x100\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n\n-\u003e #0 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}:\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n __flush_work+0x7a/0x4e0\n __cancel_work_timer+0x131/0x1c0\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1a1/0x270\n netlink_sendmsg+0x214/0x460\n __sock_sendmsg+0x38/0x60\n __sys_sendto+0x113/0x170\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n\n *** DEADLOCK ***\n\n3 locks held by ethtool/386089:\n #0: ffffffff82ea7210 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40\n #1: ffffffff82e94c88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0xd3/0x240\n #2: ffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nstack backtrace:\nCPU: 15 PID: 386089 Comm: ethtool Tainted: G I 6.7.0-rc4_net_next_mlx5_5483eb2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x60/0xa0\n check_noncircular+0x144/0x160\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n ? __flush_work+0x74/0x4e0\n ? save_trace+0x3e/0x360\n ? __flush_work+0x74/0x4e0\n __flush_work+0x7a/0x4e0\n ? __flush_work+0x74/0x4e0\n ? __lock_acquire+0xa78/0x2c80\n ? lock_acquire+0xd0/0x2b0\n ? mark_held_locks+0x49/0x70\n __cancel_work_timer+0x131/0x1c0\n ? mark_held_locks+0x49/0x70\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n ? ethn\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27014",
"url": "https://www.suse.com/security/cve/CVE-2024-27014"
},
{
"category": "external",
"summary": "SUSE Bug 1223735 for CVE-2024-27014",
"url": "https://bugzilla.suse.com/1223735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27014"
},
{
"cve": "CVE-2024-27015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: incorrect pppoe tuple\n\npppoe traffic reaching ingress path does not match the flowtable entry\nbecause the pppoe header is expected to be at the network header offset.\nThis bug causes a mismatch in the flow table lookup, so pppoe packets\nenter the classical forwarding path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27015",
"url": "https://www.suse.com/security/cve/CVE-2024-27015"
},
{
"category": "external",
"summary": "SUSE Bug 1223806 for CVE-2024-27015",
"url": "https://bugzilla.suse.com/1223806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27015"
},
{
"cve": "CVE-2024-27016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: flowtable: validate pppoe header\n\nEnsure there is sufficient room to access the protocol field of the\nPPPoe header. Validate it once before the flowtable lookup, then use a\nhelper function to access protocol field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27016",
"url": "https://www.suse.com/security/cve/CVE-2024-27016"
},
{
"category": "external",
"summary": "SUSE Bug 1223807 for CVE-2024-27016",
"url": "https://bugzilla.suse.com/1223807"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27016"
},
{
"cve": "CVE-2024-27019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_obj_type_get()\n\nnft_unregister_obj() can concurrent with __nft_obj_type_get(),\nand there is not any protection when iterate over nf_tables_objects\nlist in __nft_obj_type_get(). Therefore, there is potential data-race\nof nf_tables_objects list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_objects\nlist in __nft_obj_type_get(), and use rcu_read_lock() in the caller\nnft_obj_type_get() to protect the entire type query process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27019",
"url": "https://www.suse.com/security/cve/CVE-2024-27019"
},
{
"category": "external",
"summary": "SUSE Bug 1223813 for CVE-2024-27019",
"url": "https://bugzilla.suse.com/1223813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27019"
},
{
"cve": "CVE-2024-27020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()\n\nnft_unregister_expr() can concurrent with __nft_expr_type_get(),\nand there is not any protection when iterate over nf_tables_expressions\nlist in __nft_expr_type_get(). Therefore, there is potential data-race\nof nf_tables_expressions list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_expressions\nlist in __nft_expr_type_get(), and use rcu_read_lock() in the caller\nnft_expr_type_get() to protect the entire type query process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27020",
"url": "https://www.suse.com/security/cve/CVE-2024-27020"
},
{
"category": "external",
"summary": "SUSE Bug 1223815 for CVE-2024-27020",
"url": "https://bugzilla.suse.com/1223815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27020"
},
{
"cve": "CVE-2024-27022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfork: defer linking file vma until vma is fully initialized\n\nThorvald reported a WARNING [1]. And the root cause is below race:\n\n CPU 1\t\t\t\t\tCPU 2\n fork\t\t\t\t\thugetlbfs_fallocate\n dup_mmap\t\t\t\t hugetlbfs_punch_hole\n i_mmap_lock_write(mapping);\n vma_interval_tree_insert_after -- Child vma is visible through i_mmap tree.\n i_mmap_unlock_write(mapping);\n hugetlb_dup_vma_private -- Clear vma_lock outside i_mmap_rwsem!\n\t\t\t\t\t i_mmap_lock_write(mapping);\n \t\t\t\t\t hugetlb_vmdelete_list\n\t\t\t\t\t vma_interval_tree_foreach\n\t\t\t\t\t hugetlb_vma_trylock_write -- Vma_lock is cleared.\n tmp-\u003evm_ops-\u003eopen -- Alloc new vma_lock outside i_mmap_rwsem!\n\t\t\t\t\t hugetlb_vma_unlock_write -- Vma_lock is assigned!!!\n\t\t\t\t\t i_mmap_unlock_write(mapping);\n\nhugetlb_dup_vma_private() and hugetlb_vm_op_open() are called outside\ni_mmap_rwsem lock while vma lock can be used in the same time. Fix this\nby deferring linking file vma until vma is fully initialized. Those vmas\nshould be initialized first before they can be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27022",
"url": "https://www.suse.com/security/cve/CVE-2024-27022"
},
{
"category": "external",
"summary": "SUSE Bug 1223774 for CVE-2024-27022",
"url": "https://bugzilla.suse.com/1223774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27022"
},
{
"cve": "CVE-2024-27023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Fix missing release of \u0027active_io\u0027 for flush\n\nsubmit_flushes\n atomic_set(\u0026mddev-\u003eflush_pending, 1);\n rdev_for_each_rcu(rdev, mddev)\n atomic_inc(\u0026mddev-\u003eflush_pending);\n bi-\u003ebi_end_io = md_end_flush\n submit_bio(bi);\n /* flush io is done first */\n md_end_flush\n if (atomic_dec_and_test(\u0026mddev-\u003eflush_pending))\n percpu_ref_put(\u0026mddev-\u003eactive_io)\n -\u003e active_io is not released\n\n if (atomic_dec_and_test(\u0026mddev-\u003eflush_pending))\n -\u003e missing release of active_io\n\nFor consequence, mddev_suspend() will wait for \u0027active_io\u0027 to be zero\nforever.\n\nFix this problem by releasing \u0027active_io\u0027 in submit_flushes() if\n\u0027flush_pending\u0027 is decreased to zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27023",
"url": "https://www.suse.com/security/cve/CVE-2024-27023"
},
{
"category": "external",
"summary": "SUSE Bug 1223776 for CVE-2024-27023",
"url": "https://bugzilla.suse.com/1223776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27023"
},
{
"cve": "CVE-2024-27025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: null check for nla_nest_start\n\nnla_nest_start() may fail and return NULL. Insert a check and set errno\nbased on other call sites within the same source code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27025",
"url": "https://www.suse.com/security/cve/CVE-2024-27025"
},
{
"category": "external",
"summary": "SUSE Bug 1223778 for CVE-2024-27025",
"url": "https://bugzilla.suse.com/1223778"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27025"
},
{
"cve": "CVE-2024-27027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix dpll_xa_ref_*_del() for multiple registrations\n\nCurrently, if there are multiple registrations of the same pin on the\nsame dpll device, following warnings are observed:\nWARNING: CPU: 5 PID: 2212 at drivers/dpll/dpll_core.c:143 dpll_xa_ref_pin_del.isra.0+0x21e/0x230\nWARNING: CPU: 5 PID: 2212 at drivers/dpll/dpll_core.c:223 __dpll_pin_unregister+0x2b3/0x2c0\n\nThe problem is, that in both dpll_xa_ref_dpll_del() and\ndpll_xa_ref_pin_del() registration is only removed from list in case the\nreference count drops to zero. That is wrong, the registration has to\nbe removed always.\n\nTo fix this, remove the registration from the list and free\nit unconditionally, instead of doing it only when the ref reference\ncounter reaches zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27027",
"url": "https://www.suse.com/security/cve/CVE-2024-27027"
},
{
"category": "external",
"summary": "SUSE Bug 1223787 for CVE-2024-27027",
"url": "https://bugzilla.suse.com/1223787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27027"
},
{
"cve": "CVE-2024-27028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-mt65xx: Fix NULL pointer access in interrupt handler\n\nThe TX buffer in spi_transfer can be a NULL pointer, so the interrupt\nhandler may end up writing to the invalid memory and cause crashes.\n\nAdd a check to trans-\u003etx_buf before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27028",
"url": "https://www.suse.com/security/cve/CVE-2024-27028"
},
{
"category": "external",
"summary": "SUSE Bug 1223788 for CVE-2024-27028",
"url": "https://bugzilla.suse.com/1223788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27028"
},
{
"cve": "CVE-2024-27029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix mmhub client id out-of-bounds access\n\nProperly handle cid 0x140.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27029",
"url": "https://www.suse.com/security/cve/CVE-2024-27029"
},
{
"category": "external",
"summary": "SUSE Bug 1223789 for CVE-2024-27029",
"url": "https://bugzilla.suse.com/1223789"
},
{
"category": "external",
"summary": "SUSE Bug 1226184 for CVE-2024-27029",
"url": "https://bugzilla.suse.com/1226184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-27029"
},
{
"cve": "CVE-2024-27030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Use separate handlers for interrupts\n\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27030",
"url": "https://www.suse.com/security/cve/CVE-2024-27030"
},
{
"category": "external",
"summary": "SUSE Bug 1223790 for CVE-2024-27030",
"url": "https://bugzilla.suse.com/1223790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27030"
},
{
"cve": "CVE-2024-27031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt\n\nThe loop inside nfs_netfs_issue_read() currently does not disable\ninterrupts while iterating through pages in the xarray to submit\nfor NFS read. This is not safe though since after taking xa_lock,\nanother page in the mapping could be processed for writeback inside\nan interrupt, and deadlock can occur. The fix is simple and clean\nif we use xa_for_each_range(), which handles the iteration with RCU\nwhile reducing code complexity.\n\nThe problem is easily reproduced with the following test:\n mount -o vers=3,fsc 127.0.0.1:/export /mnt/nfs\n dd if=/dev/zero of=/mnt/nfs/file1.bin bs=4096 count=1\n echo 3 \u003e /proc/sys/vm/drop_caches\n dd if=/mnt/nfs/file1.bin of=/dev/null\n umount /mnt/nfs\n\nOn the console with a lockdep-enabled kernel a message similar to\nthe following will be seen:\n\n ================================\n WARNING: inconsistent lock state\n 6.7.0-lockdbg+ #10 Not tainted\n --------------------------------\n inconsistent {IN-SOFTIRQ-W} -\u003e {SOFTIRQ-ON-W} usage.\n test5/1708 [HC0[0]:SC0[0]:HE1:SE1] takes:\n ffff888127baa598 (\u0026xa-\u003exa_lock#4){+.?.}-{3:3}, at:\nnfs_netfs_issue_read+0x1b2/0x4b0 [nfs]\n {IN-SOFTIRQ-W} state was registered at:\n lock_acquire+0x144/0x380\n _raw_spin_lock_irqsave+0x4e/0xa0\n __folio_end_writeback+0x17e/0x5c0\n folio_end_writeback+0x93/0x1b0\n iomap_finish_ioend+0xeb/0x6a0\n blk_update_request+0x204/0x7f0\n blk_mq_end_request+0x30/0x1c0\n blk_complete_reqs+0x7e/0xa0\n __do_softirq+0x113/0x544\n __irq_exit_rcu+0xfe/0x120\n irq_exit_rcu+0xe/0x20\n sysvec_call_function_single+0x6f/0x90\n asm_sysvec_call_function_single+0x1a/0x20\n pv_native_safe_halt+0xf/0x20\n default_idle+0x9/0x20\n default_idle_call+0x67/0xa0\n do_idle+0x2b5/0x300\n cpu_startup_entry+0x34/0x40\n start_secondary+0x19d/0x1c0\n secondary_startup_64_no_verify+0x18f/0x19b\n irq event stamp: 176891\n hardirqs last enabled at (176891): [\u003cffffffffa67a0be4\u003e]\n_raw_spin_unlock_irqrestore+0x44/0x60\n hardirqs last disabled at (176890): [\u003cffffffffa67a0899\u003e]\n_raw_spin_lock_irqsave+0x79/0xa0\n softirqs last enabled at (176646): [\u003cffffffffa515d91e\u003e]\n__irq_exit_rcu+0xfe/0x120\n softirqs last disabled at (176633): [\u003cffffffffa515d91e\u003e]\n__irq_exit_rcu+0xfe/0x120\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026xa-\u003exa_lock#4);\n \u003cInterrupt\u003e\n lock(\u0026xa-\u003exa_lock#4);\n\n *** DEADLOCK ***\n\n 2 locks held by test5/1708:\n #0: ffff888127baa498 (\u0026sb-\u003es_type-\u003ei_mutex_key#22){++++}-{4:4}, at:\n nfs_start_io_read+0x28/0x90 [nfs]\n #1: ffff888127baa650 (mapping.invalidate_lock#3){.+.+}-{4:4}, at:\n page_cache_ra_unbounded+0xa4/0x280\n\n stack backtrace:\n CPU: 6 PID: 1708 Comm: test5 Kdump: loaded Not tainted 6.7.0-lockdbg+\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39\n04/01/2014\n Call Trace:\n dump_stack_lvl+0x5b/0x90\n mark_lock+0xb3f/0xd20\n __lock_acquire+0x77b/0x3360\n _raw_spin_lock+0x34/0x80\n nfs_netfs_issue_read+0x1b2/0x4b0 [nfs]\n netfs_begin_read+0x77f/0x980 [netfs]\n nfs_netfs_readahead+0x45/0x60 [nfs]\n nfs_readahead+0x323/0x5a0 [nfs]\n read_pages+0xf3/0x5c0\n page_cache_ra_unbounded+0x1c8/0x280\n filemap_get_pages+0x38c/0xae0\n filemap_read+0x206/0x5e0\n nfs_file_read+0xb7/0x140 [nfs]\n vfs_read+0x2a9/0x460\n ksys_read+0xb7/0x140",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27031",
"url": "https://www.suse.com/security/cve/CVE-2024-27031"
},
{
"category": "external",
"summary": "SUSE Bug 1223805 for CVE-2024-27031",
"url": "https://bugzilla.suse.com/1223805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27031"
},
{
"cve": "CVE-2024-27036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix writeback data corruption\n\ncifs writeback doesn\u0027t correctly handle the case where\ncifs_extend_writeback() hits a point where it is considering an additional\nfolio, but this would overrun the wsize - at which point it drops out of\nthe xarray scanning loop and calls xas_pause(). The problem is that\nxas_pause() advances the loop counter - thereby skipping that page.\n\nWhat needs to happen is for xas_reset() to be called any time we decide we\ndon\u0027t want to process the page we\u0027re looking at, but rather send the\nrequest we are building and start a new one.\n\nFix this by copying and adapting the netfslib writepages code as a\ntemporary measure, with cifs writeback intending to be offloaded to\nnetfslib in the near future.\n\nThis also fixes the issue with the use of filemap_get_folios_tag() causing\nretry of a bunch of pages which the extender already dealt with.\n\nThis can be tested by creating, say, a 64K file somewhere not on cifs\n(otherwise copy-offload may get underfoot), mounting a cifs share with a\nwsize of 64000, copying the file to it and then comparing the original file\nand the copy:\n\n dd if=/dev/urandom of=/tmp/64K bs=64k count=1\n mount //192.168.6.1/test /mnt -o user=...,pass=...,wsize=64000\n cp /tmp/64K /mnt/64K\n cmp /tmp/64K /mnt/64K\n\nWithout the fix, the cmp fails at position 64000 (or shortly thereafter).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27036",
"url": "https://www.suse.com/security/cve/CVE-2024-27036"
},
{
"category": "external",
"summary": "SUSE Bug 1223810 for CVE-2024-27036",
"url": "https://bugzilla.suse.com/1223810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27036"
},
{
"cve": "CVE-2024-27037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: zynq: Prevent null pointer dereference caused by kmalloc failure\n\nThe kmalloc() in zynq_clk_setup() will return null if the\nphysical memory has run out. As a result, if we use snprintf()\nto write data to the null address, the null pointer dereference\nbug will happen.\n\nThis patch uses a stack variable to replace the kmalloc().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27037",
"url": "https://www.suse.com/security/cve/CVE-2024-27037"
},
{
"category": "external",
"summary": "SUSE Bug 1223717 for CVE-2024-27037",
"url": "https://bugzilla.suse.com/1223717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27037"
},
{
"cve": "CVE-2024-27038",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27038"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Fix clk_core_get NULL dereference\n\nIt is possible for clk_core_get to dereference a NULL in the following\nsequence:\n\nclk_core_get()\n of_clk_get_hw_from_clkspec()\n __of_clk_get_hw_from_provider()\n __clk_get_hw()\n\n__clk_get_hw() can return NULL which is dereferenced by clk_core_get() at\nhw-\u003ecore.\n\nPrior to commit dde4eff47c82 (\"clk: Look for parents with clkdev based\nclk_lookups\") the check IS_ERR_OR_NULL() was performed which would have\ncaught the NULL.\n\nReading the description of this function it talks about returning NULL but\nthat cannot be so at the moment.\n\nUpdate the function to check for hw before dereferencing it and return NULL\nif hw is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27038",
"url": "https://www.suse.com/security/cve/CVE-2024-27038"
},
{
"category": "external",
"summary": "SUSE Bug 1223816 for CVE-2024-27038",
"url": "https://bugzilla.suse.com/1223816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27038"
},
{
"cve": "CVE-2024-27039",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27039"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: hisilicon: hi3559a: Fix an erroneous devm_kfree()\n\n\u0027p_clk\u0027 is an array allocated just before the for loop for all clk that\nneed to be registered.\nIt is incremented at each loop iteration.\n\nIf a clk_register() call fails, \u0027p_clk\u0027 may point to something different\nfrom what should be freed.\n\nThe best we can do, is to avoid this wrong release of memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27039",
"url": "https://www.suse.com/security/cve/CVE-2024-27039"
},
{
"category": "external",
"summary": "SUSE Bug 1223821 for CVE-2024-27039",
"url": "https://bugzilla.suse.com/1223821"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27039"
},
{
"cve": "CVE-2024-27040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add \u0027replay\u0027 NULL check in \u0027edp_set_replay_allow_active()\u0027\n\nIn the first if statement, we\u0027re checking if \u0027replay\u0027 is NULL. But in\nthe second if statement, we\u0027re not checking if \u0027replay\u0027 is NULL again\nbefore calling replay-\u003efuncs-\u003ereplay_set_power_opt().\n\nif (replay == NULL \u0026\u0026 force_static)\n return false;\n\n...\n\nif (link-\u003ereplay_settings.replay_feature_enabled \u0026\u0026\n replay-\u003efuncs-\u003ereplay_set_power_opt) {\n\treplay-\u003efuncs-\u003ereplay_set_power_opt(replay, *power_opts, panel_inst);\n\tlink-\u003ereplay_settings.replay_power_opt_active = *power_opts;\n}\n\nIf \u0027replay\u0027 is NULL, this will cause a null pointer dereference.\n\nFixes the below found by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/link/protocols/link_edp_panel_control.c:895 edp_set_replay_allow_active() error: we previously assumed \u0027replay\u0027 could be null (see line 887)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27040",
"url": "https://www.suse.com/security/cve/CVE-2024-27040"
},
{
"category": "external",
"summary": "SUSE Bug 1223711 for CVE-2024-27040",
"url": "https://bugzilla.suse.com/1223711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27040"
},
{
"cve": "CVE-2024-27041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27041"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: fix NULL checks for adev-\u003edm.dc in amdgpu_dm_fini()\n\nSince \u0027adev-\u003edm.dc\u0027 in amdgpu_dm_fini() might turn out to be NULL\nbefore the call to dc_enable_dmub_notifications(), check\nbeforehand to ensure there will not be a possible NULL-ptr-deref\nthere.\n\nAlso, since commit 1e88eb1b2c25 (\"drm/amd/display: Drop\nCONFIG_DRM_AMD_DC_HDCP\") there are two separate checks for NULL in\n\u0027adev-\u003edm.dc\u0027 before dc_deinit_callbacks() and dc_dmub_srv_destroy().\nClean up by combining them all under one \u0027if\u0027.\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27041",
"url": "https://www.suse.com/security/cve/CVE-2024-27041"
},
{
"category": "external",
"summary": "SUSE Bug 1223714 for CVE-2024-27041",
"url": "https://bugzilla.suse.com/1223714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27041"
},
{
"cve": "CVE-2024-27042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27042"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix potential out-of-bounds access in \u0027amdgpu_discovery_reg_base_init()\u0027\n\nThe issue arises when the array \u0027adev-\u003evcn.vcn_config\u0027 is accessed\nbefore checking if the index \u0027adev-\u003evcn.num_vcn_inst\u0027 is within the\nbounds of the array.\n\nThe fix involves moving the bounds check before the array access. This\nensures that \u0027adev-\u003evcn.num_vcn_inst\u0027 is within the bounds of the array\nbefore it is used as an index.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/amdgpu_discovery.c:1289 amdgpu_discovery_reg_base_init() error: testing array offset \u0027adev-\u003evcn.num_vcn_inst\u0027 after use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27042",
"url": "https://www.suse.com/security/cve/CVE-2024-27042"
},
{
"category": "external",
"summary": "SUSE Bug 1223823 for CVE-2024-27042",
"url": "https://bugzilla.suse.com/1223823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27042"
},
{
"cve": "CVE-2024-27043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: edia: dvbdev: fix a use-after-free\n\nIn dvb_register_device, *pdvbdev is set equal to dvbdev, which is freed\nin several error-handling paths. However, *pdvbdev is not set to NULL\nafter dvbdev\u0027s deallocation, causing use-after-frees in many places,\nfor example, in the following call chain:\n\nbudget_register\n |-\u003e dvb_dmxdev_init\n |-\u003e dvb_register_device\n |-\u003e dvb_dmxdev_release\n |-\u003e dvb_unregister_device\n |-\u003e dvb_remove_device\n |-\u003e dvb_device_put\n |-\u003e kref_put\n\nWhen calling dvb_unregister_device, dmxdev-\u003edvbdev (i.e. *pdvbdev in\ndvb_register_device) could point to memory that had been freed in\ndvb_register_device. Thereafter, this pointer is transferred to\nkref_put and triggering a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27043",
"url": "https://www.suse.com/security/cve/CVE-2024-27043"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223824 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223824"
},
{
"category": "external",
"summary": "SUSE Bug 1223825 for CVE-2024-27043",
"url": "https://bugzilla.suse.com/1223825"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-27043"
},
{
"cve": "CVE-2024-27044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27044"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential NULL pointer dereferences in \u0027dcn10_set_output_transfer_func()\u0027\n\nThe \u0027stream\u0027 pointer is used in dcn10_set_output_transfer_func() before\nthe check if \u0027stream\u0027 is NULL.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/hwss/dcn10/dcn10_hwseq.c:1892 dcn10_set_output_transfer_func() warn: variable dereferenced before check \u0027stream\u0027 (see line 1875)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27044",
"url": "https://www.suse.com/security/cve/CVE-2024-27044"
},
{
"category": "external",
"summary": "SUSE Bug 1223723 for CVE-2024-27044",
"url": "https://bugzilla.suse.com/1223723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27044"
},
{
"cve": "CVE-2024-27045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27045"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a potential buffer overflow in \u0027dp_dsc_clock_en_read()\u0027\n\nTell snprintf() to store at most 10 bytes in the output buffer\ninstead of 30.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() is printing too much 30 vs 10",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27045",
"url": "https://www.suse.com/security/cve/CVE-2024-27045"
},
{
"category": "external",
"summary": "SUSE Bug 1223826 for CVE-2024-27045",
"url": "https://bugzilla.suse.com/1223826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27045"
},
{
"cve": "CVE-2024-27046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27046",
"url": "https://www.suse.com/security/cve/CVE-2024-27046"
},
{
"category": "external",
"summary": "SUSE Bug 1223827 for CVE-2024-27046",
"url": "https://bugzilla.suse.com/1223827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27046"
},
{
"cve": "CVE-2024-27047",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27047"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: fix phy_get_internal_delay accessing an empty array\n\nThe phy_get_internal_delay function could try to access to an empty\narray in the case that the driver is calling phy_get_internal_delay\nwithout defining delay_values and rx-internal-delay-ps or\ntx-internal-delay-ps is defined to 0 in the device-tree.\nThis will lead to \"unable to handle kernel NULL pointer dereference at\nvirtual address 0\". To avoid this kernel oops, the test should be delay\n\u003e= 0. As there is already delay \u003c 0 test just before, the test could\nonly be size == 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27047",
"url": "https://www.suse.com/security/cve/CVE-2024-27047"
},
{
"category": "external",
"summary": "SUSE Bug 1223828 for CVE-2024-27047",
"url": "https://bugzilla.suse.com/1223828"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27047"
},
{
"cve": "CVE-2024-27048",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27048"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcm80211: handle pmk_op allocation failure\n\nThe kzalloc() in brcmf_pmksa_v3_op() will return null if the\nphysical memory has run out. As a result, if we dereference\nthe null value, the null pointer dereference bug will happen.\n\nReturn -ENOMEM from brcmf_pmksa_v3_op() if kzalloc() fails\nfor pmk_op.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27048",
"url": "https://www.suse.com/security/cve/CVE-2024-27048"
},
{
"category": "external",
"summary": "SUSE Bug 1223760 for CVE-2024-27048",
"url": "https://bugzilla.suse.com/1223760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27048"
},
{
"cve": "CVE-2024-27051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27051"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get\u0027s return value\n\ncpufreq_cpu_get may return NULL. To avoid NULL-dereference check it\nand return 0 in case of error.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27051",
"url": "https://www.suse.com/security/cve/CVE-2024-27051"
},
{
"category": "external",
"summary": "SUSE Bug 1223769 for CVE-2024-27051",
"url": "https://bugzilla.suse.com/1223769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27051"
},
{
"cve": "CVE-2024-27052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtl8xxxu: add cancel_work_sync() for c2hcmd_work\n\nThe workqueue might still be running, when the driver is stopped. To\navoid a use-after-free, call cancel_work_sync() in rtl8xxxu_stop().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27052",
"url": "https://www.suse.com/security/cve/CVE-2024-27052"
},
{
"category": "external",
"summary": "SUSE Bug 1223829 for CVE-2024-27052",
"url": "https://bugzilla.suse.com/1223829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27052"
},
{
"cve": "CVE-2024-27053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: fix RCU usage in connect path\n\nWith lockdep enabled, calls to the connect function from cfg802.11 layer\nlead to the following warning:\n\n=============================\nWARNING: suspicious RCU usage\n6.7.0-rc1-wt+ #333 Not tainted\n-----------------------------\ndrivers/net/wireless/microchip/wilc1000/hif.c:386\nsuspicious rcu_dereference_check() usage!\n[...]\nstack backtrace:\nCPU: 0 PID: 100 Comm: wpa_supplicant Not tainted 6.7.0-rc1-wt+ #333\nHardware name: Atmel SAMA5\n unwind_backtrace from show_stack+0x18/0x1c\n show_stack from dump_stack_lvl+0x34/0x48\n dump_stack_lvl from wilc_parse_join_bss_param+0x7dc/0x7f4\n wilc_parse_join_bss_param from connect+0x2c4/0x648\n connect from cfg80211_connect+0x30c/0xb74\n cfg80211_connect from nl80211_connect+0x860/0xa94\n nl80211_connect from genl_rcv_msg+0x3fc/0x59c\n genl_rcv_msg from netlink_rcv_skb+0xd0/0x1f8\n netlink_rcv_skb from genl_rcv+0x2c/0x3c\n genl_rcv from netlink_unicast+0x3b0/0x550\n netlink_unicast from netlink_sendmsg+0x368/0x688\n netlink_sendmsg from ____sys_sendmsg+0x190/0x430\n ____sys_sendmsg from ___sys_sendmsg+0x110/0x158\n ___sys_sendmsg from sys_sendmsg+0xe8/0x150\n sys_sendmsg from ret_fast_syscall+0x0/0x1c\n\nThis warning is emitted because in the connect path, when trying to parse\ntarget BSS parameters, we dereference a RCU pointer whithout being in RCU\ncritical section.\nFix RCU dereference usage by moving it to a RCU read critical section. To\navoid wrapping the whole wilc_parse_join_bss_param under the critical\nsection, just use the critical section to copy ies data",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27053",
"url": "https://www.suse.com/security/cve/CVE-2024-27053"
},
{
"category": "external",
"summary": "SUSE Bug 1223737 for CVE-2024-27053",
"url": "https://bugzilla.suse.com/1223737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27053"
},
{
"cve": "CVE-2024-27054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/dasd: fix double module refcount decrement\n\nOnce the discipline is associated with the device, deleting the device\ntakes care of decrementing the module\u0027s refcount. Doing it manually on\nthis error path causes refcount to artificially decrease on each error\nwhile it should just stay the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27054",
"url": "https://www.suse.com/security/cve/CVE-2024-27054"
},
{
"category": "external",
"summary": "SUSE Bug 1223819 for CVE-2024-27054",
"url": "https://bugzilla.suse.com/1223819"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27054"
},
{
"cve": "CVE-2024-27056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: ensure offloading TID queue exists\n\nThe resume code path assumes that the TX queue for the offloading TID\nhas been configured. At resume time it then tries to sync the write\npointer as it may have been updated by the firmware.\n\nIn the unusual event that no packets have been send on TID 0, the queue\nwill not have been allocated and this causes a crash. Fix this by\nensuring the queue exist at suspend time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27056",
"url": "https://www.suse.com/security/cve/CVE-2024-27056"
},
{
"category": "external",
"summary": "SUSE Bug 1223822 for CVE-2024-27056",
"url": "https://bugzilla.suse.com/1223822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27056"
},
{
"cve": "CVE-2024-27057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend\n\nWhen the system is suspended while audio is active, the\nsof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during\nsuspend the DSP is turned off, streams will be re-started after resume.\n\nIf the firmware crashes during while audio is running (or when we reset\nthe stream before suspend) then the sof_ipc4_set_multi_pipeline_state()\nwill fail with IPC error and the state change is interrupted.\nThis will cause misalignment between the kernel and firmware state on next\nDSP boot resulting errors returned by firmware for IPC messages, eventually\nfailing the audio resume.\nOn stream close the errors are ignored so the kernel state will be\ncorrected on the next DSP boot, so the second boot after the DSP panic.\n\nIf sof_ipc4_trigger_pipelines() is called from sof_ipc4_pcm_hw_free() then\nstate parameter is SOF_IPC4_PIPE_RESET and only in this case.\n\nTreat a forced pipeline reset similarly to how we treat a pcm_free by\nignoring error on state sending to allow the kernel\u0027s state to be\nconsistent with the state the firmware will have after the next boot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27057",
"url": "https://www.suse.com/security/cve/CVE-2024-27057"
},
{
"category": "external",
"summary": "SUSE Bug 1223831 for CVE-2024-27057",
"url": "https://bugzilla.suse.com/1223831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27057"
},
{
"cve": "CVE-2024-27059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: usb-storage: Prevent divide-by-0 error in isd200_ata_command\n\nThe isd200 sub-driver in usb-storage uses the HEADS and SECTORS values\nin the ATA ID information to calculate cylinder and head values when\ncreating a CDB for READ or WRITE commands. The calculation involves\ndivision and modulus operations, which will cause a crash if either of\nthese values is 0. While this never happens with a genuine device, it\ncould happen with a flawed or subversive emulation, as reported by the\nsyzbot fuzzer.\n\nProtect against this possibility by refusing to bind to the device if\neither the ATA_ID_HEADS or ATA_ID_SECTORS value in the device\u0027s ID\ninformation is 0. This requires isd200_Initialization() to return a\nnegative error code when initialization fails; currently it always\nreturns 0 (even when there is an error).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27059",
"url": "https://www.suse.com/security/cve/CVE-2024-27059"
},
{
"category": "external",
"summary": "SUSE Bug 1223738 for CVE-2024-27059",
"url": "https://bugzilla.suse.com/1223738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27059"
},
{
"cve": "CVE-2024-27060",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27060"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthunderbolt: Fix NULL pointer dereference in tb_port_update_credits()\n\nOlliver reported that his system crashes when plugging in Thunderbolt 1\ndevice:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000020\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 0 P4D 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n RIP: 0010:tb_port_do_update_credits+0x1b/0x130 [thunderbolt]\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? exc_page_fault+0x7f/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? tb_port_do_update_credits+0x1b/0x130\n ? tb_switch_update_link_attributes+0x83/0xd0\n tb_switch_add+0x7a2/0xfe0\n tb_scan_port+0x236/0x6f0\n tb_handle_hotplug+0x6db/0x900\n process_one_work+0x171/0x340\n worker_thread+0x27b/0x3a0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe5/0x120\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nThis is due the fact that some Thunderbolt 1 devices only have one lane\nadapter. Fix this by checking for the lane 1 before we read its credits.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27060",
"url": "https://www.suse.com/security/cve/CVE-2024-27060"
},
{
"category": "external",
"summary": "SUSE Bug 1223725 for CVE-2024-27060",
"url": "https://bugzilla.suse.com/1223725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27060"
},
{
"cve": "CVE-2024-27062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: lock the client object tree.\n\nIt appears the client object tree has no locking unless I\u0027ve missed\nsomething else. Fix races around adding/removing client objects,\nmostly vram bar mappings.\n\n 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI\n[ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\n[ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\n[ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 \u003c48\u003e 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe\n[ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206\n[ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58\n[ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400\n[ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000\n[ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0\n[ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007\n[ 4562.099528] FS: 00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000\n[ 4562.099534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0\n[ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4562.099544] Call Trace:\n[ 4562.099555] \u003cTASK\u003e\n[ 4562.099573] ? die_addr+0x36/0x90\n[ 4562.099583] ? exc_general_protection+0x246/0x4a0\n[ 4562.099593] ? asm_exc_general_protection+0x26/0x30\n[ 4562.099600] ? nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099730] nvkm_ioctl+0xa1/0x250 [nouveau]\n[ 4562.099861] nvif_object_map_handle+0xc8/0x180 [nouveau]\n[ 4562.099986] nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau]\n[ 4562.100156] ? dma_resv_test_signaled+0x26/0xb0\n[ 4562.100163] ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm]\n[ 4562.100182] ? __mutex_unlock_slowpath+0x2a/0x270\n[ 4562.100189] nouveau_ttm_fault+0x69/0xb0 [nouveau]\n[ 4562.100356] __do_fault+0x32/0x150\n[ 4562.100362] do_fault+0x7c/0x560\n[ 4562.100369] __handle_mm_fault+0x800/0xc10\n[ 4562.100382] handle_mm_fault+0x17c/0x3e0\n[ 4562.100388] do_user_addr_fault+0x208/0x860\n[ 4562.100395] exc_page_fault+0x7f/0x200\n[ 4562.100402] asm_exc_page_fault+0x26/0x30\n[ 4562.100412] RIP: 0033:0x9b9870\n[ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 \u003c44\u003e 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7\n[ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246\n[ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000\n[ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066\n[ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000\n[ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff\n[ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 4562.100446] \u003c/TASK\u003e\n[ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27062",
"url": "https://www.suse.com/security/cve/CVE-2024-27062"
},
{
"category": "external",
"summary": "SUSE Bug 1223834 for CVE-2024-27062",
"url": "https://bugzilla.suse.com/1223834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27064",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27064"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix a memory leak in nf_tables_updchain\n\nIf nft_netdev_register_hooks() fails, the memory associated with\nnft_stats is not freed, causing a memory leak.\n\nThis patch fixes it by moving nft_stats_alloc() down after\nnft_netdev_register_hooks() succeeds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27064",
"url": "https://www.suse.com/security/cve/CVE-2024-27064"
},
{
"category": "external",
"summary": "SUSE Bug 1223740 for CVE-2024-27064",
"url": "https://bugzilla.suse.com/1223740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27064"
},
{
"cve": "CVE-2024-27065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: do not compare internal table flags on updates\n\nRestore skipping transaction if table update does not modify flags.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27065",
"url": "https://www.suse.com/security/cve/CVE-2024-27065"
},
{
"category": "external",
"summary": "SUSE Bug 1223836 for CVE-2024-27065",
"url": "https://bugzilla.suse.com/1223836"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27065"
},
{
"cve": "CVE-2024-27067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27067"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/evtchn: avoid WARN() when unbinding an event channel\n\nWhen unbinding a user event channel, the related handler might be\ncalled a last time in case the kernel was built with\nCONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.\n\nAvoid that by adding an \"unbinding\" flag to struct user_event which\nwill short circuit the handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27067",
"url": "https://www.suse.com/security/cve/CVE-2024-27067"
},
{
"category": "external",
"summary": "SUSE Bug 1223739 for CVE-2024-27067",
"url": "https://bugzilla.suse.com/1223739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27067"
},
{
"cve": "CVE-2024-27068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/mediatek/lvts_thermal: Fix a memory leak in an error handling path\n\nIf devm_krealloc() fails, then \u0027efuse\u0027 is leaking.\nSo free it to avoid a leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27068",
"url": "https://www.suse.com/security/cve/CVE-2024-27068"
},
{
"category": "external",
"summary": "SUSE Bug 1223808 for CVE-2024-27068",
"url": "https://bugzilla.suse.com/1223808"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27068"
},
{
"cve": "CVE-2024-27071",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27071"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbacklight: hx8357: Fix potential NULL pointer dereference\n\nThe \"im\" pins are optional. Add missing check in the hx8357_probe().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27071",
"url": "https://www.suse.com/security/cve/CVE-2024-27071"
},
{
"category": "external",
"summary": "SUSE Bug 1223734 for CVE-2024-27071",
"url": "https://bugzilla.suse.com/1223734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27071"
},
{
"cve": "CVE-2024-27072",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27072"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: usbtv: Remove useless locks in usbtv_video_free()\n\nRemove locks calls in usbtv_video_free() because\nare useless and may led to a deadlock as reported here:\nhttps://syzkaller.appspot.com/x/bisect.txt?x=166dc872180000\nAlso remove usbtv_stop() call since it will be called when\nunregistering the device.\n\nBefore \u0027c838530d230b\u0027 this issue would only be noticed if you\ndisconnect while streaming and now it is noticeable even when\ndisconnecting while not streaming.\n\n\n[hverkuil: fix minor spelling mistake in log message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27072",
"url": "https://www.suse.com/security/cve/CVE-2024-27072"
},
{
"category": "external",
"summary": "SUSE Bug 1223837 for CVE-2024-27072",
"url": "https://bugzilla.suse.com/1223837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27072"
},
{
"cve": "CVE-2024-27073",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27073"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: ttpci: fix two memleaks in budget_av_attach\n\nWhen saa7146_register_device and saa7146_vv_init fails, budget_av_attach\nshould free the resources it allocates, like the error-handling of\nttpci_budget_init does. Besides, there are two fixme comment refers to\nsuch deallocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27073",
"url": "https://www.suse.com/security/cve/CVE-2024-27073"
},
{
"category": "external",
"summary": "SUSE Bug 1223843 for CVE-2024-27073",
"url": "https://bugzilla.suse.com/1223843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27073"
},
{
"cve": "CVE-2024-27074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: go7007: fix a memleak in go7007_load_encoder\n\nIn go7007_load_encoder, bounce(i.e. go-\u003eboot_fw), is allocated without\na deallocation thereafter. After the following call chain:\n\nsaa7134_go7007_init\n |-\u003e go7007_boot_encoder\n |-\u003e go7007_load_encoder\n |-\u003e kfree(go)\n\ngo is freed and thus bounce is leaked.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27074",
"url": "https://www.suse.com/security/cve/CVE-2024-27074"
},
{
"category": "external",
"summary": "SUSE Bug 1223844 for CVE-2024-27074",
"url": "https://bugzilla.suse.com/1223844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27074"
},
{
"cve": "CVE-2024-27075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27075"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: dvb-frontends: avoid stack overflow warnings with clang\n\nA previous patch worked around a KASAN issue in stv0367, now a similar\nproblem showed up with clang:\n\ndrivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in \u0027stv0367ter_set_frontend\u0027 [-Werror,-Wframe-larger-than]\n 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe)\n\nRework the stv0367_writereg() function to be simpler and mark both\nregister access functions as noinline_for_stack so the temporary\ni2c_msg structures do not get duplicated on the stack when KASAN_STACK\nis enabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27075",
"url": "https://www.suse.com/security/cve/CVE-2024-27075"
},
{
"category": "external",
"summary": "SUSE Bug 1223842 for CVE-2024-27075",
"url": "https://bugzilla.suse.com/1223842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27075"
},
{
"cve": "CVE-2024-27076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27076"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: imx: csc/scaler: fix v4l2_ctrl_handler memory leak\n\nFree the memory allocated in v4l2_ctrl_handler_init on release.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27076",
"url": "https://www.suse.com/security/cve/CVE-2024-27076"
},
{
"category": "external",
"summary": "SUSE Bug 1223779 for CVE-2024-27076",
"url": "https://bugzilla.suse.com/1223779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27076"
},
{
"cve": "CVE-2024-27077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-mem2mem: fix a memleak in v4l2_m2m_register_entity\n\nThe entity-\u003ename (i.e. name) is allocated in v4l2_m2m_register_entity\nbut isn\u0027t freed in its following error-handling paths. This patch\nadds such deallocation to prevent memleak of entity-\u003ename.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27077",
"url": "https://www.suse.com/security/cve/CVE-2024-27077"
},
{
"category": "external",
"summary": "SUSE Bug 1223780 for CVE-2024-27077",
"url": "https://bugzilla.suse.com/1223780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27077"
},
{
"cve": "CVE-2024-27078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: v4l2-tpg: fix some memleaks in tpg_alloc\n\nIn tpg_alloc, resources should be deallocated in each and every\nerror-handling paths, since they are allocated in for statements.\nOtherwise there would be memleaks because tpg_free is called only when\ntpg_alloc return 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27078",
"url": "https://www.suse.com/security/cve/CVE-2024-27078"
},
{
"category": "external",
"summary": "SUSE Bug 1223781 for CVE-2024-27078",
"url": "https://bugzilla.suse.com/1223781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27078"
},
{
"cve": "CVE-2024-27080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race when detecting delalloc ranges during fiemap\n\nFor fiemap we recently stopped locking the target extent range for the\nwhole duration of the fiemap call, in order to avoid a deadlock in a\nscenario where the fiemap buffer happens to be a memory mapped range of\nthe same file. This use case is very unlikely to be useful in practice but\nit may be triggered by fuzz testing (syzbot, etc).\n\nThis however introduced a race that makes us miss delalloc ranges for\nfile regions that are currently holes, so the caller of fiemap will not\nbe aware that there\u0027s data for some file regions. This can be quite\nserious for some use cases - for example in coreutils versions before 9.0,\nthe cp program used fiemap to detect holes and data in the source file,\ncopying only regions with data (extents or delalloc) from the source file\nto the destination file in order to preserve holes (see the documentation\nfor its --sparse command line option). This means that if cp was used\nwith a source file that had delalloc in a hole, the destination file could\nend up without that data, which is effectively a data loss issue, if it\nhappened to hit the race described below.\n\nThe race happens like this:\n\n1) Fiemap is called, without the FIEMAP_FLAG_SYNC flag, for a file that\n has delalloc in the file range [64M, 65M[, which is currently a hole;\n\n2) Fiemap locks the inode in shared mode, then starts iterating the\n inode\u0027s subvolume tree searching for file extent items, without having\n the whole fiemap target range locked in the inode\u0027s io tree - the\n change introduced recently by commit b0ad381fa769 (\"btrfs: fix\n deadlock with fiemap and extent locking\"). It only locks ranges in\n the io tree when it finds a hole or prealloc extent since that\n commit;\n\n3) Note that fiemap clones each leaf before using it, and this is to\n avoid deadlocks when locking a file range in the inode\u0027s io tree and\n the fiemap buffer is memory mapped to some file, because writing\n to the page with btrfs_page_mkwrite() will wait on any ordered extent\n for the page\u0027s range and the ordered extent needs to lock the range\n and may need to modify the same leaf, therefore leading to a deadlock\n on the leaf;\n\n4) While iterating the file extent items in the cloned leaf before\n finding the hole in the range [64M, 65M[, the delalloc in that range\n is flushed and its ordered extent completes - meaning the corresponding\n file extent item is in the inode\u0027s subvolume tree, but not present in\n the cloned leaf that fiemap is iterating over;\n\n5) When fiemap finds the hole in the [64M, 65M[ range by seeing the gap in\n the cloned leaf (or a file extent item with disk_bytenr == 0 in case\n the NO_HOLES feature is not enabled), it will lock that file range in\n the inode\u0027s io tree and then search for delalloc by checking for the\n EXTENT_DELALLOC bit in the io tree for that range and ordered extents\n (with btrfs_find_delalloc_in_range()). But it finds nothing since the\n delalloc in that range was already flushed and the ordered extent\n completed and is gone - as a result fiemap will not report that there\u0027s\n delalloc or an extent for the range [64M, 65M[, so user space will be\n mislead into thinking that there\u0027s a hole in that range.\n\nThis could actually be sporadically triggered with test case generic/094\nfrom fstests, which reports a missing extent/delalloc range like this:\n\n generic/094 2s ... - output mismatch (see /home/fdmanana/git/hub/xfstests/results//generic/094.out.bad)\n --- tests/generic/094.out\t2020-06-10 19:29:03.830519425 +0100\n +++ /home/fdmanana/git/hub/xfstests/results//generic/094.out.bad\t2024-02-28 11:00:00.381071525 +0000\n @@ -1,3 +1,9 @@\n QA output created by 094\n fiemap run with sync\n fiemap run without sync\n +ERROR: couldn\u0027t find extent at 7\n +map is \u0027HHDDHPPDPHPH\u0027\n +logical: [ 5.. 6] phys:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27080",
"url": "https://www.suse.com/security/cve/CVE-2024-27080"
},
{
"category": "external",
"summary": "SUSE Bug 1223782 for CVE-2024-27080",
"url": "https://bugzilla.suse.com/1223782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27080"
},
{
"cve": "CVE-2024-27388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27388",
"url": "https://www.suse.com/security/cve/CVE-2024-27388"
},
{
"category": "external",
"summary": "SUSE Bug 1223744 for CVE-2024-27388",
"url": "https://bugzilla.suse.com/1223744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27388"
},
{
"cve": "CVE-2024-27389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27389"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore: inode: Only d_invalidate() is needed\n\nUnloading a modular pstore backend with records in pstorefs would\ntrigger the dput() double-drop warning:\n\n WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410\n\nUsing the combo of d_drop()/dput() (as mentioned in\nDocumentation/filesystems/vfs.rst) isn\u0027t the right approach here, and\nleads to the reference counting problem seen above. Use d_invalidate()\nand update the code to not bother checking for error codes that can\nnever happen.\n\n---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27389",
"url": "https://www.suse.com/security/cve/CVE-2024-27389"
},
{
"category": "external",
"summary": "SUSE Bug 1223705 for CVE-2024-27389",
"url": "https://bugzilla.suse.com/1223705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27389"
},
{
"cve": "CVE-2024-27391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27391"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: wilc1000: do not realloc workqueue everytime an interface is added\n\nCommit 09ed8bfc5215 (\"wilc1000: Rename workqueue from \"WILC_wq\" to\n\"NETDEV-wq\"\") moved workqueue creation in wilc_netdev_ifc_init in order to\nset the interface name in the workqueue name. However, while the driver\nneeds only one workqueue, the wilc_netdev_ifc_init is called each time we\nadd an interface over a phy, which in turns overwrite the workqueue with a\nnew one. This can be observed with the following commands:\n\nfor i in $(seq 0 10)\ndo\n iw phy phy0 interface add wlan1 type managed\n iw dev wlan1 del\ndone\nps -eo pid,comm|grep wlan\n\n 39 kworker/R-wlan0\n 98 kworker/R-wlan1\n102 kworker/R-wlan1\n105 kworker/R-wlan1\n108 kworker/R-wlan1\n111 kworker/R-wlan1\n114 kworker/R-wlan1\n117 kworker/R-wlan1\n120 kworker/R-wlan1\n123 kworker/R-wlan1\n126 kworker/R-wlan1\n129 kworker/R-wlan1\n\nFix this leakage by putting back hif_workqueue allocation in\nwilc_cfg80211_init. Regarding the workqueue name, it is indeed relevant to\nset it lowercase, however it is not attached to a specific netdev, so\nenforcing netdev name in the name is not so relevant. Still, enrich the\nname with the wiphy name to make it clear which phy is using the workqueue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27391",
"url": "https://www.suse.com/security/cve/CVE-2024-27391"
},
{
"category": "external",
"summary": "SUSE Bug 1223709 for CVE-2024-27391",
"url": "https://bugzilla.suse.com/1223709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27391"
},
{
"cve": "CVE-2024-27393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27393"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: Add missing skb_mark_for_recycle\n\nNotice that skb_mark_for_recycle() is introduced later than fixes tag in\ncommit 6a5bcd84e886 (\"page_pool: Allow drivers to hint on SKB recycling\").\n\nIt is believed that fixes tag were missing a call to page_pool_release_page()\nbetween v5.9 to v5.14, after which is should have used skb_mark_for_recycle().\nSince v6.6 the call page_pool_release_page() were removed (in\ncommit 535b9c61bdef (\"net: page_pool: hide page_pool_release_page()\")\nand remaining callers converted (in commit 6bfef2ec0172 (\"Merge branch\n\u0027net-page_pool-remove-page_pool_release_page\u0027\")).\n\nThis leak became visible in v6.8 via commit dba1b8a7ab68 (\"mm/page_pool: catch\npage_pool memory leaks\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27393",
"url": "https://www.suse.com/security/cve/CVE-2024-27393"
},
{
"category": "external",
"summary": "SUSE Bug 1224076 for CVE-2024-27393",
"url": "https://bugzilla.suse.com/1224076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27393"
},
{
"cve": "CVE-2024-27395",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27395"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix Use-After-Free in ovs_ct_exit\n\nSince kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof ovs_ct_limit_exit, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27395",
"url": "https://www.suse.com/security/cve/CVE-2024-27395"
},
{
"category": "external",
"summary": "SUSE Bug 1224098 for CVE-2024-27395",
"url": "https://bugzilla.suse.com/1224098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27395"
},
{
"cve": "CVE-2024-27396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gtp: Fix Use-After-Free in gtp_dellink\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof gtp_dellink, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27396",
"url": "https://www.suse.com/security/cve/CVE-2024-27396"
},
{
"category": "external",
"summary": "SUSE Bug 1224096 for CVE-2024-27396",
"url": "https://bugzilla.suse.com/1224096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-27399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27399"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout\n\nThere is a race condition between l2cap_chan_timeout() and\nl2cap_chan_del(). When we use l2cap_chan_del() to delete the\nchannel, the chan-\u003econn will be set to null. But the conn could\nbe dereferenced again in the mutex_lock() of l2cap_chan_timeout().\nAs a result the null pointer dereference bug will happen. The\nKASAN report triggered by POC is shown below:\n\n[ 472.074580] ==================================================================\n[ 472.075284] BUG: KASAN: null-ptr-deref in mutex_lock+0x68/0xc0\n[ 472.075308] Write of size 8 at addr 0000000000000158 by task kworker/0:0/7\n[ 472.075308]\n[ 472.075308] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.075308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.075308] Workqueue: events l2cap_chan_timeout\n[ 472.075308] Call Trace:\n[ 472.075308] \u003cTASK\u003e\n[ 472.075308] dump_stack_lvl+0x137/0x1a0\n[ 472.075308] print_report+0x101/0x250\n[ 472.075308] ? __virt_addr_valid+0x77/0x160\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_report+0x139/0x170\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_check_range+0x2c3/0x2e0\n[ 472.075308] mutex_lock+0x68/0xc0\n[ 472.075308] l2cap_chan_timeout+0x181/0x300\n[ 472.075308] process_one_work+0x5d2/0xe00\n[ 472.075308] worker_thread+0xe1d/0x1660\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] kthread+0x2b7/0x350\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork+0x4d/0x80\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork_asm+0x11/0x20\n[ 472.075308] \u003c/TASK\u003e\n[ 472.075308] ==================================================================\n[ 472.094860] Disabling lock debugging due to kernel taint\n[ 472.096136] BUG: kernel NULL pointer dereference, address: 0000000000000158\n[ 472.096136] #PF: supervisor write access in kernel mode\n[ 472.096136] #PF: error_code(0x0002) - not-present page\n[ 472.096136] PGD 0 P4D 0\n[ 472.096136] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI\n[ 472.096136] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: G B 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.096136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.096136] Workqueue: events l2cap_chan_timeout\n[ 472.096136] RIP: 0010:mutex_lock+0x88/0xc0\n[ 472.096136] Code: be 08 00 00 00 e8 f8 23 1f fd 4c 89 f7 be 08 00 00 00 e8 eb 23 1f fd 42 80 3c 23 00 74 08 48 88\n[ 472.096136] RSP: 0018:ffff88800744fc78 EFLAGS: 00000246\n[ 472.096136] RAX: 0000000000000000 RBX: 1ffff11000e89f8f RCX: ffffffff8457c865\n[ 472.096136] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88800744fc78\n[ 472.096136] RBP: 0000000000000158 R08: ffff88800744fc7f R09: 1ffff11000e89f8f\n[ 472.096136] R10: dffffc0000000000 R11: ffffed1000e89f90 R12: dffffc0000000000\n[ 472.096136] R13: 0000000000000158 R14: ffff88800744fc78 R15: ffff888007405a00\n[ 472.096136] FS: 0000000000000000(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000\n[ 472.096136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 472.096136] CR2: 0000000000000158 CR3: 000000000da32000 CR4: 00000000000006f0\n[ 472.096136] Call Trace:\n[ 472.096136] \u003cTASK\u003e\n[ 472.096136] ? __die_body+0x8d/0xe0\n[ 472.096136] ? page_fault_oops+0x6b8/0x9a0\n[ 472.096136] ? kernelmode_fixup_or_oops+0x20c/0x2a0\n[ 472.096136] ? do_user_addr_fault+0x1027/0x1340\n[ 472.096136] ? _printk+0x7a/0xa0\n[ 472.096136] ? mutex_lock+0x68/0xc0\n[ 472.096136] ? add_taint+0x42/0xd0\n[ 472.096136] ? exc_page_fault+0x6a/0x1b0\n[ 472.096136] ? asm_exc_page_fault+0x26/0x30\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] ? mutex_lock+0x88/0xc0\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] l2cap_chan_timeo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27399",
"url": "https://www.suse.com/security/cve/CVE-2024-27399"
},
{
"category": "external",
"summary": "SUSE Bug 1224177 for CVE-2024-27399",
"url": "https://bugzilla.suse.com/1224177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27399"
},
{
"cve": "CVE-2024-27400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27400"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2\n\nThis reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move\non same heap. The basic problem here is that after the move the old\nlocation is simply not available any more.\n\nSome fixes were suggested, but essentially we should call the move\nnotification before actually moving things because only this way we have\nthe correct order for DMA-buf and VM move notifications as well.\n\nAlso rework the statistic handling so that we don\u0027t update the eviction\ncounter before the move.\n\nv2: add missing NULL check",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27400",
"url": "https://www.suse.com/security/cve/CVE-2024-27400"
},
{
"category": "external",
"summary": "SUSE Bug 1224180 for CVE-2024-27400",
"url": "https://bugzilla.suse.com/1224180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27400"
},
{
"cve": "CVE-2024-27401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27401",
"url": "https://www.suse.com/security/cve/CVE-2024-27401"
},
{
"category": "external",
"summary": "SUSE Bug 1224181 for CVE-2024-27401",
"url": "https://bugzilla.suse.com/1224181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27401"
},
{
"cve": "CVE-2024-27402",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27402"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphonet/pep: fix racy skb_queue_empty() use\n\nThe receive queues are protected by their respective spin-lock, not\nthe socket lock. This could lead to skb_peek() unexpectedly\nreturning NULL or a pointer to an already dequeued socket buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27402",
"url": "https://www.suse.com/security/cve/CVE-2024-27402"
},
{
"category": "external",
"summary": "SUSE Bug 1224414 for CVE-2024-27402",
"url": "https://bugzilla.suse.com/1224414"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27402"
},
{
"cve": "CVE-2024-27404",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27404"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: fix data races on remote_id\n\nSimilar to the previous patch, address the data race on\nremote_id, adding the suitable ONCE annotations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27404",
"url": "https://www.suse.com/security/cve/CVE-2024-27404"
},
{
"category": "external",
"summary": "SUSE Bug 1224422 for CVE-2024-27404",
"url": "https://bugzilla.suse.com/1224422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27404"
},
{
"cve": "CVE-2024-27405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs\n\nIt is observed sometimes when tethering is used over NCM with Windows 11\nas host, at some instances, the gadget_giveback has one byte appended at\nthe end of a proper NTB. When the NTB is parsed, unwrap call looks for\nany leftover bytes in SKB provided by u_ether and if there are any pending\nbytes, it treats them as a separate NTB and parses it. But in case the\nsecond NTB (as per unwrap call) is faulty/corrupt, all the datagrams that\nwere parsed properly in the first NTB and saved in rx_list are dropped.\n\nAdding a few custom traces showed the following:\n[002] d..1 7828.532866: dwc3_gadget_giveback: ep1out:\nreq 000000003868811a length 1025/16384 zsI ==\u003e 0\n[002] d..1 7828.532867: ncm_unwrap_ntb: K: ncm_unwrap_ntb toprocess: 1025\n[002] d..1 7828.532867: ncm_unwrap_ntb: K: ncm_unwrap_ntb nth: 1751999342\n[002] d..1 7828.532868: ncm_unwrap_ntb: K: ncm_unwrap_ntb seq: 0xce67\n[002] d..1 7828.532868: ncm_unwrap_ntb: K: ncm_unwrap_ntb blk_len: 0x400\n[002] d..1 7828.532868: ncm_unwrap_ntb: K: ncm_unwrap_ntb ndp_len: 0x10\n[002] d..1 7828.532869: ncm_unwrap_ntb: K: Parsed NTB with 1 frames\n\nIn this case, the giveback is of 1025 bytes and block length is 1024.\nThe rest 1 byte (which is 0x00) won\u0027t be parsed resulting in drop of\nall datagrams in rx_list.\n\nSame is case with packets of size 2048:\n[002] d..1 7828.557948: dwc3_gadget_giveback: ep1out:\nreq 0000000011dfd96e length 2049/16384 zsI ==\u003e 0\n[002] d..1 7828.557949: ncm_unwrap_ntb: K: ncm_unwrap_ntb nth: 1751999342\n[002] d..1 7828.557950: ncm_unwrap_ntb: K: ncm_unwrap_ntb blk_len: 0x800\n\nLecroy shows one byte coming in extra confirming that the byte is coming\nin from PC:\n\n Transfer 2959 - Bytes Transferred(1025) Timestamp((18.524 843 590)\n - Transaction 8391 - Data(1025 bytes) Timestamp(18.524 843 590)\n --- Packet 4063861\n Data(1024 bytes)\n Duration(2.117us) Idle(14.700ns) Timestamp(18.524 843 590)\n --- Packet 4063863\n Data(1 byte)\n Duration(66.160ns) Time(282.000ns) Timestamp(18.524 845 722)\n\nAccording to Windows driver, no ZLP is needed if wBlockLength is non-zero,\nbecause the non-zero wBlockLength has already told the function side the\nsize of transfer to be expected. However, there are in-market NCM devices\nthat rely on ZLP as long as the wBlockLength is multiple of wMaxPacketSize.\nTo deal with such devices, it pads an extra 0 at end so the transfer is no\nlonger multiple of wMaxPacketSize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27405",
"url": "https://www.suse.com/security/cve/CVE-2024-27405"
},
{
"category": "external",
"summary": "SUSE Bug 1224423 for CVE-2024-27405",
"url": "https://bugzilla.suse.com/1224423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27405"
},
{
"cve": "CVE-2024-27408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup\n\nThe Linked list element and pointer are not stored in the same memory as\nthe eDMA controller register. If the doorbell register is toggled before\nthe full write of the linked list a race condition error will occur.\nIn remote setup we can only use a readl to the memory to assure the full\nwrite has occurred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27408",
"url": "https://www.suse.com/security/cve/CVE-2024-27408"
},
{
"category": "external",
"summary": "SUSE Bug 1224430 for CVE-2024-27408",
"url": "https://bugzilla.suse.com/1224430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27408"
},
{
"cve": "CVE-2024-27410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27410"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject iftype change with mesh ID change\n\nIt\u0027s currently possible to change the mesh ID when the\ninterface isn\u0027t yet in mesh mode, at the same time as\nchanging it into mesh mode. This leads to an overwrite\nof data in the wdev-\u003eu union for the interface type it\ncurrently has, causing cfg80211_change_iface() to do\nwrong things when switching.\n\nWe could probably allow setting an interface to mesh\nwhile setting the mesh ID at the same time by doing a\ndifferent order of operations here, but realistically\nthere\u0027s no userspace that\u0027s going to do this, so just\ndisallow changes in iftype when setting mesh ID.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27410",
"url": "https://www.suse.com/security/cve/CVE-2024-27410"
},
{
"category": "external",
"summary": "SUSE Bug 1224432 for CVE-2024-27410",
"url": "https://bugzilla.suse.com/1224432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27410"
},
{
"cve": "CVE-2024-27411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27411"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: keep DMA buffers required for suspend/resume\n\nNouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly.\nThis is likely not as big an issue on systems where the NVGPU is the only GPU, but on multi-GPU set ups it leads to a regression where the kernel module errors and results in a system-wide rendering freeze.\n\nThis commit addresses that regression by moving the two buffers required for suspend and resume to be deallocated at driver unload instead of post init.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27411",
"url": "https://www.suse.com/security/cve/CVE-2024-27411"
},
{
"category": "external",
"summary": "SUSE Bug 1224433 for CVE-2024-27411",
"url": "https://bugzilla.suse.com/1224433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27411"
},
{
"cve": "CVE-2024-27412",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27412"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: bq27xxx-i2c: Do not free non existing IRQ\n\nThe bq27xxx i2c-client may not have an IRQ, in which case\nclient-\u003eirq will be 0. bq27xxx_battery_i2c_probe() already has\nan if (client-\u003eirq) check wrapping the request_threaded_irq().\n\nBut bq27xxx_battery_i2c_remove() unconditionally calls\nfree_irq(client-\u003eirq) leading to:\n\n[ 190.310742] ------------[ cut here ]------------\n[ 190.310843] Trying to free already-free IRQ 0\n[ 190.310861] WARNING: CPU: 2 PID: 1304 at kernel/irq/manage.c:1893 free_irq+0x1b8/0x310\n\nFollowed by a backtrace when unbinding the driver. Add\nan if (client-\u003eirq) to bq27xxx_battery_i2c_remove() mirroring\nprobe() to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27412",
"url": "https://www.suse.com/security/cve/CVE-2024-27412"
},
{
"category": "external",
"summary": "SUSE Bug 1224437 for CVE-2024-27412",
"url": "https://bugzilla.suse.com/1224437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27412"
},
{
"cve": "CVE-2024-27413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi/capsule-loader: fix incorrect allocation size\n\ngcc-14 notices that the allocation with sizeof(void) on 32-bit architectures\nis not enough for a 64-bit phys_addr_t:\n\ndrivers/firmware/efi/capsule-loader.c: In function \u0027efi_capsule_open\u0027:\ndrivers/firmware/efi/capsule-loader.c:295:24: error: allocation of insufficient size \u00274\u0027 for type \u0027phys_addr_t\u0027 {aka \u0027long long unsigned int\u0027} with size \u00278\u0027 [-Werror=alloc-size]\n 295 | cap_info-\u003ephys = kzalloc(sizeof(void *), GFP_KERNEL);\n | ^\n\nUse the correct type instead here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27413",
"url": "https://www.suse.com/security/cve/CVE-2024-27413"
},
{
"category": "external",
"summary": "SUSE Bug 1224438 for CVE-2024-27413",
"url": "https://bugzilla.suse.com/1224438"
},
{
"category": "external",
"summary": "SUSE Bug 1225315 for CVE-2024-27413",
"url": "https://bugzilla.suse.com/1225315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-27413"
},
{
"cve": "CVE-2024-27414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: fix error logic of IFLA_BRIDGE_FLAGS writing back\n\nIn the commit d73ef2d69c0d (\"rtnetlink: let rtnl_bridge_setlink checks\nIFLA_BRIDGE_MODE length\"), an adjustment was made to the old loop logic\nin the function `rtnl_bridge_setlink` to enable the loop to also check\nthe length of the IFLA_BRIDGE_MODE attribute. However, this adjustment\nremoved the `break` statement and led to an error logic of the flags\nwriting back at the end of this function.\n\nif (have_flags)\n memcpy(nla_data(attr), \u0026flags, sizeof(flags));\n // attr should point to IFLA_BRIDGE_FLAGS NLA !!!\n\nBefore the mentioned commit, the `attr` is granted to be IFLA_BRIDGE_FLAGS.\nHowever, this is not necessarily true fow now as the updated loop will let\nthe attr point to the last NLA, even an invalid NLA which could cause\noverflow writes.\n\nThis patch introduces a new variable `br_flag` to save the NLA pointer\nthat points to IFLA_BRIDGE_FLAGS and uses it to resolve the mentioned\nerror logic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27414",
"url": "https://www.suse.com/security/cve/CVE-2024-27414"
},
{
"category": "external",
"summary": "SUSE Bug 1224439 for CVE-2024-27414",
"url": "https://bugzilla.suse.com/1224439"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27414"
},
{
"cve": "CVE-2024-27416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST\n\nIf we received HCI_EV_IO_CAPA_REQUEST while\nHCI_OP_READ_REMOTE_EXT_FEATURES is yet to be responded assume the remote\ndoes support SSP since otherwise this event shouldn\u0027t be generated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27416",
"url": "https://www.suse.com/security/cve/CVE-2024-27416"
},
{
"category": "external",
"summary": "SUSE Bug 1224723 for CVE-2024-27416",
"url": "https://bugzilla.suse.com/1224723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27416"
},
{
"cve": "CVE-2024-27417",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27417"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix potential \"struct net\" leak in inet6_rtm_getaddr()\n\nIt seems that if userspace provides a correct IFA_TARGET_NETNSID value\nbut no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr()\nreturns -EINVAL with an elevated \"struct net\" refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27417",
"url": "https://www.suse.com/security/cve/CVE-2024-27417"
},
{
"category": "external",
"summary": "SUSE Bug 1224721 for CVE-2024-27417",
"url": "https://bugzilla.suse.com/1224721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27417"
},
{
"cve": "CVE-2024-27418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: take ownership of skb in mctp_local_output\n\nCurrently, mctp_local_output only takes ownership of skb on success, and\nwe may leak an skb if mctp_local_output fails in specific states; the\nskb ownership isn\u0027t transferred until the actual output routing occurs.\n\nInstead, make mctp_local_output free the skb on all error paths up to\nthe route action, so it always consumes the passed skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27418",
"url": "https://www.suse.com/security/cve/CVE-2024-27418"
},
{
"category": "external",
"summary": "SUSE Bug 1224720 for CVE-2024-27418",
"url": "https://bugzilla.suse.com/1224720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27418"
},
{
"cve": "CVE-2024-27419",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27419"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Fix data-races around sysctl_net_busy_read\n\nWe need to protect the reader reading the sysctl value because the\nvalue can be changed concurrently.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27419",
"url": "https://www.suse.com/security/cve/CVE-2024-27419"
},
{
"category": "external",
"summary": "SUSE Bug 1224759 for CVE-2024-27419",
"url": "https://bugzilla.suse.com/1224759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-27419"
},
{
"cve": "CVE-2024-27431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpumap: Zero-initialise xdp_rxq_info struct before running XDP program\n\nWhen running an XDP program that is attached to a cpumap entry, we don\u0027t\ninitialise the xdp_rxq_info data structure being used in the xdp_buff\nthat backs the XDP program invocation. Tobias noticed that this leads to\nrandom values being returned as the xdp_md-\u003erx_queue_index value for XDP\nprograms running in a cpumap.\n\nThis means we\u0027re basically returning the contents of the uninitialised\nmemory, which is bad. Fix this by zero-initialising the rxq data\nstructure before running the XDP program.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27431",
"url": "https://www.suse.com/security/cve/CVE-2024-27431"
},
{
"category": "external",
"summary": "SUSE Bug 1224718 for CVE-2024-27431",
"url": "https://bugzilla.suse.com/1224718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27431"
},
{
"cve": "CVE-2024-27432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: fix PPE hanging issue\n\nA patch to resolve an issue was found in MediaTek\u0027s GPL-licensed SDK:\nIn the mtk_ppe_stop() function, the PPE scan mode is not disabled before\ndisabling the PPE. This can potentially lead to a hang during the process\nof disabling the PPE.\n\nWithout this patch, the PPE may experience a hang during the reboot test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27432",
"url": "https://www.suse.com/security/cve/CVE-2024-27432"
},
{
"category": "external",
"summary": "SUSE Bug 1224716 for CVE-2024-27432",
"url": "https://bugzilla.suse.com/1224716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27432"
},
{
"cve": "CVE-2024-27434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27434"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t set the MFP flag for the GTK\n\nThe firmware doesn\u0027t need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27434",
"url": "https://www.suse.com/security/cve/CVE-2024-27434"
},
{
"category": "external",
"summary": "SUSE Bug 1224710 for CVE-2024-27434",
"url": "https://bugzilla.suse.com/1224710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27434"
},
{
"cve": "CVE-2024-27435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: fix reconnection fail due to reserved tag allocation\n\nWe found a issue on production environment while using NVMe over RDMA,\nadmin_q reconnect failed forever while remote target and network is ok.\nAfter dig into it, we found it may caused by a ABBA deadlock due to tag\nallocation. In my case, the tag was hold by a keep alive request\nwaiting inside admin_q, as we quiesced admin_q while reset ctrl, so the\nrequest maked as idle and will not process before reset success. As\nfabric_q shares tagset with admin_q, while reconnect remote target, we\nneed a tag for connect command, but the only one reserved tag was held\nby keep alive command which waiting inside admin_q. As a result, we\nfailed to reconnect admin_q forever. In order to fix this issue, I\nthink we should keep two reserved tags for admin queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27435",
"url": "https://www.suse.com/security/cve/CVE-2024-27435"
},
{
"category": "external",
"summary": "SUSE Bug 1224717 for CVE-2024-27435",
"url": "https://bugzilla.suse.com/1224717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27435"
},
{
"cve": "CVE-2024-27436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Stop parsing channels bits when all channels are found.\n\nIf a usb audio device sets more bits than the amount of channels\nit could write outside of the map array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27436",
"url": "https://www.suse.com/security/cve/CVE-2024-27436"
},
{
"category": "external",
"summary": "SUSE Bug 1224803 for CVE-2024-27436",
"url": "https://bugzilla.suse.com/1224803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-33619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-33619"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: libstub: only free priv.runtime_map when allocated\n\npriv.runtime_map is only allocated when efi_novamap is not set.\nOtherwise, it is an uninitialized value. In the error path, it is freed\nunconditionally. Avoid passing an uninitialized value to free_pool.\nFree priv.runtime_map only when it was allocated.\n\nThis bug was discovered and resolved using Coverity Static Analysis\nSecurity Testing (SAST) by Synopsys, Inc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-33619",
"url": "https://www.suse.com/security/cve/CVE-2024-33619"
},
{
"category": "external",
"summary": "SUSE Bug 1226768 for CVE-2024-33619",
"url": "https://bugzilla.suse.com/1226768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-33619"
},
{
"cve": "CVE-2024-34777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34777"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-mapping: benchmark: fix node id validation\n\nWhile validating node ids in map_benchmark_ioctl(), node_possible() may\nbe provided with invalid argument outside of [0,MAX_NUMNODES-1] range\nleading to:\n\nBUG: KASAN: wild-memory-access in map_benchmark_ioctl (kernel/dma/map_benchmark.c:214)\nRead of size 8 at addr 1fffffff8ccb6398 by task dma_map_benchma/971\nCPU: 7 PID: 971 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #37\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117)\nkasan_report (mm/kasan/report.c:603)\nkasan_check_range (mm/kasan/generic.c:189)\nvariable_test_bit (arch/x86/include/asm/bitops.h:227) [inline]\narch_test_bit (arch/x86/include/asm/bitops.h:239) [inline]\n_test_bit at (include/asm-generic/bitops/instrumented-non-atomic.h:142) [inline]\nnode_state (include/linux/nodemask.h:423) [inline]\nmap_benchmark_ioctl (kernel/dma/map_benchmark.c:214)\nfull_proxy_unlocked_ioctl (fs/debugfs/file.c:333)\n__x64_sys_ioctl (fs/ioctl.c:890)\ndo_syscall_64 (arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nCompare node ids with sane bounds first. NUMA_NO_NODE is considered a\nspecial valid case meaning that benchmarking kthreads won\u0027t be bound to a\ncpuset of a given node.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34777",
"url": "https://www.suse.com/security/cve/CVE-2024-34777"
},
{
"category": "external",
"summary": "SUSE Bug 1226796 for CVE-2024-34777",
"url": "https://bugzilla.suse.com/1226796"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-34777"
},
{
"cve": "CVE-2024-35247",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35247"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: region: add owner module and take its refcount\n\nThe current implementation of the fpga region assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the region\nduring programming if the parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_region\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering a region to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the region as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a region without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga region.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35247",
"url": "https://www.suse.com/security/cve/CVE-2024-35247"
},
{
"category": "external",
"summary": "SUSE Bug 1226948 for CVE-2024-35247",
"url": "https://bugzilla.suse.com/1226948"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35247"
},
{
"cve": "CVE-2024-35784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix deadlock with fiemap and extent locking\n\nWhile working on the patchset to remove extent locking I got a lockdep\nsplat with fiemap and pagefaulting with my new extent lock replacement\nlock.\n\nThis deadlock exists with our normal code, we just don\u0027t have lockdep\nannotations with the extent locking so we\u0027ve never noticed it.\n\nSince we\u0027re copying the fiemap extent to user space on every iteration\nwe have the chance of pagefaulting. Because we hold the extent lock for\nthe entire range we could mkwrite into a range in the file that we have\nmmap\u0027ed. This would deadlock with the following stack trace\n\n[\u003c0\u003e] lock_extent+0x28d/0x2f0\n[\u003c0\u003e] btrfs_page_mkwrite+0x273/0x8a0\n[\u003c0\u003e] do_page_mkwrite+0x50/0xb0\n[\u003c0\u003e] do_fault+0xc1/0x7b0\n[\u003c0\u003e] __handle_mm_fault+0x2fa/0x460\n[\u003c0\u003e] handle_mm_fault+0xa4/0x330\n[\u003c0\u003e] do_user_addr_fault+0x1f4/0x800\n[\u003c0\u003e] exc_page_fault+0x7c/0x1e0\n[\u003c0\u003e] asm_exc_page_fault+0x26/0x30\n[\u003c0\u003e] rep_movs_alternative+0x33/0x70\n[\u003c0\u003e] _copy_to_user+0x49/0x70\n[\u003c0\u003e] fiemap_fill_next_extent+0xc8/0x120\n[\u003c0\u003e] emit_fiemap_extent+0x4d/0xa0\n[\u003c0\u003e] extent_fiemap+0x7f8/0xad0\n[\u003c0\u003e] btrfs_fiemap+0x49/0x80\n[\u003c0\u003e] __x64_sys_ioctl+0x3e1/0xb50\n[\u003c0\u003e] do_syscall_64+0x94/0x1a0\n[\u003c0\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nI wrote an fstest to reproduce this deadlock without my replacement lock\nand verified that the deadlock exists with our existing locking.\n\nTo fix this simply don\u0027t take the extent lock for the entire duration of\nthe fiemap. This is safe in general because we keep track of where we\nare when we\u0027re searching the tree, so if an ordered extent updates in\nthe middle of our fiemap call we\u0027ll still emit the correct extents\nbecause we know what offset we were on before.\n\nThe only place we maintain the lock is searching delalloc. Since the\ndelalloc stuff can change during writeback we want to lock the extent\nrange so we have a consistent view of delalloc at the time we\u0027re\nchecking to see if we need to set the delalloc flag.\n\nWith this patch applied we no longer deadlock with my testcase.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35784",
"url": "https://www.suse.com/security/cve/CVE-2024-35784"
},
{
"category": "external",
"summary": "SUSE Bug 1224804 for CVE-2024-35784",
"url": "https://bugzilla.suse.com/1224804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35784"
},
{
"cve": "CVE-2024-35786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix stale locked mutex in nouveau_gem_ioctl_pushbuf\n\nIf VM_BIND is enabled on the client the legacy submission ioctl can\u0027t be\nused, however if a client tries to do so regardless it will return an\nerror. In this case the clients mutex remained unlocked leading to a\ndeadlock inside nouveau_drm_postclose or any other nouveau ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35786",
"url": "https://www.suse.com/security/cve/CVE-2024-35786"
},
{
"category": "external",
"summary": "SUSE Bug 1224714 for CVE-2024-35786",
"url": "https://bugzilla.suse.com/1224714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35786"
},
{
"cve": "CVE-2024-35788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35788"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35788",
"url": "https://www.suse.com/security/cve/CVE-2024-35788"
},
{
"category": "external",
"summary": "SUSE Bug 1224709 for CVE-2024-35788",
"url": "https://bugzilla.suse.com/1224709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35788"
},
{
"cve": "CVE-2024-35789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\n\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\nfast_rx entry still holds a pointer to the VLAN\u0027s netdev, which can cause\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\nafter the VLAN change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35789",
"url": "https://www.suse.com/security/cve/CVE-2024-35789"
},
{
"category": "external",
"summary": "SUSE Bug 1224749 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "external",
"summary": "SUSE Bug 1227320 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1227320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmodes/displayport: create sysfs nodes as driver\u0027s default device attribute group\n\nThe DisplayPort driver\u0027s sysfs nodes may be present to the userspace before\ntypec_altmode_set_drvdata() completes in dp_altmode_probe. This means that\na sysfs read can trigger a NULL pointer error by deferencing dp-\u003ehpd in\nhpd_show or dp-\u003elock in pin_assignment_show, as dev_get_drvdata() returns\nNULL in those cases.\n\nRemove manual sysfs node creation in favor of adding attribute group as\ndefault for devices bound to the driver. The ATTRIBUTE_GROUPS() macro is\nnot used here otherwise the path to the sysfs nodes is no longer compliant\nwith the ABI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35790",
"url": "https://www.suse.com/security/cve/CVE-2024-35790"
},
{
"category": "external",
"summary": "SUSE Bug 1224712 for CVE-2024-35790",
"url": "https://bugzilla.suse.com/1224712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35790"
},
{
"cve": "CVE-2024-35791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region()\n\nDo the cache flush of converted pages in svm_register_enc_region() before\ndropping kvm-\u003elock to fix use-after-free issues where region and/or its\narray of pages could be freed by a different task, e.g. if userspace has\n__unregister_enc_region_locked() already queued up for the region.\n\nNote, the \"obvious\" alternative of using local variables doesn\u0027t fully\nresolve the bug, as region-\u003epages is also dynamically allocated. I.e. the\nregion structure itself would be fine, but region-\u003epages could be freed.\n\nFlushing multiple pages under kvm-\u003elock is unfortunate, but the entire\nflow is a rare slow path, and the manual flush is only needed on CPUs that\nlack coherency for encrypted memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35791",
"url": "https://www.suse.com/security/cve/CVE-2024-35791"
},
{
"category": "external",
"summary": "SUSE Bug 1224725 for CVE-2024-35791",
"url": "https://bugzilla.suse.com/1224725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35791"
},
{
"cve": "CVE-2024-35794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: really frozen sync_thread during suspend\n\n1) commit f52f5c71f3d4 (\"md: fix stopping sync thread\") remove\n MD_RECOVERY_FROZEN from __md_stop_writes() and doesn\u0027t realize that\n dm-raid relies on __md_stop_writes() to frozen sync_thread\n indirectly. Fix this problem by adding MD_RECOVERY_FROZEN in\n md_stop_writes(), and since stop_sync_thread() is only used for\n dm-raid in this case, also move stop_sync_thread() to\n md_stop_writes().\n2) The flag MD_RECOVERY_FROZEN doesn\u0027t mean that sync thread is frozen,\n it only prevent new sync_thread to start, and it can\u0027t stop the\n running sync thread; In order to frozen sync_thread, after seting the\n flag, stop_sync_thread() should be used.\n3) The flag MD_RECOVERY_FROZEN doesn\u0027t mean that writes are stopped, use\n it as condition for md_stop_writes() in raid_postsuspend() doesn\u0027t\n look correct. Consider that reentrant stop_sync_thread() do nothing,\n always call md_stop_writes() in raid_postsuspend().\n4) raid_message can set/clear the flag MD_RECOVERY_FROZEN at anytime,\n and if MD_RECOVERY_FROZEN is cleared while the array is suspended,\n new sync_thread can start unexpected. Fix this by disallow\n raid_message() to change sync_thread status during suspend.\n\nNote that after commit f52f5c71f3d4 (\"md: fix stopping sync thread\"), the\ntest shell/lvconvert-raid-reshape.sh start to hang in stop_sync_thread(),\nand with previous fixes, the test won\u0027t hang there anymore, however, the\ntest will still fail and complain that ext4 is corrupted. And with this\npatch, the test won\u0027t hang due to stop_sync_thread() or fail due to ext4\nis corrupted anymore. However, there is still a deadlock related to\ndm-raid456 that will be fixed in following patches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35794",
"url": "https://www.suse.com/security/cve/CVE-2024-35794"
},
{
"category": "external",
"summary": "SUSE Bug 1224706 for CVE-2024-35794",
"url": "https://bugzilla.suse.com/1224706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35794"
},
{
"cve": "CVE-2024-35795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix deadlock while reading mqd from debugfs\n\nAn errant disk backup on my desktop got into debugfs and triggered the\nfollowing deadlock scenario in the amdgpu debugfs files. The machine\nalso hard-resets immediately after those lines are printed (although I\nwasn\u0027t able to reproduce that part when reading by hand):\n\n[ 1318.016074][ T1082] ======================================================\n[ 1318.016607][ T1082] WARNING: possible circular locking dependency detected\n[ 1318.017107][ T1082] 6.8.0-rc7-00015-ge0c8221b72c0 #17 Not tainted\n[ 1318.017598][ T1082] ------------------------------------------------------\n[ 1318.018096][ T1082] tar/1082 is trying to acquire lock:\n[ 1318.018585][ T1082] ffff98c44175d6a0 (\u0026mm-\u003emmap_lock){++++}-{3:3}, at: __might_fault+0x40/0x80\n[ 1318.019084][ T1082]\n[ 1318.019084][ T1082] but task is already holding lock:\n[ 1318.020052][ T1082] ffff98c4c13f55f8 (reservation_ww_class_mutex){+.+.}-{3:3}, at: amdgpu_debugfs_mqd_read+0x6a/0x250 [amdgpu]\n[ 1318.020607][ T1082]\n[ 1318.020607][ T1082] which lock already depends on the new lock.\n[ 1318.020607][ T1082]\n[ 1318.022081][ T1082]\n[ 1318.022081][ T1082] the existing dependency chain (in reverse order) is:\n[ 1318.023083][ T1082]\n[ 1318.023083][ T1082] -\u003e #2 (reservation_ww_class_mutex){+.+.}-{3:3}:\n[ 1318.024114][ T1082] __ww_mutex_lock.constprop.0+0xe0/0x12f0\n[ 1318.024639][ T1082] ww_mutex_lock+0x32/0x90\n[ 1318.025161][ T1082] dma_resv_lockdep+0x18a/0x330\n[ 1318.025683][ T1082] do_one_initcall+0x6a/0x350\n[ 1318.026210][ T1082] kernel_init_freeable+0x1a3/0x310\n[ 1318.026728][ T1082] kernel_init+0x15/0x1a0\n[ 1318.027242][ T1082] ret_from_fork+0x2c/0x40\n[ 1318.027759][ T1082] ret_from_fork_asm+0x11/0x20\n[ 1318.028281][ T1082]\n[ 1318.028281][ T1082] -\u003e #1 (reservation_ww_class_acquire){+.+.}-{0:0}:\n[ 1318.029297][ T1082] dma_resv_lockdep+0x16c/0x330\n[ 1318.029790][ T1082] do_one_initcall+0x6a/0x350\n[ 1318.030263][ T1082] kernel_init_freeable+0x1a3/0x310\n[ 1318.030722][ T1082] kernel_init+0x15/0x1a0\n[ 1318.031168][ T1082] ret_from_fork+0x2c/0x40\n[ 1318.031598][ T1082] ret_from_fork_asm+0x11/0x20\n[ 1318.032011][ T1082]\n[ 1318.032011][ T1082] -\u003e #0 (\u0026mm-\u003emmap_lock){++++}-{3:3}:\n[ 1318.032778][ T1082] __lock_acquire+0x14bf/0x2680\n[ 1318.033141][ T1082] lock_acquire+0xcd/0x2c0\n[ 1318.033487][ T1082] __might_fault+0x58/0x80\n[ 1318.033814][ T1082] amdgpu_debugfs_mqd_read+0x103/0x250 [amdgpu]\n[ 1318.034181][ T1082] full_proxy_read+0x55/0x80\n[ 1318.034487][ T1082] vfs_read+0xa7/0x360\n[ 1318.034788][ T1082] ksys_read+0x70/0xf0\n[ 1318.035085][ T1082] do_syscall_64+0x94/0x180\n[ 1318.035375][ T1082] entry_SYSCALL_64_after_hwframe+0x46/0x4e\n[ 1318.035664][ T1082]\n[ 1318.035664][ T1082] other info that might help us debug this:\n[ 1318.035664][ T1082]\n[ 1318.036487][ T1082] Chain exists of:\n[ 1318.036487][ T1082] \u0026mm-\u003emmap_lock --\u003e reservation_ww_class_acquire --\u003e reservation_ww_class_mutex\n[ 1318.036487][ T1082]\n[ 1318.037310][ T1082] Possible unsafe locking scenario:\n[ 1318.037310][ T1082]\n[ 1318.037838][ T1082] CPU0 CPU1\n[ 1318.038101][ T1082] ---- ----\n[ 1318.038350][ T1082] lock(reservation_ww_class_mutex);\n[ 1318.038590][ T1082] lock(reservation_ww_class_acquire);\n[ 1318.038839][ T1082] lock(reservation_ww_class_mutex);\n[ 1318.039083][ T1082] rlock(\u0026mm-\u003emmap_lock);\n[ 1318.039328][ T1082]\n[ 1318.039328][ T1082] *** DEADLOCK ***\n[ 1318.039328][ T1082]\n[ 1318.040029][ T1082] 1 lock held by tar/1082:\n[ 1318.040259][ T1082] #0: ffff98c4c13f55f8 (reservation_ww_class_mutex){+.+.}-{3:3}, at: amdgpu_debugfs_mqd_read+0x6a/0x250 [amdgpu]\n[ 1318.040560][ T1082]\n[ 1318.040560][ T1082] stack backtrace:\n[\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35795",
"url": "https://www.suse.com/security/cve/CVE-2024-35795"
},
{
"category": "external",
"summary": "SUSE Bug 1224634 for CVE-2024-35795",
"url": "https://bugzilla.suse.com/1224634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35795"
},
{
"cve": "CVE-2024-35796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ll_temac: platform_get_resource replaced by wrong function\n\nThe function platform_get_resource was replaced with\ndevm_platform_ioremap_resource_byname and is called using 0 as name.\n\nThis eventually ends up in platform_get_resource_byname in the call\nstack, where it causes a null pointer in strcmp.\n\n\tif (type == resource_type(r) \u0026\u0026 !strcmp(r-\u003ename, name))\n\nIt should have been replaced with devm_platform_ioremap_resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35796",
"url": "https://www.suse.com/security/cve/CVE-2024-35796"
},
{
"category": "external",
"summary": "SUSE Bug 1224615 for CVE-2024-35796",
"url": "https://bugzilla.suse.com/1224615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35796"
},
{
"cve": "CVE-2024-35799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Prevent crash when disable stream\n\n[Why]\nDisabling stream encoder invokes a function that no longer exists.\n\n[How]\nCheck if the function declaration is NULL in disable stream encoder.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35799",
"url": "https://www.suse.com/security/cve/CVE-2024-35799"
},
{
"category": "external",
"summary": "SUSE Bug 1224740 for CVE-2024-35799",
"url": "https://bugzilla.suse.com/1224740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35799"
},
{
"cve": "CVE-2024-35800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: fix panic in kdump kernel\n\nCheck if get_next_variable() is actually valid pointer before\ncalling it. In kdump kernel this method is set to NULL that causes\npanic during the kexec-ed kernel boot.\n\nTested with QEMU and OVMF firmware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35800",
"url": "https://www.suse.com/security/cve/CVE-2024-35800"
},
{
"category": "external",
"summary": "SUSE Bug 1224507 for CVE-2024-35800",
"url": "https://bugzilla.suse.com/1224507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35800"
},
{
"cve": "CVE-2024-35801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Keep xfd_state in sync with MSR_IA32_XFD\n\nCommit 672365477ae8 (\"x86/fpu: Update XFD state where required\") and\ncommit 8bf26758ca96 (\"x86/fpu: Add XFD state to fpstate\") introduced a\nper CPU variable xfd_state to keep the MSR_IA32_XFD value cached, in\norder to avoid unnecessary writes to the MSR.\n\nOn CPU hotplug MSR_IA32_XFD is reset to the init_fpstate.xfd, which\nwipes out any stale state. But the per CPU cached xfd value is not\nreset, which brings them out of sync.\n\nAs a consequence a subsequent xfd_update_state() might fail to update\nthe MSR which in turn can result in XRSTOR raising a #NM in kernel\nspace, which crashes the kernel.\n\nTo fix this, introduce xfd_set_state() to write xfd_state together\nwith MSR_IA32_XFD, and use it in all places that set MSR_IA32_XFD.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35801",
"url": "https://www.suse.com/security/cve/CVE-2024-35801"
},
{
"category": "external",
"summary": "SUSE Bug 1224732 for CVE-2024-35801",
"url": "https://bugzilla.suse.com/1224732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35801"
},
{
"cve": "CVE-2024-35803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/efistub: Call mixed mode boot services on the firmware\u0027s stack\n\nNormally, the EFI stub calls into the EFI boot services using the stack\nthat was live when the stub was entered. According to the UEFI spec,\nthis stack needs to be at least 128k in size - this might seem large but\nall asynchronous processing and event handling in EFI runs from the same\nstack and so quite a lot of space may be used in practice.\n\nIn mixed mode, the situation is a bit different: the bootloader calls\nthe 32-bit EFI stub entry point, which calls the decompressor\u0027s 32-bit\nentry point, where the boot stack is set up, using a fixed allocation\nof 16k. This stack is still in use when the EFI stub is started in\n64-bit mode, and so all calls back into the EFI firmware will be using\nthe decompressor\u0027s limited boot stack.\n\nDue to the placement of the boot stack right after the boot heap, any\nstack overruns have gone unnoticed. However, commit\n\n 5c4feadb0011983b (\"x86/decompressor: Move global symbol references to C code\")\n\nmoved the definition of the boot heap into C code, and now the boot\nstack is placed right at the base of BSS, where any overruns will\ncorrupt the end of the .data section.\n\nWhile it would be possible to work around this by increasing the size of\nthe boot stack, doing so would affect all x86 systems, and mixed mode\nsystems are a tiny (and shrinking) fraction of the x86 installed base.\n\nSo instead, record the firmware stack pointer value when entering from\nthe 32-bit firmware, and switch to this stack every time a EFI boot\nservice call is made.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35803",
"url": "https://www.suse.com/security/cve/CVE-2024-35803"
},
{
"category": "external",
"summary": "SUSE Bug 1224742 for CVE-2024-35803",
"url": "https://bugzilla.suse.com/1224742"
},
{
"category": "external",
"summary": "SUSE Bug 1225314 for CVE-2024-35803",
"url": "https://bugzilla.suse.com/1225314"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35803"
},
{
"cve": "CVE-2024-35804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Mark target gfn of emulated atomic instruction as dirty\n\nWhen emulating an atomic access on behalf of the guest, mark the target\ngfn dirty if the CMPXCHG by KVM is attempted and doesn\u0027t fault. This\nfixes a bug where KVM effectively corrupts guest memory during live\nmigration by writing to guest memory without informing userspace that the\npage is dirty.\n\nMarking the page dirty got unintentionally dropped when KVM\u0027s emulated\nCMPXCHG was converted to do a user access. Before that, KVM explicitly\nmapped the guest page into kernel memory, and marked the page dirty during\nthe unmap phase.\n\nMark the page dirty even if the CMPXCHG fails, as the old data is written\nback on failure, i.e. the page is still written. The value written is\nguaranteed to be the same because the operation is atomic, but KVM\u0027s ABI\nis that all writes are dirty logged regardless of the value written. And\nmore importantly, that\u0027s what KVM did before the buggy commit.\n\nHuge kudos to the folks on the Cc list (and many others), who did all the\nactual work of triaging and debugging.\n\nbase-commit: 6769ea8da8a93ed4630f1ce64df6aafcaabfce64",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35804",
"url": "https://www.suse.com/security/cve/CVE-2024-35804"
},
{
"category": "external",
"summary": "SUSE Bug 1224638 for CVE-2024-35804",
"url": "https://bugzilla.suse.com/1224638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35804"
},
{
"cve": "CVE-2024-35805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm snapshot: fix lockup in dm_exception_table_exit\n\nThere was reported lockup when we exit a snapshot with many exceptions.\nFix this by adding \"cond_resched\" to the loop that frees the exceptions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35805",
"url": "https://www.suse.com/security/cve/CVE-2024-35805"
},
{
"category": "external",
"summary": "SUSE Bug 1224743 for CVE-2024-35805",
"url": "https://bugzilla.suse.com/1224743"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35805"
},
{
"cve": "CVE-2024-35806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: Always disable interrupts when taking cgr_lock\n\nsmp_call_function_single disables IRQs when executing the callback. To\nprevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere.\nThis is already done by qman_update_cgr and qman_delete_cgr; fix the\nother lockers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35806",
"url": "https://www.suse.com/security/cve/CVE-2024-35806"
},
{
"category": "external",
"summary": "SUSE Bug 1224699 for CVE-2024-35806",
"url": "https://bugzilla.suse.com/1224699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35806"
},
{
"cve": "CVE-2024-35807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix corruption during on-line resize\n\nWe observed a corruption during on-line resize of a file system that is\nlarger than 16 TiB with 4k block size. With having more then 2^32 blocks\nresize_inode is turned off by default by mke2fs. The issue can be\nreproduced on a smaller file system for convenience by explicitly\nturning off resize_inode. An on-line resize across an 8 GiB boundary (the\nsize of a meta block group in this setup) then leads to a corruption:\n\n dev=/dev/\u003csome_dev\u003e # should be \u003e= 16 GiB\n mkdir -p /corruption\n /sbin/mke2fs -t ext4 -b 4096 -O ^resize_inode $dev $((2 * 2**21 - 2**15))\n mount -t ext4 $dev /corruption\n\n dd if=/dev/zero bs=4096 of=/corruption/test count=$((2*2**21 - 4*2**15))\n sha1sum /corruption/test\n # 79d2658b39dcfd77274e435b0934028adafaab11 /corruption/test\n\n /sbin/resize2fs $dev $((2*2**21))\n # drop page cache to force reload the block from disk\n echo 1 \u003e /proc/sys/vm/drop_caches\n\n sha1sum /corruption/test\n # 3c2abc63cbf1a94c9e6977e0fbd72cd832c4d5c3 /corruption/test\n\n2^21 = 2^15*2^6 equals 8 GiB whereof 2^15 is the number of blocks per\nblock group and 2^6 are the number of block groups that make a meta\nblock group.\n\nThe last checksum might be different depending on how the file is laid\nout across the physical blocks. The actual corruption occurs at physical\nblock 63*2^15 = 2064384 which would be the location of the backup of the\nmeta block group\u0027s block descriptor. During the on-line resize the file\nsystem will be converted to meta_bg starting at s_first_meta_bg which is\n2 in the example - meaning all block groups after 16 GiB. However, in\next4_flex_group_add we might add block groups that are not part of the\nfirst meta block group yet. In the reproducer we achieved this by\nsubstracting the size of a whole block group from the point where the\nmeta block group would start. This must be considered when updating the\nbackup block group descriptors to follow the non-meta_bg layout. The fix\nis to add a test whether the group to add is already part of the meta\nblock group or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35807",
"url": "https://www.suse.com/security/cve/CVE-2024-35807"
},
{
"category": "external",
"summary": "SUSE Bug 1224735 for CVE-2024-35807",
"url": "https://bugzilla.suse.com/1224735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35807"
},
{
"cve": "CVE-2024-35808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/dm-raid: don\u0027t call md_reap_sync_thread() directly\n\nCurrently md_reap_sync_thread() is called from raid_message() directly\nwithout holding \u0027reconfig_mutex\u0027, this is definitely unsafe because\nmd_reap_sync_thread() can change many fields that is protected by\n\u0027reconfig_mutex\u0027.\n\nHowever, hold \u0027reconfig_mutex\u0027 here is still problematic because this\nwill cause deadlock, for example, commit 130443d60b1b (\"md: refactor\nidle/frozen_sync_thread() to fix deadlock\").\n\nFix this problem by using stop_sync_thread() to unregister sync_thread,\nlike md/raid did.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35808",
"url": "https://www.suse.com/security/cve/CVE-2024-35808"
},
{
"category": "external",
"summary": "SUSE Bug 1224623 for CVE-2024-35808",
"url": "https://bugzilla.suse.com/1224623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35808"
},
{
"cve": "CVE-2024-35809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/PM: Drain runtime-idle callbacks before driver removal\n\nA race condition between the .runtime_idle() callback and the .remove()\ncallback in the rtsx_pcr PCI driver leads to a kernel crash due to an\nunhandled page fault [1].\n\nThe problem is that rtsx_pci_runtime_idle() is not expected to be running\nafter pm_runtime_get_sync() has been called, but the latter doesn\u0027t really\nguarantee that. It only guarantees that the suspend and resume callbacks\nwill not be running when it returns.\n\nHowever, if a .runtime_idle() callback is already running when\npm_runtime_get_sync() is called, the latter will notice that the runtime PM\nstatus of the device is RPM_ACTIVE and it will return right away without\nwaiting for the former to complete. In fact, it cannot wait for\n.runtime_idle() to complete because it may be called from that callback (it\narguably does not make much sense to do that, but it is not strictly\nprohibited).\n\nThus in general, whoever is providing a .runtime_idle() callback needs\nto protect it from running in parallel with whatever code runs after\npm_runtime_get_sync(). [Note that .runtime_idle() will not start after\npm_runtime_get_sync() has returned, but it may continue running then if it\nhas started earlier.]\n\nOne way to address that race condition is to call pm_runtime_barrier()\nafter pm_runtime_get_sync() (not before it, because a nonzero value of the\nruntime PM usage counter is necessary to prevent runtime PM callbacks from\nbeing invoked) to wait for the .runtime_idle() callback to complete should\nit be running at that point. A suitable place for doing that is in\npci_device_remove() which calls pm_runtime_get_sync() before removing the\ndriver, so it may as well call pm_runtime_barrier() subsequently, which\nwill prevent the race in question from occurring, not just in the rtsx_pcr\ndriver, but in any PCI drivers providing .runtime_idle() callbacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35809",
"url": "https://www.suse.com/security/cve/CVE-2024-35809"
},
{
"category": "external",
"summary": "SUSE Bug 1224738 for CVE-2024-35809",
"url": "https://bugzilla.suse.com/1224738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35809"
},
{
"cve": "CVE-2024-35810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix the lifetime of the bo cursor memory\n\nThe cleanup can be dispatched while the atomic update is still active,\nwhich means that the memory acquired in the atomic update needs to\nnot be invalidated by the cleanup. The buffer objects in vmw_plane_state\ninstead of using the builtin map_and_cache were trying to handle\nthe lifetime of the mapped memory themselves, leading to crashes.\n\nUse the map_and_cache instead of trying to manage the lifetime of the\nbuffer objects held by the vmw_plane_state.\n\nFixes kernel oops\u0027es in IGT\u0027s kms_cursor_legacy forked-bo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35810",
"url": "https://www.suse.com/security/cve/CVE-2024-35810"
},
{
"category": "external",
"summary": "SUSE Bug 1224626 for CVE-2024-35810",
"url": "https://bugzilla.suse.com/1224626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35810"
},
{
"cve": "CVE-2024-35811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach\n\nThis is the candidate patch of CVE-2023-47233 :\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-47233\n\nIn brcm80211 driver,it starts with the following invoking chain\nto start init a timeout worker:\n\n-\u003ebrcmf_usb_probe\n -\u003ebrcmf_usb_probe_cb\n -\u003ebrcmf_attach\n -\u003ebrcmf_bus_started\n -\u003ebrcmf_cfg80211_attach\n -\u003ewl_init_priv\n -\u003ebrcmf_init_escan\n -\u003eINIT_WORK(\u0026cfg-\u003eescan_timeout_work,\n\t\t brcmf_cfg80211_escan_timeout_worker);\n\nIf we disconnect the USB by hotplug, it will call\nbrcmf_usb_disconnect to make cleanup. The invoking chain is :\n\nbrcmf_usb_disconnect\n -\u003ebrcmf_usb_disconnect_cb\n -\u003ebrcmf_detach\n -\u003ebrcmf_cfg80211_detach\n -\u003ekfree(cfg);\n\nWhile the timeout woker may still be running. This will cause\na use-after-free bug on cfg in brcmf_cfg80211_escan_timeout_worker.\n\nFix it by deleting the timer and canceling the worker in\nbrcmf_cfg80211_detach.\n\n[arend.vanspriel@broadcom.com: keep timer delete as is and cancel work just before free]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35811",
"url": "https://www.suse.com/security/cve/CVE-2024-35811"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2024-35811",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35812"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35812",
"url": "https://www.suse.com/security/cve/CVE-2024-35812"
},
{
"category": "external",
"summary": "SUSE Bug 1224624 for CVE-2024-35812",
"url": "https://bugzilla.suse.com/1224624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35812"
},
{
"cve": "CVE-2024-35813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: core: Avoid negative index with array access\n\nCommit 4d0c8d0aef63 (\"mmc: core: Use mrq.sbc in close-ended ffu\") assigns\nprev_idata = idatas[i - 1], but doesn\u0027t check that the iterator i is\ngreater than zero. Let\u0027s fix this by adding a check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35813",
"url": "https://www.suse.com/security/cve/CVE-2024-35813"
},
{
"category": "external",
"summary": "SUSE Bug 1224618 for CVE-2024-35813",
"url": "https://bugzilla.suse.com/1224618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35813"
},
{
"cve": "CVE-2024-35814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: Fix double-allocation of slots due to broken alignment handling\n\nCommit bbb73a103fbb (\"swiotlb: fix a braino in the alignment check fix\"),\nwhich was a fix for commit 0eee5ae10256 (\"swiotlb: fix slot alignment\nchecks\"), causes a functional regression with vsock in a virtual machine\nusing bouncing via a restricted DMA SWIOTLB pool.\n\nWhen virtio allocates the virtqueues for the vsock device using\ndma_alloc_coherent(), the SWIOTLB search can return page-unaligned\nallocations if \u0027area-\u003eindex\u0027 was left unaligned by a previous allocation\nfrom the buffer:\n\n # Final address in brackets is the SWIOTLB address returned to the caller\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1645-1649/7168 (0x98326800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1649-1653/7168 (0x98328800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1653-1657/7168 (0x9832a800)\n\nThis ends badly (typically buffer corruption and/or a hang) because\nswiotlb_alloc() is expecting a page-aligned allocation and so blindly\nreturns a pointer to the \u0027struct page\u0027 corresponding to the allocation,\ntherefore double-allocating the first half (2KiB slot) of the 4KiB page.\n\nFix the problem by treating the allocation alignment separately to any\nadditional alignment requirements from the device, using the maximum\nof the two as the stride to search the buffer slots and taking care\nto ensure a minimum of page-alignment for buffers larger than a page.\n\nThis also resolves swiotlb allocation failures occuring due to the\ninclusion of ~PAGE_MASK in \u0027iotlb_align_mask\u0027 for large allocations and\nresulting in alignment requirements exceeding swiotlb_max_mapping_size().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35814",
"url": "https://www.suse.com/security/cve/CVE-2024-35814"
},
{
"category": "external",
"summary": "SUSE Bug 1224602 for CVE-2024-35814",
"url": "https://bugzilla.suse.com/1224602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35814"
},
{
"cve": "CVE-2024-35815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\n\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\nthat is not embedded inside struct aio_kiocb. With the current code,\ndepending on the compiler, the req-\u003eki_ctx read happens either before\nthe IOCB_AIO_RW test or after that test. Move the req-\u003eki_ctx read such\nthat it is guaranteed that the IOCB_AIO_RW test happens first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35815",
"url": "https://www.suse.com/security/cve/CVE-2024-35815"
},
{
"category": "external",
"summary": "SUSE Bug 1224685 for CVE-2024-35815",
"url": "https://bugzilla.suse.com/1224685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35815"
},
{
"cve": "CVE-2024-35817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag\n\nOtherwise after the GTT bo is released, the GTT and gart space is freed\nbut amdgpu_ttm_backend_unbind will not clear the gart page table entry\nand leave valid mapping entry pointing to the stale system page. Then\nif GPU access the gart address mistakely, it will read undefined value\ninstead page fault, harder to debug and reproduce the real issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35817",
"url": "https://www.suse.com/security/cve/CVE-2024-35817"
},
{
"category": "external",
"summary": "SUSE Bug 1224736 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "external",
"summary": "SUSE Bug 1225313 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1225313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35817"
},
{
"cve": "CVE-2024-35819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: Use raw spinlock for cgr_lock\n\nsmp_call_function always runs its callback in hard IRQ context, even on\nPREEMPT_RT, where spinlocks can sleep. So we need to use a raw spinlock\nfor cgr_lock to ensure we aren\u0027t waiting on a sleeping task.\n\nAlthough this bug has existed for a while, it was not apparent until\ncommit ef2a8d5478b9 (\"net: dpaa: Adjust queue depth on rate change\")\nwhich invokes smp_call_function_single via qman_update_cgr_safe every\ntime a link goes up or down.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35819",
"url": "https://www.suse.com/security/cve/CVE-2024-35819"
},
{
"category": "external",
"summary": "SUSE Bug 1224683 for CVE-2024-35819",
"url": "https://bugzilla.suse.com/1224683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35819"
},
{
"cve": "CVE-2024-35821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Set page uptodate in the correct place\n\nPage cache reads are lockless, so setting the freshly allocated page\nuptodate before we\u0027ve overwritten it with the data it\u0027s supposed to have\nin it will allow a simultaneous reader to see old data. Move the call\nto SetPageUptodate into ubifs_write_end(), which is after we copied the\nnew data into the page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35821",
"url": "https://www.suse.com/security/cve/CVE-2024-35821"
},
{
"category": "external",
"summary": "SUSE Bug 1224629 for CVE-2024-35821",
"url": "https://bugzilla.suse.com/1224629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35821"
},
{
"cve": "CVE-2024-35822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: udc: remove warning when queue disabled ep\n\nIt is possible trigger below warning message from mass storage function,\n\nWARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104\npc : usb_ep_queue+0x7c/0x104\nlr : fsg_main_thread+0x494/0x1b3c\n\nRoot cause is mass storage function try to queue request from main thread,\nbut other thread may already disable ep when function disable.\n\nAs there is no function failure in the driver, in order to avoid effort\nto fix warning, change WARN_ON_ONCE() in usb_ep_queue() to pr_debug().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35822",
"url": "https://www.suse.com/security/cve/CVE-2024-35822"
},
{
"category": "external",
"summary": "SUSE Bug 1224739 for CVE-2024-35822",
"url": "https://bugzilla.suse.com/1224739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35822"
},
{
"cve": "CVE-2024-35823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvt: fix unicode buffer corruption when deleting characters\n\nThis is the same issue that was fixed for the VGA text buffer in commit\n39cdb68c64d8 (\"vt: fix memory overlapping when deleting chars in the\nbuffer\"). The cure is also the same i.e. replace memcpy() with memmove()\ndue to the overlaping buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35823",
"url": "https://www.suse.com/security/cve/CVE-2024-35823"
},
{
"category": "external",
"summary": "SUSE Bug 1224692 for CVE-2024-35823",
"url": "https://bugzilla.suse.com/1224692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35823"
},
{
"cve": "CVE-2024-35824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume\n\nWhen not configured for wakeup lis3lv02d_i2c_suspend() will call\nlis3lv02d_poweroff() even if the device has already been turned off\nby the runtime-suspend handler and if configured for wakeup and\nthe device is runtime-suspended at this point then it is not turned\nback on to serve as a wakeup source.\n\nBefore commit b1b9f7a49440 (\"misc: lis3lv02d_i2c: Add missing setting\nof the reg_ctrl callback\"), lis3lv02d_poweroff() failed to disable\nthe regulators which as a side effect made calling poweroff() twice ok.\n\nNow that poweroff() correctly disables the regulators, doing this twice\ntriggers a WARN() in the regulator core:\n\nunbalanced disables for regulator-dummy\nWARNING: CPU: 1 PID: 92 at drivers/regulator/core.c:2999 _regulator_disable\n...\n\nFix lis3lv02d_i2c_suspend() to not call poweroff() a second time if\nalready runtime-suspended and add a poweron() call when necessary to\nmake wakeup work.\n\nlis3lv02d_i2c_resume() has similar issues, with an added weirness that\nit always powers on the device if it is runtime suspended, after which\nthe first runtime-resume will call poweron() again, causing the enabled\ncount for the regulator to increase by 1 every suspend/resume. These\nunbalanced regulator_enable() calls cause the regulator to never\nbe turned off and trigger the following WARN() on driver unbind:\n\nWARNING: CPU: 1 PID: 1724 at drivers/regulator/core.c:2396 _regulator_put\n\nFix this by making lis3lv02d_i2c_resume() mirror the new suspend().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35824",
"url": "https://www.suse.com/security/cve/CVE-2024-35824"
},
{
"category": "external",
"summary": "SUSE Bug 1224609 for CVE-2024-35824",
"url": "https://bugzilla.suse.com/1224609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35824"
},
{
"cve": "CVE-2024-35825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: ncm: Fix handling of zero block length packets\n\nWhile connecting to a Linux host with CDC_NCM_NTB_DEF_SIZE_TX\nset to 65536, it has been observed that we receive short packets,\nwhich come at interval of 5-10 seconds sometimes and have block\nlength zero but still contain 1-2 valid datagrams present.\n\nAccording to the NCM spec:\n\n\"If wBlockLength = 0x0000, the block is terminated by a\nshort packet. In this case, the USB transfer must still\nbe shorter than dwNtbInMaxSize or dwNtbOutMaxSize. If\nexactly dwNtbInMaxSize or dwNtbOutMaxSize bytes are sent,\nand the size is a multiple of wMaxPacketSize for the\ngiven pipe, then no ZLP shall be sent.\n\nwBlockLength= 0x0000 must be used with extreme care, because\nof the possibility that the host and device may get out of\nsync, and because of test issues.\n\nwBlockLength = 0x0000 allows the sender to reduce latency by\nstarting to send a very large NTB, and then shortening it when\nthe sender discovers that there\u0027s not sufficient data to justify\nsending a large NTB\"\n\nHowever, there is a potential issue with the current implementation,\nas it checks for the occurrence of multiple NTBs in a single\ngiveback by verifying if the leftover bytes to be processed is zero\nor not. If the block length reads zero, we would process the same\nNTB infintely because the leftover bytes is never zero and it leads\nto a crash. Fix this by bailing out if block length reads zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35825",
"url": "https://www.suse.com/security/cve/CVE-2024-35825"
},
{
"category": "external",
"summary": "SUSE Bug 1224681 for CVE-2024-35825",
"url": "https://bugzilla.suse.com/1224681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35825"
},
{
"cve": "CVE-2024-35827",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35827"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/net: fix overflow check in io_recvmsg_mshot_prep()\n\nThe \"controllen\" variable is type size_t (unsigned long). Casting it\nto int could lead to an integer underflow.\n\nThe check_add_overflow() function considers the type of the destination\nwhich is type int. If we add two positive values and the result cannot\nfit in an integer then that\u0027s counted as an overflow.\n\nHowever, if we cast \"controllen\" to an int and it turns negative, then\nnegative values *can* fit into an int type so there is no overflow.\n\nGood: 100 + (unsigned long)-4 = 96 \u003c-- overflow\n Bad: 100 + (int)-4 = 96 \u003c-- no overflow\n\nI deleted the cast of the sizeof() as well. That\u0027s not a bug but the\ncast is unnecessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35827",
"url": "https://www.suse.com/security/cve/CVE-2024-35827"
},
{
"category": "external",
"summary": "SUSE Bug 1224606 for CVE-2024-35827",
"url": "https://bugzilla.suse.com/1224606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35827"
},
{
"cve": "CVE-2024-35828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()\n\nIn the for statement of lbs_allocate_cmd_buffer(), if the allocation of\ncmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to\nbe freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35828",
"url": "https://www.suse.com/security/cve/CVE-2024-35828"
},
{
"category": "external",
"summary": "SUSE Bug 1224622 for CVE-2024-35828",
"url": "https://bugzilla.suse.com/1224622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35828"
},
{
"cve": "CVE-2024-35829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/lima: fix a memleak in lima_heap_alloc\n\nWhen lima_vm_map_bo fails, the resources need to be deallocated, or\nthere will be memleaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35829",
"url": "https://www.suse.com/security/cve/CVE-2024-35829"
},
{
"category": "external",
"summary": "SUSE Bug 1224707 for CVE-2024-35829",
"url": "https://bugzilla.suse.com/1224707"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35829"
},
{
"cve": "CVE-2024-35830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tc358743: register v4l2 async device only after successful setup\n\nEnsure the device has been setup correctly before registering the v4l2\nasync device, thus allowing userspace to access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35830",
"url": "https://www.suse.com/security/cve/CVE-2024-35830"
},
{
"category": "external",
"summary": "SUSE Bug 1224680 for CVE-2024-35830",
"url": "https://bugzilla.suse.com/1224680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35830"
},
{
"cve": "CVE-2024-35831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35831"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: Fix release of pinned pages when __io_uaddr_map fails\n\nLooking at the error path of __io_uaddr_map, if we fail after pinning\nthe pages for any reasons, ret will be set to -EINVAL and the error\nhandler won\u0027t properly release the pinned pages.\n\nI didn\u0027t manage to trigger it without forcing a failure, but it can\nhappen in real life when memory is heavily fragmented.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35831",
"url": "https://www.suse.com/security/cve/CVE-2024-35831"
},
{
"category": "external",
"summary": "SUSE Bug 1224698 for CVE-2024-35831",
"url": "https://bugzilla.suse.com/1224698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35831"
},
{
"cve": "CVE-2024-35833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA\n\nThis dma_alloc_coherent() is undone neither in the remove function, nor in\nthe error handling path of fsl_qdma_probe().\n\nSwitch to the managed version to fix both issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35833",
"url": "https://www.suse.com/security/cve/CVE-2024-35833"
},
{
"category": "external",
"summary": "SUSE Bug 1224632 for CVE-2024-35833",
"url": "https://bugzilla.suse.com/1224632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35833"
},
{
"cve": "CVE-2024-35834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: recycle buffer in case Rx queue was full\n\nAdd missing xsk_buff_free() call when __xsk_rcv_zc() failed to produce\ndescriptor to XSK Rx queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35834",
"url": "https://www.suse.com/security/cve/CVE-2024-35834"
},
{
"category": "external",
"summary": "SUSE Bug 1224620 for CVE-2024-35834",
"url": "https://bugzilla.suse.com/1224620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35834"
},
{
"cve": "CVE-2024-35835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a double-free in arfs_create_groups\n\nWhen `in` allocated by kvzalloc fails, arfs_create_groups will free\nft-\u003eg and return an error. However, arfs_create_table, the only caller of\narfs_create_groups, will hold this error and call to\nmlx5e_destroy_flow_table, in which the ft-\u003eg will be freed again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35835",
"url": "https://www.suse.com/security/cve/CVE-2024-35835"
},
{
"category": "external",
"summary": "SUSE Bug 1224605 for CVE-2024-35835",
"url": "https://bugzilla.suse.com/1224605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35835"
},
{
"cve": "CVE-2024-35836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix pin dump crash for rebound module\n\nWhen a kernel module is unbound but the pin resources were not entirely\nfreed (other kernel module instance of the same PCI device have had kept\nthe reference to that pin), and kernel module is again bound, the pin\nproperties would not be updated (the properties are only assigned when\nmemory for the pin is allocated), prop pointer still points to the\nkernel module memory of the kernel module which was deallocated on the\nunbind.\n\nIf the pin dump is invoked in this state, the result is a kernel crash.\nPrevent the crash by storing persistent pin properties in dpll subsystem,\ncopy the content from the kernel module when pin is allocated, instead of\nusing memory of the kernel module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35836",
"url": "https://www.suse.com/security/cve/CVE-2024-35836"
},
{
"category": "external",
"summary": "SUSE Bug 1224633 for CVE-2024-35836",
"url": "https://bugzilla.suse.com/1224633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35836"
},
{
"cve": "CVE-2024-35837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35837"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: clear BM pool before initialization\n\nRegister value persist after booting the kernel using\nkexec which results in kernel panic. Thus clear the\nBM pool registers before initialisation to fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35837",
"url": "https://www.suse.com/security/cve/CVE-2024-35837"
},
{
"category": "external",
"summary": "SUSE Bug 1224500 for CVE-2024-35837",
"url": "https://bugzilla.suse.com/1224500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35837"
},
{
"cve": "CVE-2024-35838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix potential sta-link leak\n\nWhen a station is allocated, links are added but not\nset to valid yet (e.g. during connection to an AP MLD),\nwe might remove the station without ever marking links\nvalid, and leak them. Fix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35838",
"url": "https://www.suse.com/security/cve/CVE-2024-35838"
},
{
"category": "external",
"summary": "SUSE Bug 1224613 for CVE-2024-35838",
"url": "https://bugzilla.suse.com/1224613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35838"
},
{
"cve": "CVE-2024-35841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls, fix WARNIING in __sk_msg_free\n\nA splice with MSG_SPLICE_PAGES will cause tls code to use the\ntls_sw_sendmsg_splice path in the TLS sendmsg code to move the user\nprovided pages from the msg into the msg_pl. This will loop over the\nmsg until msg_pl is full, checked by sk_msg_full(msg_pl). The user\ncan also set the MORE flag to hint stack to delay sending until receiving\nmore pages and ideally a full buffer.\n\nIf the user adds more pages to the msg than can fit in the msg_pl\nscatterlist (MAX_MSG_FRAGS) we should ignore the MORE flag and send\nthe buffer anyways.\n\nWhat actually happens though is we abort the msg to msg_pl scatterlist\nsetup and then because we forget to set \u0027full record\u0027 indicating we\ncan no longer consume data without a send we fallthrough to the \u0027continue\u0027\npath which will check if msg_data_left(msg) has more bytes to send and\nthen attempts to fit them in the already full msg_pl. Then next\niteration of sender doing send will encounter a full msg_pl and throw\nthe warning in the syzbot report.\n\nTo fix simply check if we have a full_record in splice code path and\nif not send the msg regardless of MORE flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35841",
"url": "https://www.suse.com/security/cve/CVE-2024-35841"
},
{
"category": "external",
"summary": "SUSE Bug 1224687 for CVE-2024-35841",
"url": "https://bugzilla.suse.com/1224687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35841"
},
{
"cve": "CVE-2024-35842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: sof-common: Add NULL check for normal_link string\n\nIt\u0027s not granted that all entries of struct sof_conn_stream declare\na `normal_link` (a non-SOF, direct link) string, and this is the case\nfor SoCs that support only SOF paths (hence do not support both direct\nand SOF usecases).\n\nFor example, in the case of MT8188 there is no normal_link string in\nany of the sof_conn_stream entries and there will be more drivers\ndoing that in the future.\n\nTo avoid possible NULL pointer KPs, add a NULL check for `normal_link`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35842",
"url": "https://www.suse.com/security/cve/CVE-2024-35842"
},
{
"category": "external",
"summary": "SUSE Bug 1224688 for CVE-2024-35842",
"url": "https://bugzilla.suse.com/1224688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35842"
},
{
"cve": "CVE-2024-35843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Use device rbtree in iopf reporting path\n\nThe existing I/O page fault handler currently locates the PCI device by\ncalling pci_get_domain_bus_and_slot(). This function searches the list\nof all PCI devices until the desired device is found. To improve lookup\nefficiency, replace it with device_rbtree_find() to search the device\nwithin the probed device rbtree.\n\nThe I/O page fault is initiated by the device, which does not have any\nsynchronization mechanism with the software to ensure that the device\nstays in the probed device tree. Theoretically, a device could be released\nby the IOMMU subsystem after device_rbtree_find() and before\niopf_get_dev_fault_param(), which would cause a use-after-free problem.\n\nAdd a mutex to synchronize the I/O page fault reporting path and the IOMMU\nrelease device path. This lock doesn\u0027t introduce any performance overhead,\nas the conflict between I/O page fault reporting and device releasing is\nvery rare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35843",
"url": "https://www.suse.com/security/cve/CVE-2024-35843"
},
{
"category": "external",
"summary": "SUSE Bug 1224751 for CVE-2024-35843",
"url": "https://bugzilla.suse.com/1224751"
},
{
"category": "external",
"summary": "SUSE Bug 1227368 for CVE-2024-35843",
"url": "https://bugzilla.suse.com/1227368"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35843"
},
{
"cve": "CVE-2024-35845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: dbg-tlv: ensure NUL termination\n\nThe iwl_fw_ini_debug_info_tlv is used as a string, so we must\nensure the string is terminated correctly before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35845",
"url": "https://www.suse.com/security/cve/CVE-2024-35845"
},
{
"category": "external",
"summary": "SUSE Bug 1224731 for CVE-2024-35845",
"url": "https://bugzilla.suse.com/1224731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35845"
},
{
"cve": "CVE-2024-35847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Prevent double free on error\n\nThe error handling path in its_vpe_irq_domain_alloc() causes a double free\nwhen its_vpe_init() fails after successfully allocating at least one\ninterrupt. This happens because its_vpe_irq_domain_free() frees the\ninterrupts along with the area bitmap and the vprop_page and\nits_vpe_irq_domain_alloc() subsequently frees the area bitmap and the\nvprop_page again.\n\nFix this by unconditionally invoking its_vpe_irq_domain_free() which\nhandles all cases correctly and by removing the bitmap/vprop_page freeing\nfrom its_vpe_irq_domain_alloc().\n\n[ tglx: Massaged change log ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35847",
"url": "https://www.suse.com/security/cve/CVE-2024-35847"
},
{
"category": "external",
"summary": "SUSE Bug 1224697 for CVE-2024-35847",
"url": "https://bugzilla.suse.com/1224697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35847"
},
{
"cve": "CVE-2024-35848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neeprom: at24: fix memory corruption race condition\n\nIf the eeprom is not accessible, an nvmem device will be registered, the\nread will fail, and the device will be torn down. If another driver\naccesses the nvmem device after the teardown, it will reference\ninvalid memory.\n\nMove the failure point before registering the nvmem device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35848",
"url": "https://www.suse.com/security/cve/CVE-2024-35848"
},
{
"category": "external",
"summary": "SUSE Bug 1224612 for CVE-2024-35848",
"url": "https://bugzilla.suse.com/1224612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35848"
},
{
"cve": "CVE-2024-35849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix information leak in btrfs_ioctl_logical_to_ino()\n\nSyzbot reported the following information leak for in\nbtrfs_ioctl_logical_to_ino():\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n btrfs_ioctl_logical_to_ino+0x440/0x750 fs/btrfs/ioctl.c:3499\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Uninit was created at:\n __kmalloc_large_node+0x231/0x370 mm/slub.c:3921\n __do_kmalloc_node mm/slub.c:3954 [inline]\n __kmalloc_node+0xb07/0x1060 mm/slub.c:3973\n kmalloc_node include/linux/slab.h:648 [inline]\n kvmalloc_node+0xc0/0x2d0 mm/util.c:634\n kvmalloc include/linux/slab.h:766 [inline]\n init_data_container+0x49/0x1e0 fs/btrfs/backref.c:2779\n btrfs_ioctl_logical_to_ino+0x17c/0x750 fs/btrfs/ioctl.c:3480\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Bytes 40-65535 of 65536 are uninitialized\n Memory access of size 65536 starts at ffff888045a40000\n\nThis happens, because we\u0027re copying a \u0027struct btrfs_data_container\u0027 back\nto user-space. This btrfs_data_container is allocated in\n\u0027init_data_container()\u0027 via kvmalloc(), which does not zero-fill the\nmemory.\n\nFix this by using kvzalloc() which zeroes out the memory on allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35849",
"url": "https://www.suse.com/security/cve/CVE-2024-35849"
},
{
"category": "external",
"summary": "SUSE Bug 1224733 for CVE-2024-35849",
"url": "https://bugzilla.suse.com/1224733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: fix NULL-deref on non-serdev setup\n\nQualcomm ROME controllers can be registered from the Bluetooth line\ndiscipline and in this case the HCI UART serdev pointer is NULL.\n\nAdd the missing sanity check to prevent a NULL-pointer dereference when\nsetup() is called for a non-serdev controller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35850",
"url": "https://www.suse.com/security/cve/CVE-2024-35850"
},
{
"category": "external",
"summary": "SUSE Bug 1224600 for CVE-2024-35850",
"url": "https://bugzilla.suse.com/1224600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35850"
},
{
"cve": "CVE-2024-35851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: fix NULL-deref on non-serdev suspend\n\nQualcomm ROME controllers can be registered from the Bluetooth line\ndiscipline and in this case the HCI UART serdev pointer is NULL.\n\nAdd the missing sanity check to prevent a NULL-pointer dereference when\nwakeup() is called for a non-serdev controller during suspend.\n\nJust return true for now to restore the original behaviour and address\nthe crash with pre-6.2 kernels, which do not have commit e9b3e5b8c657\n(\"Bluetooth: hci_qca: only assign wakeup with serial port support\") that\ncauses the crash to happen already at setup() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35851",
"url": "https://www.suse.com/security/cve/CVE-2024-35851"
},
{
"category": "external",
"summary": "SUSE Bug 1224509 for CVE-2024-35851",
"url": "https://bugzilla.suse.com/1224509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35851"
},
{
"cve": "CVE-2024-35852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work\n\nThe rehash delayed work is rescheduled with a delay if the number of\ncredits at end of the work is not negative as supposedly it means that\nthe migration ended. Otherwise, it is rescheduled immediately.\n\nAfter \"mlxsw: spectrum_acl_tcam: Fix possible use-after-free during\nrehash\" the above is no longer accurate as a non-negative number of\ncredits is no longer indicative of the migration being done. It can also\nhappen if the work encountered an error in which case the migration will\nresume the next time the work is scheduled.\n\nThe significance of the above is that it is possible for the work to be\npending and associated with hints that were allocated when the migration\nstarted. This leads to the hints being leaked [1] when the work is\ncanceled while pending as part of ACL region dismantle.\n\nFix by freeing the hints if hints are associated with a work that was\ncanceled while pending.\n\nBlame the original commit since the reliance on not having a pending\nwork associated with hints is fragile.\n\n[1]\nunreferenced object 0xffff88810e7c3000 (size 256):\n comm \"kworker/0:16\", pid 176, jiffies 4295460353\n hex dump (first 32 bytes):\n 00 30 95 11 81 88 ff ff 61 00 00 00 00 00 00 80 .0......a.......\n 00 00 61 00 40 00 00 00 00 00 00 00 04 00 00 00 ..a.@...........\n backtrace (crc 2544ddb9):\n [\u003c00000000cf8cfab3\u003e] kmalloc_trace+0x23f/0x2a0\n [\u003c000000004d9a1ad9\u003e] objagg_hints_get+0x42/0x390\n [\u003c000000000b143cf3\u003e] mlxsw_sp_acl_erp_rehash_hints_get+0xca/0x400\n [\u003c0000000059bdb60a\u003e] mlxsw_sp_acl_tcam_vregion_rehash_work+0x868/0x1160\n [\u003c00000000e81fd734\u003e] process_one_work+0x59c/0xf20\n [\u003c00000000ceee9e81\u003e] worker_thread+0x799/0x12c0\n [\u003c00000000bda6fe39\u003e] kthread+0x246/0x300\n [\u003c0000000070056d23\u003e] ret_from_fork+0x34/0x70\n [\u003c00000000dea2b93e\u003e] ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35852",
"url": "https://www.suse.com/security/cve/CVE-2024-35852"
},
{
"category": "external",
"summary": "SUSE Bug 1224502 for CVE-2024-35852",
"url": "https://bugzilla.suse.com/1224502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35852"
},
{
"cve": "CVE-2024-35853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix memory leak during rehash\n\nThe rehash delayed work migrates filters from one region to another.\nThis is done by iterating over all chunks (all the filters with the same\npriority) in the region and in each chunk iterating over all the\nfilters.\n\nIf the migration fails, the code tries to migrate the filters back to\nthe old region. However, the rollback itself can also fail in which case\nanother migration will be erroneously performed. Besides the fact that\nthis ping pong is not a very good idea, it also creates a problem.\n\nEach virtual chunk references two chunks: The currently used one\n(\u0027vchunk-\u003echunk\u0027) and a backup (\u0027vchunk-\u003echunk2\u0027). During migration the\nfirst holds the chunk we want to migrate filters to and the second holds\nthe chunk we are migrating filters from.\n\nThe code currently assumes - but does not verify - that the backup chunk\ndoes not exist (NULL) if the currently used chunk does not reference the\ntarget region. This assumption breaks when we are trying to rollback a\nrollback, resulting in the backup chunk being overwritten and leaked\n[1].\n\nFix by not rolling back a failed rollback and add a warning to avoid\nfuture cases.\n\n[1]\nWARNING: CPU: 5 PID: 1063 at lib/parman.c:291 parman_destroy+0x17/0x20\nModules linked in:\nCPU: 5 PID: 1063 Comm: kworker/5:11 Tainted: G W 6.9.0-rc2-custom-00784-gc6a05c468a0b #14\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:parman_destroy+0x17/0x20\n[...]\nCall Trace:\n \u003cTASK\u003e\n mlxsw_sp_acl_atcam_region_fini+0x19/0x60\n mlxsw_sp_acl_tcam_region_destroy+0x49/0xf0\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x1f1/0x470\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35853",
"url": "https://www.suse.com/security/cve/CVE-2024-35853"
},
{
"category": "external",
"summary": "SUSE Bug 1224604 for CVE-2024-35853",
"url": "https://bugzilla.suse.com/1224604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35853"
},
{
"cve": "CVE-2024-35854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash\n\nThe rehash delayed work migrates filters from one region to another\naccording to the number of available credits.\n\nThe migrated from region is destroyed at the end of the work if the\nnumber of credits is non-negative as the assumption is that this is\nindicative of migration being complete. This assumption is incorrect as\na non-negative number of credits can also be the result of a failed\nmigration.\n\nThe destruction of a region that still has filters referencing it can\nresult in a use-after-free [1].\n\nFix by not destroying the region if migration failed.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_acl_ctcam_region_entry_remove+0x21d/0x230\nRead of size 8 at addr ffff8881735319e8 by task kworker/0:31/3858\n\nCPU: 0 PID: 3858 Comm: kworker/0:31 Tainted: G W 6.9.0-rc2-custom-00782-gf2275c2157d8 #5\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc6/0x120\n print_report+0xce/0x670\n kasan_report+0xd7/0x110\n mlxsw_sp_acl_ctcam_region_entry_remove+0x21d/0x230\n mlxsw_sp_acl_ctcam_entry_del+0x2e/0x70\n mlxsw_sp_acl_atcam_entry_del+0x81/0x210\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x3cd/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 174:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __kmalloc+0x19c/0x360\n mlxsw_sp_acl_tcam_region_create+0xdf/0x9c0\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x954/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 7:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n poison_slab_object+0x102/0x170\n __kasan_slab_free+0x14/0x30\n kfree+0xc1/0x290\n mlxsw_sp_acl_tcam_region_destroy+0x272/0x310\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x731/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35854",
"url": "https://www.suse.com/security/cve/CVE-2024-35854"
},
{
"category": "external",
"summary": "SUSE Bug 1224636 for CVE-2024-35854",
"url": "https://bugzilla.suse.com/1224636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35854"
},
{
"cve": "CVE-2024-35857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nicmp: prevent possible NULL dereferences from icmp_build_probe()\n\nFirst problem is a double call to __in_dev_get_rcu(), because\nthe second one could return NULL.\n\nif (__in_dev_get_rcu(dev) \u0026\u0026 __in_dev_get_rcu(dev)-\u003eifa_list)\n\nSecond problem is a read from dev-\u003eip6_ptr with no NULL check:\n\nif (!list_empty(\u0026rcu_dereference(dev-\u003eip6_ptr)-\u003eaddr_list))\n\nUse the correct RCU API to fix these.\n\nv2: add missing include \u003cnet/addrconf.h\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35857",
"url": "https://www.suse.com/security/cve/CVE-2024-35857"
},
{
"category": "external",
"summary": "SUSE Bug 1224619 for CVE-2024-35857",
"url": "https://bugzilla.suse.com/1224619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35857"
},
{
"cve": "CVE-2024-35860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: support deferring bpf_link dealloc to after RCU grace period\n\nBPF link for some program types is passed as a \"context\" which can be\nused by those BPF programs to look up additional information. E.g., for\nmulti-kprobes and multi-uprobes, link is used to fetch BPF cookie values.\n\nBecause of this runtime dependency, when bpf_link refcnt drops to zero\nthere could still be active BPF programs running accessing link data.\n\nThis patch adds generic support to defer bpf_link dealloc callback to\nafter RCU GP, if requested. This is done by exposing two different\ndeallocation callbacks, one synchronous and one deferred. If deferred\none is provided, bpf_link_free() will schedule dealloc_deferred()\ncallback to happen after RCU GP.\n\nBPF is using two flavors of RCU: \"classic\" non-sleepable one and RCU\ntasks trace one. The latter is used when sleepable BPF programs are\nused. bpf_link_free() accommodates that by checking underlying BPF\nprogram\u0027s sleepable flag, and goes either through normal RCU GP only for\nnon-sleepable, or through RCU tasks trace GP *and* then normal RCU GP\n(taking into account rcu_trace_implies_rcu_gp() optimization), if BPF\nprogram is sleepable.\n\nWe use this for multi-kprobe and multi-uprobe links, which dereference\nlink during program run. We also preventively switch raw_tp link to use\ndeferred dealloc callback, as upcoming changes in bpf-next tree expose\nraw_tp link data (specifically, cookie value) to BPF program at runtime\nas well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35860",
"url": "https://www.suse.com/security/cve/CVE-2024-35860"
},
{
"category": "external",
"summary": "SUSE Bug 1224531 for CVE-2024-35860",
"url": "https://bugzilla.suse.com/1224531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35860"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35865",
"url": "https://www.suse.com/security/cve/CVE-2024-35865"
},
{
"category": "external",
"summary": "SUSE Bug 1224668 for CVE-2024-35865",
"url": "https://bugzilla.suse.com/1224668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35865"
},
{
"cve": "CVE-2024-35866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_dump_full_key()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35866",
"url": "https://www.suse.com/security/cve/CVE-2024-35866"
},
{
"category": "external",
"summary": "SUSE Bug 1224667 for CVE-2024-35866",
"url": "https://bugzilla.suse.com/1224667"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35866"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_write()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35868",
"url": "https://www.suse.com/security/cve/CVE-2024-35868"
},
{
"category": "external",
"summary": "SUSE Bug 1224678 for CVE-2024-35868",
"url": "https://bugzilla.suse.com/1224678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35868"
},
{
"cve": "CVE-2024-35869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: guarantee refcounted children from parent session\n\nAvoid potential use-after-free bugs when walking DFS referrals,\nmounting and performing DFS failover by ensuring that all children\nfrom parent @tcon-\u003eses are also refcounted. They\u0027re all needed across\nthe entire DFS mount. Get rid of @tcon-\u003edfs_ses_list while we\u0027re at\nit, too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35869",
"url": "https://www.suse.com/security/cve/CVE-2024-35869"
},
{
"category": "external",
"summary": "SUSE Bug 1224679 for CVE-2024-35869",
"url": "https://bugzilla.suse.com/1224679"
},
{
"category": "external",
"summary": "SUSE Bug 1226328 for CVE-2024-35869",
"url": "https://bugzilla.suse.com/1226328"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35869"
},
{
"cve": "CVE-2024-35870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in smb2_reconnect_server()\n\nThe UAF bug is due to smb2_reconnect_server() accessing a session that\nis already being teared down by another thread that is executing\n__cifs_put_smb_ses(). This can happen when (a) the client has\nconnection to the server but no session or (b) another thread ends up\nsetting @ses-\u003eses_status again to something different than\nSES_EXITING.\n\nTo fix this, we need to make sure to unconditionally set\n@ses-\u003eses_status to SES_EXITING and prevent any other threads from\nsetting a new status while we\u0027re still tearing it down.\n\nThe following can be reproduced by adding some delay to right after\nthe ipc is freed in __cifs_put_smb_ses() - which will give\nsmb2_reconnect_server() worker a chance to run and then accessing\n@ses-\u003eipc:\n\nkinit ...\nmount.cifs //srv/share /mnt/1 -o sec=krb5,nohandlecache,echo_interval=10\n[disconnect srv]\nls /mnt/1 \u0026\u003e/dev/null\nsleep 30\nkdestroy\n[reconnect srv]\nsleep 10\numount /mnt/1\n...\nCIFS: VFS: Verify user has a krb5 ticket and keyutils is installed\nCIFS: VFS: \\\\srv Send error in SessSetup = -126\nCIFS: VFS: Verify user has a krb5 ticket and keyutils is installed\nCIFS: VFS: \\\\srv Send error in SessSetup = -126\ngeneral protection fault, probably for non-canonical address\n0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 50 Comm: kworker/3:1 Not tainted 6.9.0-rc2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39\n04/01/2014\nWorkqueue: cifsiod smb2_reconnect_server [cifs]\nRIP: 0010:__list_del_entry_valid_or_report+0x33/0xf0\nCode: 4f 08 48 85 d2 74 42 48 85 c9 74 59 48 b8 00 01 00 00 00 00 ad\nde 48 39 c2 74 61 48 b8 22 01 00 00 00 00 74 69 \u003c48\u003e 8b 01 48 39 f8 75\n7b 48 8b 72 08 48 39 c6 0f 85 88 00 00 00 b8\nRSP: 0018:ffffc900001bfd70 EFLAGS: 00010a83\nRAX: dead000000000122 RBX: ffff88810da53838 RCX: 6b6b6b6b6b6b6b6b\nRDX: 6b6b6b6b6b6b6b6b RSI: ffffffffc02f6878 RDI: ffff88810da53800\nRBP: ffff88810da53800 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff88810c064000\nR13: 0000000000000001 R14: ffff88810c064000 R15: ffff8881039cc000\nFS: 0000000000000000(0000) GS:ffff888157c00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe3728b1000 CR3: 000000010caa4000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x36/0x90\n ? exc_general_protection+0x1c1/0x3f0\n ? asm_exc_general_protection+0x26/0x30\n ? __list_del_entry_valid_or_report+0x33/0xf0\n __cifs_put_smb_ses+0x1ae/0x500 [cifs]\n smb2_reconnect_server+0x4ed/0x710 [cifs]\n process_one_work+0x205/0x6b0\n worker_thread+0x191/0x360\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe2/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35870",
"url": "https://www.suse.com/security/cve/CVE-2024-35870"
},
{
"category": "external",
"summary": "SUSE Bug 1224672 for CVE-2024-35870",
"url": "https://bugzilla.suse.com/1224672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35870"
},
{
"cve": "CVE-2024-35872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35872"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/secretmem: fix GUP-fast succeeding on secretmem folios\n\nfolio_is_secretmem() currently relies on secretmem folios being LRU\nfolios, to save some cycles.\n\nHowever, folios might reside in a folio batch without the LRU flag set, or\ntemporarily have their LRU flag cleared. Consequently, the LRU flag is\nunreliable for this purpose.\n\nIn particular, this is the case when secretmem_fault() allocates a fresh\npage and calls filemap_add_folio()-\u003efolio_add_lru(). The folio might be\nadded to the per-cpu folio batch and won\u0027t get the LRU flag set until the\nbatch was drained using e.g., lru_add_drain().\n\nConsequently, folio_is_secretmem() might not detect secretmem folios and\nGUP-fast can succeed in grabbing a secretmem folio, crashing the kernel\nwhen we would later try reading/writing to the folio, because the folio\nhas been unmapped from the directmap.\n\nFix it by removing that unreliable check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35872",
"url": "https://www.suse.com/security/cve/CVE-2024-35872"
},
{
"category": "external",
"summary": "SUSE Bug 1224530 for CVE-2024-35872",
"url": "https://bugzilla.suse.com/1224530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35872"
},
{
"cve": "CVE-2024-35875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/coco: Require seeding RNG with RDRAND on CoCo systems\n\nThere are few uses of CoCo that don\u0027t rely on working cryptography and\nhence a working RNG. Unfortunately, the CoCo threat model means that the\nVM host cannot be trusted and may actively work against guests to\nextract secrets or manipulate computation. Since a malicious host can\nmodify or observe nearly all inputs to guests, the only remaining source\nof entropy for CoCo guests is RDRAND.\n\nIf RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole\nis meant to gracefully continue on gathering entropy from other sources,\nbut since there aren\u0027t other sources on CoCo, this is catastrophic.\nThis is mostly a concern at boot time when initially seeding the RNG, as\nafter that the consequences of a broken RDRAND are much more\ntheoretical.\n\nSo, try at boot to seed the RNG using 256 bits of RDRAND output. If this\nfails, panic(). This will also trigger if the system is booted without\nRDRAND, as RDRAND is essential for a safe CoCo boot.\n\nAdd this deliberately to be \"just a CoCo x86 driver feature\" and not\npart of the RNG itself. Many device drivers and platforms have some\ndesire to contribute something to the RNG, and add_device_randomness()\nis specifically meant for this purpose.\n\nAny driver can call it with seed data of any quality, or even garbage\nquality, and it can only possibly make the quality of the RNG better or\nhave no effect, but can never make it worse.\n\nRather than trying to build something into the core of the RNG, consider\nthe particular CoCo issue just a CoCo issue, and therefore separate it\nall out into driver (well, arch/platform) code.\n\n [ bp: Massage commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35875",
"url": "https://www.suse.com/security/cve/CVE-2024-35875"
},
{
"category": "external",
"summary": "SUSE Bug 1224665 for CVE-2024-35875",
"url": "https://bugzilla.suse.com/1224665"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35875"
},
{
"cve": "CVE-2024-35877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: fix VM_PAT handling in COW mappings\n\nPAT handling won\u0027t do the right thing in COW mappings: the first PTE (or,\nin fact, all PTEs) can be replaced during write faults to point at anon\nfolios. Reliably recovering the correct PFN and cachemode using\nfollow_phys() from PTEs will not work in COW mappings.\n\nUsing follow_phys(), we might just get the address+protection of the anon\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\ntrack_pfn_copy(), not properly calling free_pfn_range().\n\nIn free_pfn_range(), we either wouldn\u0027t call memtype_free() or would call\nit with the wrong range, possibly leaking memory.\n\nTo fix that, let\u0027s update follow_phys() to refuse returning anon folios,\nand fallback to using the stored PFN inside vma-\u003evm_pgoff for COW mappings\nif we run into that.\n\nWe will now properly handle untrack_pfn() with COW mappings, where we\ndon\u0027t need the cachemode. We\u0027ll have to fail fork()-\u003etrack_pfn_copy() if\nthe first page was replaced by an anon folio, though: we\u0027d have to store\nthe cachemode in the VMA to make this work, likely growing the VMA size.\n\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\ncase: it would have failed in the past with swap/nonswap entries already,\nand it would have done the wrong thing with anon folios.\n\nSimple reproducer to trigger the WARN_ON_ONCE() in untrack_pfn():\n\n\u003c--- C reproducer ---\u003e\n #include \u003cstdio.h\u003e\n #include \u003csys/mman.h\u003e\n #include \u003cunistd.h\u003e\n #include \u003cliburing.h\u003e\n\n int main(void)\n {\n struct io_uring_params p = {};\n int ring_fd;\n size_t size;\n char *map;\n\n ring_fd = io_uring_setup(1, \u0026p);\n if (ring_fd \u003c 0) {\n perror(\"io_uring_setup\");\n return 1;\n }\n size = p.sq_off.array + p.sq_entries * sizeof(unsigned);\n\n /* Map the submission queue ring MAP_PRIVATE */\n map = mmap(0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE,\n ring_fd, IORING_OFF_SQ_RING);\n if (map == MAP_FAILED) {\n perror(\"mmap\");\n return 1;\n }\n\n /* We have at least one page. Let\u0027s COW it. */\n *map = 0;\n pause();\n return 0;\n }\n\u003c--- C reproducer ---\u003e\n\nOn a system with 16 GiB RAM and swap configured:\n # ./iouring \u0026\n # memhog 16G\n # killall iouring\n[ 301.552930] ------------[ cut here ]------------\n[ 301.553285] WARNING: CPU: 7 PID: 1402 at arch/x86/mm/pat/memtype.c:1060 untrack_pfn+0xf4/0x100\n[ 301.553989] Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_g\n[ 301.558232] CPU: 7 PID: 1402 Comm: iouring Not tainted 6.7.5-100.fc38.x86_64 #1\n[ 301.558772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebu4\n[ 301.559569] RIP: 0010:untrack_pfn+0xf4/0x100\n[ 301.559893] Code: 75 c4 eb cf 48 8b 43 10 8b a8 e8 00 00 00 3b 6b 28 74 b8 48 8b 7b 30 e8 ea 1a f7 000\n[ 301.561189] RSP: 0018:ffffba2c0377fab8 EFLAGS: 00010282\n[ 301.561590] RAX: 00000000ffffffea RBX: ffff9208c8ce9cc0 RCX: 000000010455e047\n[ 301.562105] RDX: 07fffffff0eb1e0a RSI: 0000000000000000 RDI: ffff9208c391d200\n[ 301.562628] RBP: 0000000000000000 R08: ffffba2c0377fab8 R09: 0000000000000000\n[ 301.563145] R10: ffff9208d2292d50 R11: 0000000000000002 R12: 00007fea890e0000\n[ 301.563669] R13: 0000000000000000 R14: ffffba2c0377fc08 R15: 0000000000000000\n[ 301.564186] FS: 0000000000000000(0000) GS:ffff920c2fbc0000(0000) knlGS:0000000000000000\n[ 301.564773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 301.565197] CR2: 00007fea88ee8a20 CR3: 00000001033a8000 CR4: 0000000000750ef0\n[ 301.565725] PKRU: 55555554\n[ 301.565944] Call Trace:\n[ 301.566148] \u003cTASK\u003e\n[ 301.566325] ? untrack_pfn+0xf4/0x100\n[ 301.566618] ? __warn+0x81/0x130\n[ 301.566876] ? untrack_pfn+0xf4/0x100\n[ 3\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35877",
"url": "https://www.suse.com/security/cve/CVE-2024-35877"
},
{
"category": "external",
"summary": "SUSE Bug 1224525 for CVE-2024-35877",
"url": "https://bugzilla.suse.com/1224525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: prevent NULL pointer dereference in vsnprintf()\n\nIn of_modalias(), we can get passed the str and len parameters which would\ncause a kernel oops in vsnprintf() since it only allows passing a NULL ptr\nwhen the length is also 0. Also, we need to filter out the negative values\nof the len parameter as these will result in a really huge buffer since\nsnprintf() takes size_t parameter while ours is ssize_t...\n\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35878",
"url": "https://www.suse.com/security/cve/CVE-2024-35878"
},
{
"category": "external",
"summary": "SUSE Bug 1224671 for CVE-2024-35878",
"url": "https://bugzilla.suse.com/1224671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35878"
},
{
"cve": "CVE-2024-35879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: dynamic: Synchronize of_changeset_destroy() with the devlink removals\n\nIn the following sequence:\n 1) of_platform_depopulate()\n 2) of_overlay_remove()\n\nDuring the step 1, devices are destroyed and devlinks are removed.\nDuring the step 2, OF nodes are destroyed but\n__of_changeset_entry_destroy() can raise warnings related to missing\nof_node_put():\n ERROR: memory leak, expected refcount 1 instead of 2 ...\n\nIndeed, during the devlink removals performed at step 1, the removal\nitself releasing the device (and the attached of_node) is done by a job\nqueued in a workqueue and so, it is done asynchronously with respect to\nfunction calls.\nWhen the warning is present, of_node_put() will be called but wrongly\ntoo late from the workqueue job.\n\nIn order to be sure that any ongoing devlink removals are done before\nthe of_node destruction, synchronize the of_changeset_destroy() with the\ndevlink removals.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35879",
"url": "https://www.suse.com/security/cve/CVE-2024-35879"
},
{
"category": "external",
"summary": "SUSE Bug 1224524 for CVE-2024-35879",
"url": "https://bugzilla.suse.com/1224524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35879"
},
{
"cve": "CVE-2024-35880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/kbuf: hold io_buffer_list reference over mmap\n\nIf we look up the kbuf, ensure that it doesn\u0027t get unregistered until\nafter we\u0027re done with it. Since we\u0027re inside mmap, we cannot safely use\nthe io_uring lock. Rely on the fact that we can lookup the buffer list\nunder RCU now and grab a reference to it, preventing it from being\nunregistered until we\u0027re done with it. The lookup returns the\nio_buffer_list directly with it referenced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35880",
"url": "https://www.suse.com/security/cve/CVE-2024-35880"
},
{
"category": "external",
"summary": "SUSE Bug 1224523 for CVE-2024-35880",
"url": "https://bugzilla.suse.com/1224523"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35880"
},
{
"cve": "CVE-2024-35883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe\n\nIn function pci1xxxx_spi_probe, there is a potential null pointer that\nmay be caused by a failed memory allocation by the function devm_kzalloc.\nHence, a null pointer check needs to be added to prevent null pointer\ndereferencing later in the code.\n\nTo fix this issue, spi_bus-\u003espi_int[iter] should be checked. The memory\nallocated by devm_kzalloc will be automatically released, so just directly\nreturn -ENOMEM without worrying about memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35883",
"url": "https://www.suse.com/security/cve/CVE-2024-35883"
},
{
"category": "external",
"summary": "SUSE Bug 1224521 for CVE-2024-35883",
"url": "https://bugzilla.suse.com/1224521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35883"
},
{
"cve": "CVE-2024-35884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nudp: do not accept non-tunnel GSO skbs landing in a tunnel\n\nWhen rx-udp-gro-forwarding is enabled UDP packets might be GROed when\nbeing forwarded. If such packets might land in a tunnel this can cause\nvarious issues and udp_gro_receive makes sure this isn\u0027t the case by\nlooking for a matching socket. This is performed in\nudp4/6_gro_lookup_skb but only in the current netns. This is an issue\nwith tunneled packets when the endpoint is in another netns. In such\ncases the packets will be GROed at the UDP level, which leads to various\nissues later on. The same thing can happen with rx-gro-list.\n\nWe saw this with geneve packets being GROed at the UDP level. In such\ncase gso_size is set; later the packet goes through the geneve rx path,\nthe geneve header is pulled, the offset are adjusted and frag_list skbs\nare not adjusted with regard to geneve. When those skbs hit\nskb_fragment, it will misbehave. Different outcomes are possible\ndepending on what the GROed skbs look like; from corrupted packets to\nkernel crashes.\n\nOne example is a BUG_ON[1] triggered in skb_segment while processing the\nfrag_list. Because gso_size is wrong (geneve header was pulled)\nskb_segment thinks there is \"geneve header size\" of data in frag_list,\nalthough it\u0027s in fact the next packet. The BUG_ON itself has nothing to\ndo with the issue. This is only one of the potential issues.\n\nLooking up for a matching socket in udp_gro_receive is fragile: the\nlookup could be extended to all netns (not speaking about performances)\nbut nothing prevents those packets from being modified in between and we\ncould still not find a matching socket. It\u0027s OK to keep the current\nlogic there as it should cover most cases but we also need to make sure\nwe handle tunnel packets being GROed too early.\n\nThis is done by extending the checks in udp_unexpected_gso: GSO packets\nlacking the SKB_GSO_UDP_TUNNEL/_CSUM bits and landing in a tunnel must\nbe segmented.\n\n[1] kernel BUG at net/core/skbuff.c:4408!\n RIP: 0010:skb_segment+0xd2a/0xf70\n __udp_gso_segment+0xaa/0x560",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35884",
"url": "https://www.suse.com/security/cve/CVE-2024-35884"
},
{
"category": "external",
"summary": "SUSE Bug 1224520 for CVE-2024-35884",
"url": "https://bugzilla.suse.com/1224520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35884"
},
{
"cve": "CVE-2024-35885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxbf_gige: stop interface during shutdown\n\nThe mlxbf_gige driver intermittantly encounters a NULL pointer\nexception while the system is shutting down via \"reboot\" command.\nThe mlxbf_driver will experience an exception right after executing\nits shutdown() method. One example of this exception is:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000070\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004\n CM = 0, WnR = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000011d373000\n[0000000000000070] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 96000004 [#1] SMP\nCPU: 0 PID: 13 Comm: ksoftirqd/0 Tainted: G S OE 5.15.0-bf.6.gef6992a #1\nHardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.0.2.12669 Apr 21 2023\npstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : mlxbf_gige_handle_tx_complete+0xc8/0x170 [mlxbf_gige]\nlr : mlxbf_gige_poll+0x54/0x160 [mlxbf_gige]\nsp : ffff8000080d3c10\nx29: ffff8000080d3c10 x28: ffffcce72cbb7000 x27: ffff8000080d3d58\nx26: ffff0000814e7340 x25: ffff331cd1a05000 x24: ffffcce72c4ea008\nx23: ffff0000814e4b40 x22: ffff0000814e4d10 x21: ffff0000814e4128\nx20: 0000000000000000 x19: ffff0000814e4a80 x18: ffffffffffffffff\nx17: 000000000000001c x16: ffffcce72b4553f4 x15: ffff80008805b8a7\nx14: 0000000000000000 x13: 0000000000000030 x12: 0101010101010101\nx11: 7f7f7f7f7f7f7f7f x10: c2ac898b17576267 x9 : ffffcce720fa5404\nx8 : ffff000080812138 x7 : 0000000000002e9a x6 : 0000000000000080\nx5 : ffff00008de3b000 x4 : 0000000000000000 x3 : 0000000000000001\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\nCall trace:\n mlxbf_gige_handle_tx_complete+0xc8/0x170 [mlxbf_gige]\n mlxbf_gige_poll+0x54/0x160 [mlxbf_gige]\n __napi_poll+0x40/0x1c8\n net_rx_action+0x314/0x3a0\n __do_softirq+0x128/0x334\n run_ksoftirqd+0x54/0x6c\n smpboot_thread_fn+0x14c/0x190\n kthread+0x10c/0x110\n ret_from_fork+0x10/0x20\nCode: 8b070000 f9000ea0 f95056c0 f86178a1 (b9407002)\n---[ end trace 7cc3941aa0d8e6a4 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt\nKernel Offset: 0x4ce722520000 from 0xffff800008000000\nPHYS_OFFSET: 0x80000000\nCPU features: 0x000005c1,a3330e5a\nMemory Limit: none\n---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nDuring system shutdown, the mlxbf_gige driver\u0027s shutdown() is always executed.\nHowever, the driver\u0027s stop() method will only execute if networking interface\nconfiguration logic within the Linux distribution has been setup to do so.\n\nIf shutdown() executes but stop() does not execute, NAPI remains enabled\nand this can lead to an exception if NAPI is scheduled while the hardware\ninterface has only been partially deinitialized.\n\nThe networking interface managed by the mlxbf_gige driver must be properly\nstopped during system shutdown so that IFF_UP is cleared, the hardware\ninterface is put into a clean state, and NAPI is fully deinitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35885",
"url": "https://www.suse.com/security/cve/CVE-2024-35885"
},
{
"category": "external",
"summary": "SUSE Bug 1224519 for CVE-2024-35885",
"url": "https://bugzilla.suse.com/1224519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35885"
},
{
"cve": "CVE-2024-35886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix infinite recursion in fib6_dump_done().\n\nsyzkaller reported infinite recursive calls of fib6_dump_done() during\nnetlink socket destruction. [1]\n\nFrom the log, syzkaller sent an AF_UNSPEC RTM_GETROUTE message, and then\nthe response was generated. The following recvmmsg() resumed the dump\nfor IPv6, but the first call of inet6_dump_fib() failed at kzalloc() due\nto the fault injection. [0]\n\n 12:01:34 executing program 3:\n r0 = socket$nl_route(0x10, 0x3, 0x0)\n sendmsg$nl_route(r0, ... snip ...)\n recvmmsg(r0, ... snip ...) (fail_nth: 8)\n\nHere, fib6_dump_done() was set to nlk_sk(sk)-\u003ecb.done, and the next call\nof inet6_dump_fib() set it to nlk_sk(sk)-\u003ecb.args[3]. syzkaller stopped\nreceiving the response halfway through, and finally netlink_sock_destruct()\ncalled nlk_sk(sk)-\u003ecb.done().\n\nfib6_dump_done() calls fib6_dump_end() and nlk_sk(sk)-\u003ecb.done() if it\nis still not NULL. fib6_dump_end() rewrites nlk_sk(sk)-\u003ecb.done() by\nnlk_sk(sk)-\u003ecb.args[3], but it has the same function, not NULL, calling\nitself recursively and hitting the stack guard page.\n\nTo avoid the issue, let\u0027s set the destructor after kzalloc().\n\n[0]:\nFAULT_INJECTION: forcing a failure.\nname failslab, interval 1, probability 0, space 0, times 0\nCPU: 1 PID: 432110 Comm: syz-executor.3 Not tainted 6.8.0-12821-g537c2e91d354-dirty #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl (lib/dump_stack.c:117)\n should_fail_ex (lib/fault-inject.c:52 lib/fault-inject.c:153)\n should_failslab (mm/slub.c:3733)\n kmalloc_trace (mm/slub.c:3748 mm/slub.c:3827 mm/slub.c:3992)\n inet6_dump_fib (./include/linux/slab.h:628 ./include/linux/slab.h:749 net/ipv6/ip6_fib.c:662)\n rtnl_dump_all (net/core/rtnetlink.c:4029)\n netlink_dump (net/netlink/af_netlink.c:2269)\n netlink_recvmsg (net/netlink/af_netlink.c:1988)\n ____sys_recvmsg (net/socket.c:1046 net/socket.c:2801)\n ___sys_recvmsg (net/socket.c:2846)\n do_recvmmsg (net/socket.c:2943)\n __x64_sys_recvmmsg (net/socket.c:3041 net/socket.c:3034 net/socket.c:3034)\n\n[1]:\nBUG: TASK stack guard page was hit at 00000000f2fa9af1 (stack is 00000000b7912430..000000009a436beb)\nstack guard page: 0000 [#1] PREEMPT SMP KASAN\nCPU: 1 PID: 223719 Comm: kworker/1:3 Not tainted 6.8.0-12821-g537c2e91d354-dirty #11\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: events netlink_sock_destruct_work\nRIP: 0010:fib6_dump_done (net/ipv6/ip6_fib.c:570)\nCode: 3c 24 e8 f3 e9 51 fd e9 28 fd ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 41 57 41 56 41 55 41 54 55 48 89 fd \u003c53\u003e 48 8d 5d 60 e8 b6 4d 07 fd 48 89 da 48 b8 00 00 00 00 00 fc ff\nRSP: 0018:ffffc9000d980000 EFLAGS: 00010293\nRAX: 0000000000000000 RBX: ffffffff84405990 RCX: ffffffff844059d3\nRDX: ffff8881028e0000 RSI: ffffffff84405ac2 RDI: ffff88810c02f358\nRBP: ffff88810c02f358 R08: 0000000000000007 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000224 R12: 0000000000000000\nR13: ffff888007c82c78 R14: ffff888007c82c68 R15: ffff888007c82c68\nFS: 0000000000000000(0000) GS:ffff88811b100000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffc9000d97fff8 CR3: 0000000102309002 CR4: 0000000000770ef0\nPKRU: 55555554\nCall Trace:\n \u003c#DF\u003e\n \u003c/#DF\u003e\n \u003cTASK\u003e\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n ...\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n fib6_dump_done (net/ipv6/ip6_fib.c:572 (discriminator 1))\n netlink_sock_destruct (net/netlink/af_netlink.c:401)\n __sk_destruct (net/core/sock.c:2177 (discriminator 2))\n sk_destruct (net/core/sock.c:2224)\n __sk_free (net/core/sock.c:2235)\n sk_free (net/core/sock.c:2246)\n process_one_work (kernel/workqueue.c:3259)\n worker_thread (kernel/workqueue.c:3329 kernel/workqueue.\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35886",
"url": "https://www.suse.com/security/cve/CVE-2024-35886"
},
{
"category": "external",
"summary": "SUSE Bug 1224670 for CVE-2024-35886",
"url": "https://bugzilla.suse.com/1224670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35886"
},
{
"cve": "CVE-2024-35887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: fix use-after-free bugs caused by ax25_ds_del_timer\n\nWhen the ax25 device is detaching, the ax25_dev_device_down()\ncalls ax25_ds_del_timer() to cleanup the slave_timer. When\nthe timer handler is running, the ax25_ds_del_timer() that\ncalls del_timer() in it will return directly. As a result,\nthe use-after-free bugs could happen, one of the scenarios\nis shown below:\n\n (Thread 1) | (Thread 2)\n | ax25_ds_timeout()\nax25_dev_device_down() |\n ax25_ds_del_timer() |\n del_timer() |\n ax25_dev_put() //FREE |\n | ax25_dev-\u003e //USE\n\nIn order to mitigate bugs, when the device is detaching, use\ntimer_shutdown_sync() to stop the timer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35887",
"url": "https://www.suse.com/security/cve/CVE-2024-35887"
},
{
"category": "external",
"summary": "SUSE Bug 1224663 for CVE-2024-35887",
"url": "https://bugzilla.suse.com/1224663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35887"
},
{
"cve": "CVE-2024-35889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix kernel panic on unknown packet types\n\nIn the very rare case where a packet type is unknown to the driver,\nidpf_rx_process_skb_fields would return early without calling\neth_type_trans to set the skb protocol / the network layer handler.\nThis is especially problematic if tcpdump is running when such a\npacket is received, i.e. it would cause a kernel panic.\n\nInstead, call eth_type_trans for every single packet, even when\nthe packet type is unknown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35889",
"url": "https://www.suse.com/security/cve/CVE-2024-35889"
},
{
"category": "external",
"summary": "SUSE Bug 1224517 for CVE-2024-35889",
"url": "https://bugzilla.suse.com/1224517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35889"
},
{
"cve": "CVE-2024-35890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngro: fix ownership transfer\n\nIf packets are GROed with fraglist they might be segmented later on and\ncontinue their journey in the stack. In skb_segment_list those skbs can\nbe reused as-is. This is an issue as their destructor was removed in\nskb_gro_receive_list but not the reference to their socket, and then\nthey can\u0027t be orphaned. Fix this by also removing the reference to the\nsocket.\n\nFor example this could be observed,\n\n kernel BUG at include/linux/skbuff.h:3131! (skb_orphan)\n RIP: 0010:ip6_rcv_core+0x11bc/0x19a0\n Call Trace:\n ipv6_list_rcv+0x250/0x3f0\n __netif_receive_skb_list_core+0x49d/0x8f0\n netif_receive_skb_list_internal+0x634/0xd40\n napi_complete_done+0x1d2/0x7d0\n gro_cell_poll+0x118/0x1f0\n\nA similar construction is found in skb_gro_receive, apply the same\nchange there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35890",
"url": "https://www.suse.com/security/cve/CVE-2024-35890"
},
{
"category": "external",
"summary": "SUSE Bug 1224516 for CVE-2024-35890",
"url": "https://bugzilla.suse.com/1224516"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35890"
},
{
"cve": "CVE-2024-35891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: micrel: Fix potential null pointer dereference\n\nIn lan8814_get_sig_rx() and lan8814_get_sig_tx() ptp_parse_header() may\nreturn NULL as ptp_header due to abnormal packet type or corrupted packet.\nFix this bug by adding ptp_header check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35891",
"url": "https://www.suse.com/security/cve/CVE-2024-35891"
},
{
"category": "external",
"summary": "SUSE Bug 1224513 for CVE-2024-35891",
"url": "https://bugzilla.suse.com/1224513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35891"
},
{
"cve": "CVE-2024-35892",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35892"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: fix lockdep splat in qdisc_tree_reduce_backlog()\n\nqdisc_tree_reduce_backlog() is called with the qdisc lock held,\nnot RTNL.\n\nWe must use qdisc_lookup_rcu() instead of qdisc_lookup()\n\nsyzbot reported:\n\nWARNING: suspicious RCU usage\n6.1.74-syzkaller #0 Not tainted\n-----------------------------\nnet/sched/sch_api.c:305 suspicious rcu_dereference_protected() usage!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n3 locks held by udevd/1142:\n #0: ffffffff87c729a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:306 [inline]\n #0: ffffffff87c729a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:747 [inline]\n #0: ffffffff87c729a0 (rcu_read_lock){....}-{1:2}, at: net_tx_action+0x64a/0x970 net/core/dev.c:5282\n #1: ffff888171861108 (\u0026sch-\u003eq.lock){+.-.}-{2:2}, at: spin_lock include/linux/spinlock.h:350 [inline]\n #1: ffff888171861108 (\u0026sch-\u003eq.lock){+.-.}-{2:2}, at: net_tx_action+0x754/0x970 net/core/dev.c:5297\n #2: ffffffff87c729a0 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire include/linux/rcupdate.h:306 [inline]\n #2: ffffffff87c729a0 (rcu_read_lock){....}-{1:2}, at: rcu_read_lock include/linux/rcupdate.h:747 [inline]\n #2: ffffffff87c729a0 (rcu_read_lock){....}-{1:2}, at: qdisc_tree_reduce_backlog+0x84/0x580 net/sched/sch_api.c:792\n\nstack backtrace:\nCPU: 1 PID: 1142 Comm: udevd Not tainted 6.1.74-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024\nCall Trace:\n \u003cTASK\u003e\n [\u003cffffffff85b85f14\u003e] __dump_stack lib/dump_stack.c:88 [inline]\n [\u003cffffffff85b85f14\u003e] dump_stack_lvl+0x1b1/0x28f lib/dump_stack.c:106\n [\u003cffffffff85b86007\u003e] dump_stack+0x15/0x1e lib/dump_stack.c:113\n [\u003cffffffff81802299\u003e] lockdep_rcu_suspicious+0x1b9/0x260 kernel/locking/lockdep.c:6592\n [\u003cffffffff84f0054c\u003e] qdisc_lookup+0xac/0x6f0 net/sched/sch_api.c:305\n [\u003cffffffff84f037c3\u003e] qdisc_tree_reduce_backlog+0x243/0x580 net/sched/sch_api.c:811\n [\u003cffffffff84f5b78c\u003e] pfifo_tail_enqueue+0x32c/0x4b0 net/sched/sch_fifo.c:51\n [\u003cffffffff84fbcf63\u003e] qdisc_enqueue include/net/sch_generic.h:833 [inline]\n [\u003cffffffff84fbcf63\u003e] netem_dequeue+0xeb3/0x15d0 net/sched/sch_netem.c:723\n [\u003cffffffff84eecab9\u003e] dequeue_skb net/sched/sch_generic.c:292 [inline]\n [\u003cffffffff84eecab9\u003e] qdisc_restart net/sched/sch_generic.c:397 [inline]\n [\u003cffffffff84eecab9\u003e] __qdisc_run+0x249/0x1e60 net/sched/sch_generic.c:415\n [\u003cffffffff84d7aa96\u003e] qdisc_run+0xd6/0x260 include/net/pkt_sched.h:125\n [\u003cffffffff84d85d29\u003e] net_tx_action+0x7c9/0x970 net/core/dev.c:5313\n [\u003cffffffff85e002bd\u003e] __do_softirq+0x2bd/0x9bd kernel/softirq.c:616\n [\u003cffffffff81568bca\u003e] invoke_softirq kernel/softirq.c:447 [inline]\n [\u003cffffffff81568bca\u003e] __irq_exit_rcu+0xca/0x230 kernel/softirq.c:700\n [\u003cffffffff81568ae9\u003e] irq_exit_rcu+0x9/0x20 kernel/softirq.c:712\n [\u003cffffffff85b89f52\u003e] sysvec_apic_timer_interrupt+0x42/0x90 arch/x86/kernel/apic/apic.c:1107\n [\u003cffffffff85c00ccb\u003e] asm_sysvec_apic_timer_interrupt+0x1b/0x20 arch/x86/include/asm/idtentry.h:656",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35892",
"url": "https://www.suse.com/security/cve/CVE-2024-35892"
},
{
"category": "external",
"summary": "SUSE Bug 1224515 for CVE-2024-35892",
"url": "https://bugzilla.suse.com/1224515"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35892"
},
{
"cve": "CVE-2024-35893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35893"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_skbmod: prevent kernel-infoleak\n\nsyzbot found that tcf_skbmod_dump() was copying four bytes\nfrom kernel stack to user space [1].\n\nThe issue here is that \u0027struct tc_skbmod\u0027 has a four bytes hole.\n\nWe need to clear the structure before filling fields.\n\n[1]\nBUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in copy_to_user_iter lib/iov_iter.c:24 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_ubuf include/linux/iov_iter.h:29 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n BUG: KMSAN: kernel-infoleak in iterate_and_advance include/linux/iov_iter.h:271 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x366/0x2520 lib/iov_iter.c:185\n copy_to_iter include/linux/uio.h:196 [inline]\n simple_copy_to_iter net/core/datagram.c:532 [inline]\n __skb_datagram_iter+0x185/0x1000 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:4050 [inline]\n netlink_recvmsg+0x432/0x1610 net/netlink/af_netlink.c:1962\n sock_recvmsg_nosec net/socket.c:1046 [inline]\n sock_recvmsg+0x2c4/0x340 net/socket.c:1068\n __sys_recvfrom+0x35a/0x5f0 net/socket.c:2242\n __do_sys_recvfrom net/socket.c:2260 [inline]\n __se_sys_recvfrom net/socket.c:2256 [inline]\n __x64_sys_recvfrom+0x126/0x1d0 net/socket.c:2256\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n pskb_expand_head+0x30f/0x19d0 net/core/skbuff.c:2253\n netlink_trim+0x2c2/0x330 net/netlink/af_netlink.c:1317\n netlink_unicast+0x9f/0x1260 net/netlink/af_netlink.c:1351\n nlmsg_unicast include/net/netlink.h:1144 [inline]\n nlmsg_notify+0x21d/0x2f0 net/netlink/af_netlink.c:2610\n rtnetlink_send+0x73/0x90 net/core/rtnetlink.c:741\n rtnetlink_maybe_send include/linux/rtnetlink.h:17 [inline]\n tcf_add_notify net/sched/act_api.c:2048 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x146e/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netlink.c:2559\n rtnetlink_rcv+0x34/0x40 net/core/rtnetlink.c:6613\n netlink_unicast_kernel net/netlink/af_netlink.c:1335 [inline]\n netlink_unicast+0xf4c/0x1260 net/netlink/af_netlink.c:1361\n netlink_sendmsg+0x10df/0x11f0 net/netlink/af_netlink.c:1905\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n ____sys_sendmsg+0x877/0xb60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x4a0 net/socket.c:2674\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was stored to memory at:\n __nla_put lib/nlattr.c:1041 [inline]\n nla_put+0x1c6/0x230 lib/nlattr.c:1099\n tcf_skbmod_dump+0x23f/0xc20 net/sched/act_skbmod.c:256\n tcf_action_dump_old net/sched/act_api.c:1191 [inline]\n tcf_action_dump_1+0x85e/0x970 net/sched/act_api.c:1227\n tcf_action_dump+0x1fd/0x460 net/sched/act_api.c:1251\n tca_get_fill+0x519/0x7a0 net/sched/act_api.c:1628\n tcf_add_notify_msg net/sched/act_api.c:2023 [inline]\n tcf_add_notify net/sched/act_api.c:2042 [inline]\n tcf_action_add net/sched/act_api.c:2071 [inline]\n tc_ctl_action+0x1365/0x19d0 net/sched/act_api.c:2119\n rtnetlink_rcv_msg+0x1737/0x1900 net/core/rtnetlink.c:6595\n netlink_rcv_skb+0x375/0x650 net/netlink/af_netli\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35893",
"url": "https://www.suse.com/security/cve/CVE-2024-35893"
},
{
"category": "external",
"summary": "SUSE Bug 1224512 for CVE-2024-35893",
"url": "https://bugzilla.suse.com/1224512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35893"
},
{
"cve": "CVE-2024-35895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Prevent lock inversion deadlock in map delete elem\n\nsyzkaller started using corpuses where a BPF tracing program deletes\nelements from a sockmap/sockhash map. Because BPF tracing programs can be\ninvoked from any interrupt context, locks taken during a map_delete_elem\noperation must be hardirq-safe. Otherwise a deadlock due to lock inversion\nis possible, as reported by lockdep:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026htab-\u003ebuckets[i].lock);\n local_irq_disable();\n lock(\u0026host-\u003elock);\n lock(\u0026htab-\u003ebuckets[i].lock);\n \u003cInterrupt\u003e\n lock(\u0026host-\u003elock);\n\nLocks in sockmap are hardirq-unsafe by design. We expects elements to be\ndeleted from sockmap/sockhash only in task (normal) context with interrupts\nenabled, or in softirq context.\n\nDetect when map_delete_elem operation is invoked from a context which is\n_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an\nerror.\n\nNote that map updates are not affected by this issue. BPF verifier does not\nallow updating sockmap/sockhash from a BPF tracing program today.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35895",
"url": "https://www.suse.com/security/cve/CVE-2024-35895"
},
{
"category": "external",
"summary": "SUSE Bug 1224511 for CVE-2024-35895",
"url": "https://bugzilla.suse.com/1224511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35896"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: validate user input for expected length\n\nI got multiple syzbot reports showing old bugs exposed\nby BPF after commit 20f2505fb436 (\"bpf: Try to avoid kzalloc\nin cgroup/{s,g}etsockopt\")\n\nsetsockopt() @optlen argument should be taken into account\nbefore copying data.\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n BUG: KASAN: slab-out-of-bounds in do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\nRead of size 96 at addr ffff88802cd73da0 by task syz-executor.4/7238\n\nCPU: 1 PID: 7238 Comm: syz-executor.4 Not tainted 6.9.0-rc2-next-20240403-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n kasan_check_range+0x282/0x290 mm/kasan/generic.c:189\n __asan_memcpy+0x29/0x70 mm/kasan/shadow.c:105\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n do_replace net/ipv4/netfilter/ip_tables.c:1111 [inline]\n do_ipt_set_ctl+0x902/0x3dd0 net/ipv4/netfilter/ip_tables.c:1627\n nf_setsockopt+0x295/0x2c0 net/netfilter/nf_sockopt.c:101\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\nRIP: 0033:0x7fd22067dde9\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fd21f9ff0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fd2207abf80 RCX: 00007fd22067dde9\nRDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000003\nRBP: 00007fd2206ca47a R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000020000880 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fd2207abf80 R15: 00007ffd2d0170d8\n \u003c/TASK\u003e\n\nAllocated by task 7238:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:4069 [inline]\n __kmalloc_noprof+0x200/0x410 mm/slub.c:4082\n kmalloc_noprof include/linux/slab.h:664 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd47/0x1050 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x72/0x7a\n\nThe buggy address belongs to the object at ffff88802cd73da0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 0 bytes inside of\n allocated 1-byte region [ffff88802cd73da0, ffff88802cd73da1)\n\nThe buggy address belongs to the physical page:\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88802cd73020 pfn:0x2cd73\nflags: 0xfff80000000000(node=0|zone=1|lastcpupid=0xfff)\npage_type: 0xffffefff(slab)\nraw: 00fff80000000000 ffff888015041280 dead000000000100 dead000000000122\nraw: ffff88802cd73020 000000008080007f 00000001ffffefff 00\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35896",
"url": "https://www.suse.com/security/cve/CVE-2024-35896"
},
{
"category": "external",
"summary": "SUSE Bug 1224662 for CVE-2024-35896",
"url": "https://bugzilla.suse.com/1224662"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35896"
},
{
"cve": "CVE-2024-35898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()\n\nnft_unregister_flowtable_type() within nf_flow_inet_module_exit() can\nconcurrent with __nft_flowtable_type_get() within nf_tables_newflowtable().\nAnd thhere is not any protection when iterate over nf_tables_flowtables\nlist in __nft_flowtable_type_get(). Therefore, there is pertential\ndata-race of nf_tables_flowtables list entry.\n\nUse list_for_each_entry_rcu() to iterate over nf_tables_flowtables list\nin __nft_flowtable_type_get(), and use rcu_read_lock() in the caller\nnft_flowtable_type_get() to protect the entire type query process.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35898",
"url": "https://www.suse.com/security/cve/CVE-2024-35898"
},
{
"category": "external",
"summary": "SUSE Bug 1224498 for CVE-2024-35898",
"url": "https://bugzilla.suse.com/1224498"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35898"
},
{
"cve": "CVE-2024-35899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: flush pending destroy work before exit_net release\n\nSimilar to 2c9f0293280e (\"netfilter: nf_tables: flush pending destroy\nwork before netlink notifier\") to address a race between exit_net and\nthe destroy workqueue.\n\nThe trace below shows an element to be released via destroy workqueue\nwhile exit_net path (triggered via module removal) has already released\nthe set that is used in such transaction.\n\n[ 1360.547789] BUG: KASAN: slab-use-after-free in nf_tables_trans_destroy_work+0x3f5/0x590 [nf_tables]\n[ 1360.547861] Read of size 8 at addr ffff888140500cc0 by task kworker/4:1/152465\n[ 1360.547870] CPU: 4 PID: 152465 Comm: kworker/4:1 Not tainted 6.8.0+ #359\n[ 1360.547882] Workqueue: events nf_tables_trans_destroy_work [nf_tables]\n[ 1360.547984] Call Trace:\n[ 1360.547991] \u003cTASK\u003e\n[ 1360.547998] dump_stack_lvl+0x53/0x70\n[ 1360.548014] print_report+0xc4/0x610\n[ 1360.548026] ? __virt_addr_valid+0xba/0x160\n[ 1360.548040] ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n[ 1360.548054] ? nf_tables_trans_destroy_work+0x3f5/0x590 [nf_tables]\n[ 1360.548176] kasan_report+0xae/0xe0\n[ 1360.548189] ? nf_tables_trans_destroy_work+0x3f5/0x590 [nf_tables]\n[ 1360.548312] nf_tables_trans_destroy_work+0x3f5/0x590 [nf_tables]\n[ 1360.548447] ? __pfx_nf_tables_trans_destroy_work+0x10/0x10 [nf_tables]\n[ 1360.548577] ? _raw_spin_unlock_irq+0x18/0x30\n[ 1360.548591] process_one_work+0x2f1/0x670\n[ 1360.548610] worker_thread+0x4d3/0x760\n[ 1360.548627] ? __pfx_worker_thread+0x10/0x10\n[ 1360.548640] kthread+0x16b/0x1b0\n[ 1360.548653] ? __pfx_kthread+0x10/0x10\n[ 1360.548665] ret_from_fork+0x2f/0x50\n[ 1360.548679] ? __pfx_kthread+0x10/0x10\n[ 1360.548690] ret_from_fork_asm+0x1a/0x30\n[ 1360.548707] \u003c/TASK\u003e\n\n[ 1360.548719] Allocated by task 192061:\n[ 1360.548726] kasan_save_stack+0x20/0x40\n[ 1360.548739] kasan_save_track+0x14/0x30\n[ 1360.548750] __kasan_kmalloc+0x8f/0xa0\n[ 1360.548760] __kmalloc_node+0x1f1/0x450\n[ 1360.548771] nf_tables_newset+0x10c7/0x1b50 [nf_tables]\n[ 1360.548883] nfnetlink_rcv_batch+0xbc4/0xdc0 [nfnetlink]\n[ 1360.548909] nfnetlink_rcv+0x1a8/0x1e0 [nfnetlink]\n[ 1360.548927] netlink_unicast+0x367/0x4f0\n[ 1360.548935] netlink_sendmsg+0x34b/0x610\n[ 1360.548944] ____sys_sendmsg+0x4d4/0x510\n[ 1360.548953] ___sys_sendmsg+0xc9/0x120\n[ 1360.548961] __sys_sendmsg+0xbe/0x140\n[ 1360.548971] do_syscall_64+0x55/0x120\n[ 1360.548982] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n\n[ 1360.548994] Freed by task 192222:\n[ 1360.548999] kasan_save_stack+0x20/0x40\n[ 1360.549009] kasan_save_track+0x14/0x30\n[ 1360.549019] kasan_save_free_info+0x3b/0x60\n[ 1360.549028] poison_slab_object+0x100/0x180\n[ 1360.549036] __kasan_slab_free+0x14/0x30\n[ 1360.549042] kfree+0xb6/0x260\n[ 1360.549049] __nft_release_table+0x473/0x6a0 [nf_tables]\n[ 1360.549131] nf_tables_exit_net+0x170/0x240 [nf_tables]\n[ 1360.549221] ops_exit_list+0x50/0xa0\n[ 1360.549229] free_exit_list+0x101/0x140\n[ 1360.549236] unregister_pernet_operations+0x107/0x160\n[ 1360.549245] unregister_pernet_subsys+0x1c/0x30\n[ 1360.549254] nf_tables_module_exit+0x43/0x80 [nf_tables]\n[ 1360.549345] __do_sys_delete_module+0x253/0x370\n[ 1360.549352] do_syscall_64+0x55/0x120\n[ 1360.549360] entry_SYSCALL_64_after_hwframe+0x55/0x5d\n\n(gdb) list *__nft_release_table+0x473\n0x1e033 is in __nft_release_table (net/netfilter/nf_tables_api.c:11354).\n11349 list_for_each_entry_safe(flowtable, nf, \u0026table-\u003eflowtables, list) {\n11350 list_del(\u0026flowtable-\u003elist);\n11351 nft_use_dec(\u0026table-\u003euse);\n11352 nf_tables_flowtable_destroy(flowtable);\n11353 }\n11354 list_for_each_entry_safe(set, ns, \u0026table-\u003esets, list) {\n11355 list_del(\u0026set-\u003elist);\n11356 nft_use_dec(\u0026table-\u003euse);\n11357 if (set-\u003eflags \u0026 (NFT_SET_MAP | NFT_SET_OBJECT))\n11358 nft_map_deactivat\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35899",
"url": "https://www.suse.com/security/cve/CVE-2024-35899"
},
{
"category": "external",
"summary": "SUSE Bug 1224499 for CVE-2024-35899",
"url": "https://bugzilla.suse.com/1224499"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35899"
},
{
"cve": "CVE-2024-35900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject new basechain after table flag update\n\nWhen dormant flag is toggled, hooks are disabled in the commit phase by\niterating over current chains in table (existing and new).\n\nThe following configuration allows for an inconsistent state:\n\n add table x\n add chain x y { type filter hook input priority 0; }\n add table x { flags dormant; }\n add chain x w { type filter hook input priority 1; }\n\nwhich triggers the following warning when trying to unregister chain w\nwhich is already unregistered.\n\n[ 127.322252] WARNING: CPU: 7 PID: 1211 at net/netfilter/core.c:50 1 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[ 127.322519] Call Trace:\n[ 127.322521] \u003cTASK\u003e\n[ 127.322524] ? __warn+0x9f/0x1a0\n[ 127.322531] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322537] ? report_bug+0x1b1/0x1e0\n[ 127.322545] ? handle_bug+0x3c/0x70\n[ 127.322552] ? exc_invalid_op+0x17/0x40\n[ 127.322556] ? asm_exc_invalid_op+0x1a/0x20\n[ 127.322563] ? kasan_save_free_info+0x3b/0x60\n[ 127.322570] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322577] ? __nf_unregister_net_hook+0x21a/0x260\n[ 127.322583] ? __nf_unregister_net_hook+0x6a/0x260\n[ 127.322590] ? __nf_tables_unregister_hook+0x8a/0xe0 [nf_tables]\n[ 127.322655] nft_table_disable+0x75/0xf0 [nf_tables]\n[ 127.322717] nf_tables_commit+0x2571/0x2620 [nf_tables]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35900",
"url": "https://www.suse.com/security/cve/CVE-2024-35900"
},
{
"category": "external",
"summary": "SUSE Bug 1224497 for CVE-2024-35900",
"url": "https://bugzilla.suse.com/1224497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35900"
},
{
"cve": "CVE-2024-35901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix Rx DMA datasize and skb_over_panic\n\nmana_get_rxbuf_cfg() aligns the RX buffer\u0027s DMA datasize to be\nmultiple of 64. So a packet slightly bigger than mtu+14, say 1536,\ncan be received and cause skb_over_panic.\n\nSample dmesg:\n[ 5325.237162] skbuff: skb_over_panic: text:ffffffffc043277a len:1536 put:1536 head:ff1100018b517000 data:ff1100018b517100 tail:0x700 end:0x6ea dev:\u003cNULL\u003e\n[ 5325.243689] ------------[ cut here ]------------\n[ 5325.245748] kernel BUG at net/core/skbuff.c:192!\n[ 5325.247838] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n[ 5325.258374] RIP: 0010:skb_panic+0x4f/0x60\n[ 5325.302941] Call Trace:\n[ 5325.304389] \u003cIRQ\u003e\n[ 5325.315794] ? skb_panic+0x4f/0x60\n[ 5325.317457] ? asm_exc_invalid_op+0x1f/0x30\n[ 5325.319490] ? skb_panic+0x4f/0x60\n[ 5325.321161] skb_put+0x4e/0x50\n[ 5325.322670] mana_poll+0x6fa/0xb50 [mana]\n[ 5325.324578] __napi_poll+0x33/0x1e0\n[ 5325.326328] net_rx_action+0x12e/0x280\n\nAs discussed internally, this alignment is not necessary. To fix\nthis bug, remove it from the code. So oversized packets will be\nmarked as CQE_RX_TRUNCATED by NIC, and dropped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35901",
"url": "https://www.suse.com/security/cve/CVE-2024-35901"
},
{
"category": "external",
"summary": "SUSE Bug 1224495 for CVE-2024-35901",
"url": "https://bugzilla.suse.com/1224495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35901"
},
{
"cve": "CVE-2024-35903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/bpf: Fix IP after emitting call depth accounting\n\nAdjust the IP passed to `emit_patch` so it calculates the correct offset\nfor the CALL instruction if `x86_call_depth_emit_accounting` emits code.\nOtherwise we will skip some instructions and most likely crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35903",
"url": "https://www.suse.com/security/cve/CVE-2024-35903"
},
{
"category": "external",
"summary": "SUSE Bug 1224493 for CVE-2024-35903",
"url": "https://bugzilla.suse.com/1224493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35903"
},
{
"cve": "CVE-2024-35904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: avoid dereference of garbage after mount failure\n\nIn case kern_mount() fails and returns an error pointer return in the\nerror branch instead of continuing and dereferencing the error pointer.\n\nWhile on it drop the never read static variable selinuxfs_mount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35904",
"url": "https://www.suse.com/security/cve/CVE-2024-35904"
},
{
"category": "external",
"summary": "SUSE Bug 1224494 for CVE-2024-35904",
"url": "https://bugzilla.suse.com/1224494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35904"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35907"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxbf_gige: call request_irq() after NAPI initialized\n\nThe mlxbf_gige driver encounters a NULL pointer exception in\nmlxbf_gige_open() when kdump is enabled. The sequence to reproduce\nthe exception is as follows:\na) enable kdump\nb) trigger kdump via \"echo c \u003e /proc/sysrq-trigger\"\nc) kdump kernel executes\nd) kdump kernel loads mlxbf_gige module\ne) the mlxbf_gige module runs its open() as the\n the \"oob_net0\" interface is brought up\nf) mlxbf_gige module will experience an exception\n during its open(), something like:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000086000004\n EC = 0x21: IABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000000e29a4000\n [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n Internal error: Oops: 0000000086000004 [#1] SMP\n CPU: 0 PID: 812 Comm: NetworkManager Tainted: G OE 5.15.0-1035-bluefield #37-Ubuntu\n Hardware name: https://www.mellanox.com BlueField-3 SmartNIC Main Card/BlueField-3 SmartNIC Main Card, BIOS 4.6.0.13024 Jan 19 2024\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0x0\n lr : __napi_poll+0x40/0x230\n sp : ffff800008003e00\n x29: ffff800008003e00 x28: 0000000000000000 x27: 00000000ffffffff\n x26: ffff000066027238 x25: ffff00007cedec00 x24: ffff800008003ec8\n x23: 000000000000012c x22: ffff800008003eb7 x21: 0000000000000000\n x20: 0000000000000001 x19: ffff000066027238 x18: 0000000000000000\n x17: ffff578fcb450000 x16: ffffa870b083c7c0 x15: 0000aaab010441d0\n x14: 0000000000000001 x13: 00726f7272655f65 x12: 6769675f6662786c\n x11: 0000000000000000 x10: 0000000000000000 x9 : ffffa870b0842398\n x8 : 0000000000000004 x7 : fe5a48b9069706ea x6 : 17fdb11fc84ae0d2\n x5 : d94a82549d594f35 x4 : 0000000000000000 x3 : 0000000000400100\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000066027238\n Call trace:\n 0x0\n net_rx_action+0x178/0x360\n __do_softirq+0x15c/0x428\n __irq_exit_rcu+0xac/0xec\n irq_exit+0x18/0x2c\n handle_domain_irq+0x6c/0xa0\n gic_handle_irq+0xec/0x1b0\n call_on_irq_stack+0x20/0x2c\n do_interrupt_handler+0x5c/0x70\n el1_interrupt+0x30/0x50\n el1h_64_irq_handler+0x18/0x2c\n el1h_64_irq+0x7c/0x80\n __setup_irq+0x4c0/0x950\n request_threaded_irq+0xf4/0x1bc\n mlxbf_gige_request_irqs+0x68/0x110 [mlxbf_gige]\n mlxbf_gige_open+0x5c/0x170 [mlxbf_gige]\n __dev_open+0x100/0x220\n __dev_change_flags+0x16c/0x1f0\n dev_change_flags+0x2c/0x70\n do_setlink+0x220/0xa40\n __rtnl_newlink+0x56c/0x8a0\n rtnl_newlink+0x58/0x84\n rtnetlink_rcv_msg+0x138/0x3c4\n netlink_rcv_skb+0x64/0x130\n rtnetlink_rcv+0x20/0x30\n netlink_unicast+0x2ec/0x360\n netlink_sendmsg+0x278/0x490\n __sock_sendmsg+0x5c/0x6c\n ____sys_sendmsg+0x290/0x2d4\n ___sys_sendmsg+0x84/0xd0\n __sys_sendmsg+0x70/0xd0\n __arm64_sys_sendmsg+0x2c/0x40\n invoke_syscall+0x78/0x100\n el0_svc_common.constprop.0+0x54/0x184\n do_el0_svc+0x30/0xac\n el0_svc+0x48/0x160\n el0t_64_sync_handler+0xa4/0x12c\n el0t_64_sync+0x1a4/0x1a8\n Code: bad PC value\n ---[ end trace 7d1c3f3bf9d81885 ]---\n Kernel panic - not syncing: Oops: Fatal exception in interrupt\n Kernel Offset: 0x2870a7a00000 from 0xffff800008000000\n PHYS_OFFSET: 0x80000000\n CPU features: 0x0,000005c1,a3332a5a\n Memory Limit: none\n ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nThe exception happens because there is a pending RX interrupt before the\ncall to request_irq(RX IRQ) executes. Then, the RX IRQ handler fires\nimmediately after this request_irq() completes. The\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35907",
"url": "https://www.suse.com/security/cve/CVE-2024-35907"
},
{
"category": "external",
"summary": "SUSE Bug 1224492 for CVE-2024-35907",
"url": "https://bugzilla.suse.com/1224492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35907"
},
{
"cve": "CVE-2024-35908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntls: get psock ref after taking rxlock to avoid leak\n\nAt the start of tls_sw_recvmsg, we take a reference on the psock, and\nthen call tls_rx_reader_lock. If that fails, we return directly\nwithout releasing the reference.\n\nInstead of adding a new label, just take the reference after locking\nhas succeeded, since we don\u0027t need it before.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35908",
"url": "https://www.suse.com/security/cve/CVE-2024-35908"
},
{
"category": "external",
"summary": "SUSE Bug 1224490 for CVE-2024-35908",
"url": "https://bugzilla.suse.com/1224490"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35908"
},
{
"cve": "CVE-2024-35909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: t7xx: Split 64bit accesses to fix alignment issues\n\nSome of the registers are aligned on a 32bit boundary, causing\nalignment faults on 64bit platforms.\n\n Unable to handle kernel paging request at virtual address ffffffc084a1d004\n Mem abort info:\n ESR = 0x0000000096000061\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x21: alignment fault\n Data abort info:\n ISV = 0, ISS = 0x00000061, ISS2 = 0x00000000\n CM = 0, WnR = 1, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000046ad6000\n [ffffffc084a1d004] pgd=100000013ffff003, p4d=100000013ffff003, pud=100000013ffff003, pmd=0068000020a00711\n Internal error: Oops: 0000000096000061 [#1] SMP\n Modules linked in: mtk_t7xx(+) qcserial pppoe ppp_async option nft_fib_inet nf_flow_table_inet mt7921u(O) mt7921s(O) mt7921e(O) mt7921_common(O) iwlmvm(O) iwldvm(O) usb_wwan rndis_host qmi_wwan pppox ppp_generic nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir nft_quota nft_numgen nft_nat nft_masq nft_log nft_limit nft_hash nft_flow_offload nft_fib_ipv6 nft_fib_ipv4 nft_fib nft_ct nft_chain_nat nf_tables nf_nat nf_flow_table nf_conntrack mt7996e(O) mt792x_usb(O) mt792x_lib(O) mt7915e(O) mt76_usb(O) mt76_sdio(O) mt76_connac_lib(O) mt76(O) mac80211(O) iwlwifi(O) huawei_cdc_ncm cfg80211(O) cdc_ncm cdc_ether wwan usbserial usbnet slhc sfp rtc_pcf8563 nfnetlink nf_reject_ipv6 nf_reject_ipv4 nf_log_syslog nf_defrag_ipv6 nf_defrag_ipv4 mt6577_auxadc mdio_i2c libcrc32c compat(O) cdc_wdm cdc_acm at24 crypto_safexcel pwm_fan i2c_gpio i2c_smbus industrialio i2c_algo_bit i2c_mux_reg i2c_mux_pca954x i2c_mux_pca9541 i2c_mux_gpio i2c_mux dummy oid_registry tun sha512_arm64 sha1_ce sha1_generic seqiv\n md5 geniv des_generic libdes cbc authencesn authenc leds_gpio xhci_plat_hcd xhci_pci xhci_mtk_hcd xhci_hcd nvme nvme_core gpio_button_hotplug(O) dm_mirror dm_region_hash dm_log dm_crypt dm_mod dax usbcore usb_common ptp aquantia pps_core mii tpm encrypted_keys trusted\n CPU: 3 PID: 5266 Comm: kworker/u9:1 Tainted: G O 6.6.22 #0\n Hardware name: Bananapi BPI-R4 (DT)\n Workqueue: md_hk_wq t7xx_fsm_uninit [mtk_t7xx]\n pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : t7xx_cldma_hw_set_start_addr+0x1c/0x3c [mtk_t7xx]\n lr : t7xx_cldma_start+0xac/0x13c [mtk_t7xx]\n sp : ffffffc085d63d30\n x29: ffffffc085d63d30 x28: 0000000000000000 x27: 0000000000000000\n x26: 0000000000000000 x25: ffffff80c804f2c0 x24: ffffff80ca196c05\n x23: 0000000000000000 x22: ffffff80c814b9b8 x21: ffffff80c814b128\n x20: 0000000000000001 x19: ffffff80c814b080 x18: 0000000000000014\n x17: 0000000055c9806b x16: 000000007c5296d0 x15: 000000000f6bca68\n x14: 00000000dbdbdce4 x13: 000000001aeaf72a x12: 0000000000000001\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : ffffff80ca1ef6b4 x7 : ffffff80c814b818 x6 : 0000000000000018\n x5 : 0000000000000870 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 000000010a947000 x1 : ffffffc084a1d004 x0 : ffffffc084a1d004\n Call trace:\n t7xx_cldma_hw_set_start_addr+0x1c/0x3c [mtk_t7xx]\n t7xx_fsm_uninit+0x578/0x5ec [mtk_t7xx]\n process_one_work+0x154/0x2a0\n worker_thread+0x2ac/0x488\n kthread+0xe0/0xec\n ret_from_fork+0x10/0x20\n Code: f9400800 91001000 8b214001 d50332bf (f9000022)\n ---[ end trace 0000000000000000 ]---\n\nThe inclusion of io-64-nonatomic-lo-hi.h indicates that all 64bit\naccesses can be replaced by pairs of nonatomic 32bit access. Fix\nalignment by forcing all accesses to be 32bit on 64bit platforms.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35909",
"url": "https://www.suse.com/security/cve/CVE-2024-35909"
},
{
"category": "external",
"summary": "SUSE Bug 1224491 for CVE-2024-35909",
"url": "https://bugzilla.suse.com/1224491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35909"
},
{
"cve": "CVE-2024-35911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory corruption bug with suspend and rebuild\n\nThe ice driver would previously panic after suspend. This is caused\nfrom the driver *only* calling the ice_vsi_free_q_vectors() function by\nitself, when it is suspending. Since commit b3e7b3a6ee92 (\"ice: prevent\nNULL pointer deref during reload\") the driver has zeroed out\nnum_q_vectors, and only restored it in ice_vsi_cfg_def().\n\nThis further causes the ice_rebuild() function to allocate a zero length\nbuffer, after which num_q_vectors is updated, and then the new value of\nnum_q_vectors is used to index into the zero length buffer, which\ncorrupts memory.\n\nThe fix entails making sure all the code referencing num_q_vectors only\ndoes so after it has been reset via ice_vsi_cfg_def().\n\nI didn\u0027t perform a full bisect, but I was able to test against 6.1.77\nkernel and that ice driver works fine for suspend/resume with no panic,\nso sometime since then, this problem was introduced.\n\nAlso clean up an un-needed init of a local variable in the function\nbeing modified.\n\nPANIC from 6.8.0-rc1:\n\n[1026674.915596] PM: suspend exit\n[1026675.664697] ice 0000:17:00.1: PTP reset successful\n[1026675.664707] ice 0000:17:00.1: 2755 msecs passed between update to cached PHC time\n[1026675.667660] ice 0000:b1:00.0: PTP reset successful\n[1026675.675944] ice 0000:b1:00.0: 2832 msecs passed between update to cached PHC time\n[1026677.137733] ixgbe 0000:31:00.0 ens787: NIC Link is Up 1 Gbps, Flow Control: None\n[1026677.190201] BUG: kernel NULL pointer dereference, address: 0000000000000010\n[1026677.192753] ice 0000:17:00.0: PTP reset successful\n[1026677.192764] ice 0000:17:00.0: 4548 msecs passed between update to cached PHC time\n[1026677.197928] #PF: supervisor read access in kernel mode\n[1026677.197933] #PF: error_code(0x0000) - not-present page\n[1026677.197937] PGD 1557a7067 P4D 0\n[1026677.212133] ice 0000:b1:00.1: PTP reset successful\n[1026677.212143] ice 0000:b1:00.1: 4344 msecs passed between update to cached PHC time\n[1026677.212575]\n[1026677.243142] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[1026677.247918] CPU: 23 PID: 42790 Comm: kworker/23:0 Kdump: loaded Tainted: G W 6.8.0-rc1+ #1\n[1026677.257989] Hardware name: Intel Corporation M50CYP2SBSTD/M50CYP2SBSTD, BIOS SE5C620.86B.01.01.0005.2202160810 02/16/2022\n[1026677.269367] Workqueue: ice ice_service_task [ice]\n[1026677.274592] RIP: 0010:ice_vsi_rebuild_set_coalesce+0x130/0x1e0 [ice]\n[1026677.281421] Code: 0f 84 3a ff ff ff 41 0f b7 74 ec 02 66 89 b0 22 02 00 00 81 e6 ff 1f 00 00 e8 ec fd ff ff e9 35 ff ff ff 48 8b 43 30 49 63 ed \u003c41\u003e 0f b7 34 24 41 83 c5 01 48 8b 3c e8 66 89 b7 aa 02 00 00 81 e6\n[1026677.300877] RSP: 0018:ff3be62a6399bcc0 EFLAGS: 00010202\n[1026677.306556] RAX: ff28691e28980828 RBX: ff28691e41099828 RCX: 0000000000188000\n[1026677.314148] RDX: 0000000000000000 RSI: 0000000000000010 RDI: ff28691e41099828\n[1026677.321730] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n[1026677.329311] R10: 0000000000000007 R11: ffffffffffffffc0 R12: 0000000000000010\n[1026677.336896] R13: 0000000000000000 R14: 0000000000000000 R15: ff28691e0eaa81a0\n[1026677.344472] FS: 0000000000000000(0000) GS:ff28693cbffc0000(0000) knlGS:0000000000000000\n[1026677.353000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1026677.359195] CR2: 0000000000000010 CR3: 0000000128df4001 CR4: 0000000000771ef0\n[1026677.366779] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[1026677.374369] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[1026677.381952] PKRU: 55555554\n[1026677.385116] Call Trace:\n[1026677.388023] \u003cTASK\u003e\n[1026677.390589] ? __die+0x20/0x70\n[1026677.394105] ? page_fault_oops+0x82/0x160\n[1026677.398576] ? do_user_addr_fault+0x65/0x6a0\n[1026677.403307] ? exc_page_fault+0x6a/0x150\n[1026677.407694] ? asm_exc_page_fault+0x22/0x30\n[1026677.412349] ? ice_vsi_rebuild_set_coalesce+0x130/0x1e0 [ice]\n[1026677.4186\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35911",
"url": "https://www.suse.com/security/cve/CVE-2024-35911"
},
{
"category": "external",
"summary": "SUSE Bug 1224486 for CVE-2024-35911",
"url": "https://bugzilla.suse.com/1224486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35911"
},
{
"cve": "CVE-2024-35912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: rfi: fix potential response leaks\n\nIf the rx payload length check fails, or if kmemdup() fails,\nwe still need to free the command response. Fix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35912",
"url": "https://www.suse.com/security/cve/CVE-2024-35912"
},
{
"category": "external",
"summary": "SUSE Bug 1224487 for CVE-2024-35912",
"url": "https://bugzilla.suse.com/1224487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35912"
},
{
"cve": "CVE-2024-35914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix error cleanup path in nfsd_rename()\n\nCommit a8b0026847b8 (\"rename(): avoid a deadlock in the case of parents\nhaving no common ancestor\") added an error bail out path. However this\npath does not drop the remount protection that has been acquired. Fix\nthe cleanup path to properly drop the remount protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35914",
"url": "https://www.suse.com/security/cve/CVE-2024-35914"
},
{
"category": "external",
"summary": "SUSE Bug 1224482 for CVE-2024-35914",
"url": "https://bugzilla.suse.com/1224482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35914"
},
{
"cve": "CVE-2024-35915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet\n\nsyzbot reported the following uninit-value access issue [1][2]:\n\nnci_rx_work() parses and processes received packet. When the payload\nlength is zero, each message type handler reads uninitialized payload\nand KMSAN detects this issue. The receipt of a packet with a zero-size\npayload is considered unexpected, and therefore, such packets should be\nsilently discarded.\n\nThis patch resolved this issue by checking payload size before calling\neach message type handler codes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35915",
"url": "https://www.suse.com/security/cve/CVE-2024-35915"
},
{
"category": "external",
"summary": "SUSE Bug 1224479 for CVE-2024-35915",
"url": "https://bugzilla.suse.com/1224479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35915"
},
{
"cve": "CVE-2024-35916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf: Fix NULL pointer dereference in sanitycheck()\n\nIf due to a memory allocation failure mock_chain() returns NULL, it is\npassed to dma_fence_enable_sw_signaling() resulting in NULL pointer\ndereference there.\n\nCall dma_fence_enable_sw_signaling() only if mock_chain() succeeds.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35916",
"url": "https://www.suse.com/security/cve/CVE-2024-35916"
},
{
"category": "external",
"summary": "SUSE Bug 1224480 for CVE-2024-35916",
"url": "https://bugzilla.suse.com/1224480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35916"
},
{
"cve": "CVE-2024-35917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/bpf: Fix bpf_plt pointer arithmetic\n\nKui-Feng Lee reported a crash on s390x triggered by the\ndummy_st_ops/dummy_init_ptr_arg test [1]:\n\n [\u003c0000000000000002\u003e] 0x2\n [\u003c00000000009d5cde\u003e] bpf_struct_ops_test_run+0x156/0x250\n [\u003c000000000033145a\u003e] __sys_bpf+0xa1a/0xd00\n [\u003c00000000003319dc\u003e] __s390x_sys_bpf+0x44/0x50\n [\u003c0000000000c4382c\u003e] __do_syscall+0x244/0x300\n [\u003c0000000000c59a40\u003e] system_call+0x70/0x98\n\nThis is caused by GCC moving memcpy() after assignments in\nbpf_jit_plt(), resulting in NULL pointers being written instead of\nthe return and the target addresses.\n\nLooking at the GCC internals, the reordering is allowed because the\nalias analysis thinks that the memcpy() destination and the assignments\u0027\nleft-hand-sides are based on different objects: new_plt and\nbpf_plt_ret/bpf_plt_target respectively, and therefore they cannot\nalias.\n\nThis is in turn due to a violation of the C standard:\n\n When two pointers are subtracted, both shall point to elements of the\n same array object, or one past the last element of the array object\n ...\n\nFrom the C\u0027s perspective, bpf_plt_ret and bpf_plt are distinct objects\nand cannot be subtracted. In the practical terms, doing so confuses the\nGCC\u0027s alias analysis.\n\nThe code was written this way in order to let the C side know a few\noffsets defined in the assembly. While nice, this is by no means\nnecessary. Fix the noncompliance by hardcoding these offsets.\n\n[1] https://lore.kernel.org/bpf/c9923c1d-971d-4022-8dc8-1364e929d34c@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35917",
"url": "https://www.suse.com/security/cve/CVE-2024-35917"
},
{
"category": "external",
"summary": "SUSE Bug 1224481 for CVE-2024-35917",
"url": "https://bugzilla.suse.com/1224481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35917"
},
{
"cve": "CVE-2024-35921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix oops when HEVC init fails\n\nThe stateless HEVC decoder saves the instance pointer in the context\nregardless if the initialization worked or not. This caused a use after\nfree, when the pointer is freed in case of a failure in the deinit\nfunction.\nOnly store the instance pointer when the initialization was successful,\nto solve this issue.\n\n Hardware name: Acer Tomato (rev3 - 4) board (DT)\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : vcodec_vpu_send_msg+0x4c/0x190 [mtk_vcodec_dec]\n lr : vcodec_send_ap_ipi+0x78/0x170 [mtk_vcodec_dec]\n sp : ffff80008750bc20\n x29: ffff80008750bc20 x28: ffff1299f6d70000 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n x23: ffff80008750bc98 x22: 000000000000a003 x21: ffffd45c4cfae000\n x20: 0000000000000010 x19: ffff1299fd668310 x18: 000000000000001a\n x17: 000000040044ffff x16: ffffd45cb15dc648 x15: 0000000000000000\n x14: ffff1299c08da1c0 x13: ffffd45cb1f87a10 x12: ffffd45cb2f5fe80\n x11: 0000000000000001 x10: 0000000000001b30 x9 : ffffd45c4d12b488\n x8 : 1fffe25339380d81 x7 : 0000000000000001 x6 : ffff1299c9c06c00\n x5 : 0000000000000132 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000010 x1 : ffff80008750bc98 x0 : 0000000000000000\n Call trace:\n vcodec_vpu_send_msg+0x4c/0x190 [mtk_vcodec_dec]\n vcodec_send_ap_ipi+0x78/0x170 [mtk_vcodec_dec]\n vpu_dec_deinit+0x1c/0x30 [mtk_vcodec_dec]\n vdec_hevc_slice_deinit+0x30/0x98 [mtk_vcodec_dec]\n vdec_if_deinit+0x38/0x68 [mtk_vcodec_dec]\n mtk_vcodec_dec_release+0x20/0x40 [mtk_vcodec_dec]\n fops_vcodec_release+0x64/0x118 [mtk_vcodec_dec]\n v4l2_release+0x7c/0x100\n __fput+0x80/0x2d8\n __fput_sync+0x58/0x70\n __arm64_sys_close+0x40/0x90\n invoke_syscall+0x50/0x128\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x38/0xd8\n el0t_64_sync_handler+0xc0/0xc8\n el0t_64_sync+0x1a8/0x1b0\n Code: d503201f f9401660 b900127f b900227f (f9400400)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35921",
"url": "https://www.suse.com/security/cve/CVE-2024-35921"
},
{
"category": "external",
"summary": "SUSE Bug 1224477 for CVE-2024-35921",
"url": "https://bugzilla.suse.com/1224477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35921"
},
{
"cve": "CVE-2024-35922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbmon: prevent division by zero in fb_videomode_from_videomode()\n\nThe expression htotal * vtotal can have a zero value on\noverflow. It is necessary to prevent division by zero like in\nfb_var_to_videomode().\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35922",
"url": "https://www.suse.com/security/cve/CVE-2024-35922"
},
{
"category": "external",
"summary": "SUSE Bug 1224660 for CVE-2024-35922",
"url": "https://bugzilla.suse.com/1224660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35922"
},
{
"cve": "CVE-2024-35924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Limit read size on v1.2\n\nBetween UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was\nincreased from 16 to 256. In order to avoid overflowing reads for older\nsystems, add a mechanism to use the read UCSI version to truncate read\nsizes on UCSI v1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35924",
"url": "https://www.suse.com/security/cve/CVE-2024-35924"
},
{
"category": "external",
"summary": "SUSE Bug 1224657 for CVE-2024-35924",
"url": "https://bugzilla.suse.com/1224657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35924"
},
{
"cve": "CVE-2024-35925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: prevent division by zero in blk_rq_stat_sum()\n\nThe expression dst-\u003enr_samples + src-\u003enr_samples may\nhave zero value on overflow. It is necessary to add\na check to avoid division by zero.\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35925",
"url": "https://www.suse.com/security/cve/CVE-2024-35925"
},
{
"category": "external",
"summary": "SUSE Bug 1224661 for CVE-2024-35925",
"url": "https://bugzilla.suse.com/1224661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35925"
},
{
"cve": "CVE-2024-35926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: iaa - Fix async_disable descriptor leak\n\nThe disable_async paths of iaa_compress/decompress() don\u0027t free idxd\ndescriptors in the async_disable case. Currently this only happens in\nthe testcases where req-\u003edst is set to null. Add a test to free them\nin those paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35926",
"url": "https://www.suse.com/security/cve/CVE-2024-35926"
},
{
"category": "external",
"summary": "SUSE Bug 1224655 for CVE-2024-35926",
"url": "https://bugzilla.suse.com/1224655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35926"
},
{
"cve": "CVE-2024-35927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Check output polling initialized before disabling\n\nIn drm_kms_helper_poll_disable() check if output polling\nsupport is initialized before disabling polling. If not flag\nthis as a warning.\nAdditionally in drm_mode_config_helper_suspend() and\ndrm_mode_config_helper_resume() calls, that re the callers of these\nfunctions, avoid invoking them if polling is not initialized.\nFor drivers like hyperv-drm, that do not initialize connector\npolling, if suspend is called without this check, it leads to\nsuspend failure with following stack\n[ 770.719392] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done.\n[ 770.720592] printk: Suspending console(s) (use no_console_suspend to debug)\n[ 770.948823] ------------[ cut here ]------------\n[ 770.948824] WARNING: CPU: 1 PID: 17197 at kernel/workqueue.c:3162 __flush_work.isra.0+0x212/0x230\n[ 770.948831] Modules linked in: rfkill nft_counter xt_conntrack xt_owner udf nft_compat crc_itu_t nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables nfnetlink vfat fat mlx5_ib ib_uverbs ib_core mlx5_core intel_rapl_msr intel_rapl_common kvm_amd ccp mlxfw kvm psample hyperv_drm tls drm_shmem_helper drm_kms_helper irqbypass pcspkr syscopyarea sysfillrect sysimgblt hv_balloon hv_utils joydev drm fuse xfs libcrc32c pci_hyperv pci_hyperv_intf sr_mod sd_mod cdrom t10_pi sg hv_storvsc scsi_transport_fc hv_netvsc serio_raw hyperv_keyboard hid_hyperv crct10dif_pclmul crc32_pclmul crc32c_intel hv_vmbus ghash_clmulni_intel dm_mirror dm_region_hash dm_log dm_mod\n[ 770.948863] CPU: 1 PID: 17197 Comm: systemd-sleep Not tainted 5.14.0-362.2.1.el9_3.x86_64 #1\n[ 770.948865] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[ 770.948866] RIP: 0010:__flush_work.isra.0+0x212/0x230\n[ 770.948869] Code: 8b 4d 00 4c 8b 45 08 89 ca 48 c1 e9 04 83 e2 08 83 e1 0f 83 ca 02 89 c8 48 0f ba 6d 00 03 e9 25 ff ff ff 0f 0b e9 4e ff ff ff \u003c0f\u003e 0b 45 31 ed e9 44 ff ff ff e8 8f 89 b2 00 66 66 2e 0f 1f 84 00\n[ 770.948870] RSP: 0018:ffffaf4ac213fb10 EFLAGS: 00010246\n[ 770.948871] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8c992857\n[ 770.948872] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff9aad82b00330\n[ 770.948873] RBP: ffff9aad82b00330 R08: 0000000000000000 R09: ffff9aad87ee3d10\n[ 770.948874] R10: 0000000000000200 R11: 0000000000000000 R12: ffff9aad82b00330\n[ 770.948874] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001\n[ 770.948875] FS: 00007ff1b2f6bb40(0000) GS:ffff9aaf37d00000(0000) knlGS:0000000000000000\n[ 770.948878] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 770.948878] CR2: 0000555f345cb666 CR3: 00000001462dc005 CR4: 0000000000370ee0\n[ 770.948879] Call Trace:\n[ 770.948880] \u003cTASK\u003e\n[ 770.948881] ? show_trace_log_lvl+0x1c4/0x2df\n[ 770.948884] ? show_trace_log_lvl+0x1c4/0x2df\n[ 770.948886] ? __cancel_work_timer+0x103/0x190\n[ 770.948887] ? __flush_work.isra.0+0x212/0x230\n[ 770.948889] ? __warn+0x81/0x110\n[ 770.948891] ? __flush_work.isra.0+0x212/0x230\n[ 770.948892] ? report_bug+0x10a/0x140\n[ 770.948895] ? handle_bug+0x3c/0x70\n[ 770.948898] ? exc_invalid_op+0x14/0x70\n[ 770.948899] ? asm_exc_invalid_op+0x16/0x20\n[ 770.948903] ? __flush_work.isra.0+0x212/0x230\n[ 770.948905] __cancel_work_timer+0x103/0x190\n[ 770.948907] ? _raw_spin_unlock_irqrestore+0xa/0x30\n[ 770.948910] drm_kms_helper_poll_disable+0x1e/0x40 [drm_kms_helper]\n[ 770.948923] drm_mode_config_helper_suspend+0x1c/0x80 [drm_kms_helper]\n[ 770.948933] ? __pfx_vmbus_suspend+0x10/0x10 [hv_vmbus]\n[ 770.948942] hyperv_vmbus_suspend+0x17/0x40 [hyperv_drm]\n[ 770.948944] ? __pfx_vmbus_suspend+0x10/0x10 [hv_vmbus]\n[ 770.948951] dpm_run_callback+0x4c/0x140\n[ 770.948954] __device_suspend_noir\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35927",
"url": "https://www.suse.com/security/cve/CVE-2024-35927"
},
{
"category": "external",
"summary": "SUSE Bug 1224654 for CVE-2024-35927",
"url": "https://bugzilla.suse.com/1224654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35927"
},
{
"cve": "CVE-2024-35928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35928"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35928",
"url": "https://www.suse.com/security/cve/CVE-2024-35928"
},
{
"category": "external",
"summary": "SUSE Bug 1224653 for CVE-2024-35928",
"url": "https://bugzilla.suse.com/1224653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35928"
},
{
"cve": "CVE-2024-35930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()\n\nThe call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an\nunsuccessful status. In such cases, the elsiocb is not issued, the\ncompletion is not called, and thus the elsiocb resource is leaked.\n\nCheck return value after calling lpfc_sli4_resume_rpi() and conditionally\nrelease the elsiocb resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35930",
"url": "https://www.suse.com/security/cve/CVE-2024-35930"
},
{
"category": "external",
"summary": "SUSE Bug 1224651 for CVE-2024-35930",
"url": "https://bugzilla.suse.com/1224651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35930"
},
{
"cve": "CVE-2024-35931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Skip do PCI error slot reset during RAS recovery\n\nWhy:\n The PCI error slot reset maybe triggered after inject ue to UMC multi times, this\n caused system hang.\n [ 557.371857] amdgpu 0000:af:00.0: amdgpu: GPU reset succeeded, trying to resume\n [ 557.373718] [drm] PCIE GART of 512M enabled.\n [ 557.373722] [drm] PTB located at 0x0000031FED700000\n [ 557.373788] [drm] VRAM is lost due to GPU reset!\n [ 557.373789] [drm] PSP is resuming...\n [ 557.547012] mlx5_core 0000:55:00.0: mlx5_pci_err_detected Device state = 1 pci_status: 0. Exit, result = 3, need reset\n [ 557.547067] [drm] PCI error: detected callback, state(1)!!\n [ 557.547069] [drm] No support for XGMI hive yet...\n [ 557.548125] mlx5_core 0000:55:00.0: mlx5_pci_slot_reset Device state = 1 pci_status: 0. Enter\n [ 557.607763] mlx5_core 0000:55:00.0: wait vital counter value 0x16b5b after 1 iterations\n [ 557.607777] mlx5_core 0000:55:00.0: mlx5_pci_slot_reset Device state = 1 pci_status: 1. Exit, err = 0, result = 5, recovered\n [ 557.610492] [drm] PCI error: slot reset callback!!\n ...\n [ 560.689382] amdgpu 0000:3f:00.0: amdgpu: GPU reset(2) succeeded!\n [ 560.689546] amdgpu 0000:5a:00.0: amdgpu: GPU reset(2) succeeded!\n [ 560.689562] general protection fault, probably for non-canonical address 0x5f080b54534f611f: 0000 [#1] SMP NOPTI\n [ 560.701008] CPU: 16 PID: 2361 Comm: kworker/u448:9 Tainted: G OE 5.15.0-91-generic #101-Ubuntu\n [ 560.712057] Hardware name: Microsoft C278A/C278A, BIOS C2789.5.BS.1C11.AG.1 11/08/2023\n [ 560.720959] Workqueue: amdgpu-reset-hive amdgpu_ras_do_recovery [amdgpu]\n [ 560.728887] RIP: 0010:amdgpu_device_gpu_recover.cold+0xbf1/0xcf5 [amdgpu]\n [ 560.736891] Code: ff 41 89 c6 e9 1b ff ff ff 44 0f b6 45 b0 e9 4f ff ff ff be 01 00 00 00 4c 89 e7 e8 76 c9 8b ff 44 0f b6 45 b0 e9 3c fd ff ff \u003c48\u003e 83 ba 18 02 00 00 00 0f 84 6a f8 ff ff 48 8d 7a 78 be 01 00 00\n [ 560.757967] RSP: 0018:ffa0000032e53d80 EFLAGS: 00010202\n [ 560.763848] RAX: ffa00000001dfd10 RBX: ffa0000000197090 RCX: ffa0000032e53db0\n [ 560.771856] RDX: 5f080b54534f5f07 RSI: 0000000000000000 RDI: ff11000128100010\n [ 560.779867] RBP: ffa0000032e53df0 R08: 0000000000000000 R09: ffffffffffe77f08\n [ 560.787879] R10: 0000000000ffff0a R11: 0000000000000001 R12: 0000000000000000\n [ 560.795889] R13: ffa0000032e53e00 R14: 0000000000000000 R15: 0000000000000000\n [ 560.803889] FS: 0000000000000000(0000) GS:ff11007e7e800000(0000) knlGS:0000000000000000\n [ 560.812973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 560.819422] CR2: 000055a04c118e68 CR3: 0000000007410005 CR4: 0000000000771ee0\n [ 560.827433] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n [ 560.835433] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n [ 560.843444] PKRU: 55555554\n [ 560.846480] Call Trace:\n [ 560.849225] \u003cTASK\u003e\n [ 560.851580] ? show_trace_log_lvl+0x1d6/0x2ea\n [ 560.856488] ? show_trace_log_lvl+0x1d6/0x2ea\n [ 560.861379] ? amdgpu_ras_do_recovery+0x1b2/0x210 [amdgpu]\n [ 560.867778] ? show_regs.part.0+0x23/0x29\n [ 560.872293] ? __die_body.cold+0x8/0xd\n [ 560.876502] ? die_addr+0x3e/0x60\n [ 560.880238] ? exc_general_protection+0x1c5/0x410\n [ 560.885532] ? asm_exc_general_protection+0x27/0x30\n [ 560.891025] ? amdgpu_device_gpu_recover.cold+0xbf1/0xcf5 [amdgpu]\n [ 560.898323] amdgpu_ras_do_recovery+0x1b2/0x210 [amdgpu]\n [ 560.904520] process_one_work+0x228/0x3d0\nHow:\n In RAS recovery, mode-1 reset is issued from RAS fatal error handling and expected\n all the nodes in a hive to be reset. no need to issue another mode-1 during this procedure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35931",
"url": "https://www.suse.com/security/cve/CVE-2024-35931"
},
{
"category": "external",
"summary": "SUSE Bug 1224652 for CVE-2024-35931",
"url": "https://bugzilla.suse.com/1224652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35931"
},
{
"cve": "CVE-2024-35932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: don\u0027t check if plane-\u003estate-\u003efb == state-\u003efb\n\nCurrently, when using non-blocking commits, we can see the following\nkernel warning:\n\n[ 110.908514] ------------[ cut here ]------------\n[ 110.908529] refcount_t: underflow; use-after-free.\n[ 110.908620] WARNING: CPU: 0 PID: 1866 at lib/refcount.c:87 refcount_dec_not_one+0xb8/0xc0\n[ 110.908664] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device cmac algif_hash aes_arm64 aes_generic algif_skcipher af_alg bnep hid_logitech_hidpp vc4 brcmfmac hci_uart btbcm brcmutil bluetooth snd_soc_hdmi_codec cfg80211 cec drm_display_helper drm_dma_helper drm_kms_helper snd_soc_core snd_compress snd_pcm_dmaengine fb_sys_fops sysimgblt syscopyarea sysfillrect raspberrypi_hwmon ecdh_generic ecc rfkill libaes i2c_bcm2835 binfmt_misc joydev snd_bcm2835(C) bcm2835_codec(C) bcm2835_isp(C) v4l2_mem2mem videobuf2_dma_contig snd_pcm bcm2835_v4l2(C) raspberrypi_gpiomem bcm2835_mmal_vchiq(C) videobuf2_v4l2 snd_timer videobuf2_vmalloc videobuf2_memops videobuf2_common snd videodev vc_sm_cma(C) mc hid_logitech_dj uio_pdrv_genirq uio i2c_dev drm fuse dm_mod drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 110.909086] CPU: 0 PID: 1866 Comm: kodi.bin Tainted: G C 6.1.66-v8+ #32\n[ 110.909104] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 110.909114] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 110.909132] pc : refcount_dec_not_one+0xb8/0xc0\n[ 110.909152] lr : refcount_dec_not_one+0xb4/0xc0\n[ 110.909170] sp : ffffffc00913b9c0\n[ 110.909177] x29: ffffffc00913b9c0 x28: 000000556969bbb0 x27: 000000556990df60\n[ 110.909205] x26: 0000000000000002 x25: 0000000000000004 x24: ffffff8004448480\n[ 110.909230] x23: ffffff800570b500 x22: ffffff802e03a7bc x21: ffffffecfca68c78\n[ 110.909257] x20: ffffff8002b42000 x19: ffffff802e03a600 x18: 0000000000000000\n[ 110.909283] x17: 0000000000000011 x16: ffffffffffffffff x15: 0000000000000004\n[ 110.909308] x14: 0000000000000fff x13: ffffffed577e47e0 x12: 0000000000000003\n[ 110.909333] x11: 0000000000000000 x10: 0000000000000027 x9 : c912d0d083728c00\n[ 110.909359] x8 : c912d0d083728c00 x7 : 65646e75203a745f x6 : 746e756f63666572\n[ 110.909384] x5 : ffffffed579f62ee x4 : ffffffed579eb01e x3 : 0000000000000000\n[ 110.909409] x2 : 0000000000000000 x1 : ffffffc00913b750 x0 : 0000000000000001\n[ 110.909434] Call trace:\n[ 110.909441] refcount_dec_not_one+0xb8/0xc0\n[ 110.909461] vc4_bo_dec_usecnt+0x4c/0x1b0 [vc4]\n[ 110.909903] vc4_cleanup_fb+0x44/0x50 [vc4]\n[ 110.910315] drm_atomic_helper_cleanup_planes+0x88/0xa4 [drm_kms_helper]\n[ 110.910669] vc4_atomic_commit_tail+0x390/0x9dc [vc4]\n[ 110.911079] commit_tail+0xb0/0x164 [drm_kms_helper]\n[ 110.911397] drm_atomic_helper_commit+0x1d0/0x1f0 [drm_kms_helper]\n[ 110.911716] drm_atomic_commit+0xb0/0xdc [drm]\n[ 110.912569] drm_mode_atomic_ioctl+0x348/0x4b8 [drm]\n[ 110.913330] drm_ioctl_kernel+0xec/0x15c [drm]\n[ 110.914091] drm_ioctl+0x24c/0x3b0 [drm]\n[ 110.914850] __arm64_sys_ioctl+0x9c/0xd4\n[ 110.914873] invoke_syscall+0x4c/0x114\n[ 110.914897] el0_svc_common+0xd0/0x118\n[ 110.914917] do_el0_svc+0x38/0xd0\n[ 110.914936] el0_svc+0x30/0x8c\n[ 110.914958] el0t_64_sync_handler+0x84/0xf0\n[ 110.914979] el0t_64_sync+0x18c/0x190\n[ 110.914996] ---[ end trace 0000000000000000 ]---\n\nThis happens because, although `prepare_fb` and `cleanup_fb` are\nperfectly balanced, we cannot guarantee consistency in the check\nplane-\u003estate-\u003efb == state-\u003efb. This means that sometimes we can increase\nthe refcount in `prepare_fb` and don\u0027t decrease it in `cleanup_fb`. The\nopposite can also be true.\n\nIn fact, the struct drm_plane .state shouldn\u0027t be accessed directly\nbut instead, the `drm_atomic_get_new_plane_state()` helper function should\nbe used. So, we could stick to this check, but using\n`drm_atomic_get_new_plane_state()`. But actually, this check is not re\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35932",
"url": "https://www.suse.com/security/cve/CVE-2024-35932"
},
{
"category": "external",
"summary": "SUSE Bug 1224650 for CVE-2024-35932",
"url": "https://bugzilla.suse.com/1224650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35932"
},
{
"cve": "CVE-2024-35933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: Fix null ptr deref in btintel_read_version\n\nIf hci_cmd_sync_complete() is triggered and skb is NULL, then\nhdev-\u003ereq_skb is NULL, which will cause this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35933",
"url": "https://www.suse.com/security/cve/CVE-2024-35933"
},
{
"category": "external",
"summary": "SUSE Bug 1224640 for CVE-2024-35933",
"url": "https://bugzilla.suse.com/1224640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35933"
},
{
"cve": "CVE-2024-35934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: reduce rtnl pressure in smc_pnet_create_pnetids_list()\n\nMany syzbot reports show extreme rtnl pressure, and many of them hint\nthat smc acquires rtnl in netns creation for no good reason [1]\n\nThis patch returns early from smc_pnet_net_init()\nif there is no netdevice yet.\n\nI am not even sure why smc_pnet_create_pnetids_list() even exists,\nbecause smc_pnet_netdev_event() is also calling\nsmc_pnet_add_base_pnetid() when handling NETDEV_UP event.\n\n[1] extract of typical syzbot reports\n\n2 locks held by syz-executor.3/12252:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878\n2 locks held by syz-executor.4/12253:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878\n2 locks held by syz-executor.1/12257:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878\n2 locks held by syz-executor.2/12261:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878\n2 locks held by syz-executor.0/12265:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878\n2 locks held by syz-executor.3/12268:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878\n2 locks held by syz-executor.4/12271:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878\n2 locks held by syz-executor.1/12274:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878\n2 locks held by syz-executor.2/12280:\n #0: ffffffff8f369610 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x4c7/0x7b0 net/core/net_namespace.c:491\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_create_pnetids_list net/smc/smc_pnet.c:809 [inline]\n #1: ffffffff8f375b88 (rtnl_mutex){+.+.}-{3:3}, at: smc_pnet_net_init+0x10a/0x1e0 net/smc/smc_pnet.c:878",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35934",
"url": "https://www.suse.com/security/cve/CVE-2024-35934"
},
{
"category": "external",
"summary": "SUSE Bug 1224641 for CVE-2024-35934",
"url": "https://bugzilla.suse.com/1224641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35934"
},
{
"cve": "CVE-2024-35935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: send: handle path ref underflow in header iterate_inode_ref()\n\nChange BUG_ON to proper error handling if building the path buffer\nfails. The pointers are not printed so we don\u0027t accidentally leak kernel\naddresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35935",
"url": "https://www.suse.com/security/cve/CVE-2024-35935"
},
{
"category": "external",
"summary": "SUSE Bug 1224645 for CVE-2024-35935",
"url": "https://bugzilla.suse.com/1224645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()\n\nThe unhandled case in btrfs_relocate_sys_chunks() loop is a corruption,\nas it could be caused only by two impossible conditions:\n\n- at first the search key is set up to look for a chunk tree item, with\n offset -1, this is an inexact search and the key-\u003eoffset will contain\n the correct offset upon a successful search, a valid chunk tree item\n cannot have an offset -1\n\n- after first successful search, the found_key corresponds to a chunk\n item, the offset is decremented by 1 before the next loop, it\u0027s\n impossible to find a chunk item there due to alignment and size\n constraints",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35936",
"url": "https://www.suse.com/security/cve/CVE-2024-35936"
},
{
"category": "external",
"summary": "SUSE Bug 1224644 for CVE-2024-35936",
"url": "https://bugzilla.suse.com/1224644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: check A-MSDU format more carefully\n\nIf it looks like there\u0027s another subframe in the A-MSDU\nbut the header isn\u0027t fully there, we can end up reading\ndata out of bounds, only to discard later. Make this a\nbit more careful and check if the subframe header can\neven be present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35937",
"url": "https://www.suse.com/security/cve/CVE-2024-35937"
},
{
"category": "external",
"summary": "SUSE Bug 1224526 for CVE-2024-35937",
"url": "https://bugzilla.suse.com/1224526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35937"
},
{
"cve": "CVE-2024-35938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: decrease MHI channel buffer length to 8KB\n\nCurrently buf_len field of ath11k_mhi_config_qca6390 is assigned\nwith 0, making MHI use a default size, 64KB, to allocate channel\nbuffers. This is likely to fail in some scenarios where system\nmemory is highly fragmented and memory compaction or reclaim is\nnot allowed.\n\nThere is a fail report which is caused by it:\nkworker/u32:45: page allocation failure: order:4, mode:0x40c00(GFP_NOIO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0\nCPU: 0 PID: 19318 Comm: kworker/u32:45 Not tainted 6.8.0-rc3-1.gae4495f-default #1 openSUSE Tumbleweed (unreleased) 493b6d5b382c603654d7a81fc3c144d59a1dfceb\nWorkqueue: events_unbound async_run_entry_fn\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x47/0x60\n warn_alloc+0x13a/0x1b0\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __alloc_pages_direct_compact+0xab/0x210\n __alloc_pages_slowpath.constprop.0+0xd3e/0xda0\n __alloc_pages+0x32d/0x350\n ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n __kmalloc_large_node+0x72/0x110\n __kmalloc+0x37c/0x480\n ? mhi_map_single_no_bb+0x77/0xf0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n __mhi_prepare_for_transfer+0x44/0x80 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n ? __pfx_____mhi_prepare_for_transfer+0x10/0x10 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n device_for_each_child+0x5c/0xa0\n ? __pfx_pci_pm_resume+0x10/0x10\n ath11k_core_resume+0x65/0x100 [ath11k a5094e22d7223135c40d93c8f5321cf09fd85e4e]\n ? srso_alias_return_thunk+0x5/0xfbef5\n ath11k_pci_pm_resume+0x32/0x60 [ath11k_pci 830b7bfc3ea80ebef32e563cafe2cb55e9cc73ec]\n ? srso_alias_return_thunk+0x5/0xfbef5\n dpm_run_callback+0x8c/0x1e0\n device_resume+0x104/0x340\n ? __pfx_dpm_watchdog_handler+0x10/0x10\n async_resume+0x1d/0x30\n async_run_entry_fn+0x32/0x120\n process_one_work+0x168/0x330\n worker_thread+0x2f5/0x410\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe8/0x120\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nActually those buffers are used only by QMI target -\u003e host communication.\nAnd for WCN6855 and QCA6390, the largest packet size for that is less\nthan 6KB. So change buf_len field to 8KB, which results in order 1\nallocation if page size is 4KB. In this way, we can at least save some\nmemory, and as well as decrease the possibility of allocation failure\nin those scenarios.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35938",
"url": "https://www.suse.com/security/cve/CVE-2024-35938"
},
{
"category": "external",
"summary": "SUSE Bug 1224643 for CVE-2024-35938",
"url": "https://bugzilla.suse.com/1224643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35938"
},
{
"cve": "CVE-2024-35940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/zone: Add a null pointer check to the psz_kmsg_read\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35940",
"url": "https://www.suse.com/security/cve/CVE-2024-35940"
},
{
"category": "external",
"summary": "SUSE Bug 1224537 for CVE-2024-35940",
"url": "https://bugzilla.suse.com/1224537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35940"
},
{
"cve": "CVE-2024-35942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35942"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: imx8mp_blk: Add fdcc clock to hdmimix domain\n\nAccording to i.MX8MP RM and HDMI ADD, the fdcc clock is part of\nhdmi rx verification IP that should not enable for HDMI TX.\nBut actually if the clock is disabled before HDMI/LCDIF probe,\nLCDIF will not get pixel clock from HDMI PHY and print the error\nlogs:\n\n[CRTC:39:crtc-2] vblank wait timed out\nWARNING: CPU: 2 PID: 9 at drivers/gpu/drm/drm_atomic_helper.c:1634 drm_atomic_helper_wait_for_vblanks.part.0+0x23c/0x260\n\nAdd fdcc clock to LCDIF and HDMI TX power domains to fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35942",
"url": "https://www.suse.com/security/cve/CVE-2024-35942"
},
{
"category": "external",
"summary": "SUSE Bug 1224589 for CVE-2024-35942",
"url": "https://bugzilla.suse.com/1224589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35942"
},
{
"cve": "CVE-2024-35943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: ti: Add a null pointer check to the omap_prm_domain_init\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35943",
"url": "https://www.suse.com/security/cve/CVE-2024-35943"
},
{
"category": "external",
"summary": "SUSE Bug 1224649 for CVE-2024-35943",
"url": "https://bugzilla.suse.com/1224649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35943"
},
{
"cve": "CVE-2024-35944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()\n\nSyzkaller hit \u0027WARNING in dg_dispatch_as_host\u0027 bug.\n\nmemcpy: detected field-spanning write (size 56) of single field \"\u0026dg_info-\u003emsg\"\nat drivers/misc/vmw_vmci/vmci_datagram.c:237 (size 24)\n\nWARNING: CPU: 0 PID: 1555 at drivers/misc/vmw_vmci/vmci_datagram.c:237\ndg_dispatch_as_host+0x88e/0xa60 drivers/misc/vmw_vmci/vmci_datagram.c:237\n\nSome code commentry, based on my understanding:\n\n544 #define VMCI_DG_SIZE(_dg) (VMCI_DG_HEADERSIZE + (size_t)(_dg)-\u003epayload_size)\n/// This is 24 + payload_size\n\nmemcpy(\u0026dg_info-\u003emsg, dg, dg_size);\n\tDestination = dg_info-\u003emsg ---\u003e this is a 24 byte\n\t\t\t\t\tstructure(struct vmci_datagram)\n\tSource = dg --\u003e this is a 24 byte structure (struct vmci_datagram)\n\tSize = dg_size = 24 + payload_size\n\n{payload_size = 56-24 =32} -- Syzkaller managed to set payload_size to 32.\n\n 35 struct delayed_datagram_info {\n 36 struct datagram_entry *entry;\n 37 struct work_struct work;\n 38 bool in_dg_host_queue;\n 39 /* msg and msg_payload must be together. */\n 40 struct vmci_datagram msg;\n 41 u8 msg_payload[];\n 42 };\n\nSo those extra bytes of payload are copied into msg_payload[], a run time\nwarning is seen while fuzzing with Syzkaller.\n\nOne possible way to fix the warning is to split the memcpy() into\ntwo parts -- one -- direct assignment of msg and second taking care of payload.\n\nGustavo quoted:\n\"Under FORTIFY_SOURCE we should not copy data across multiple members\nin a structure.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35944",
"url": "https://www.suse.com/security/cve/CVE-2024-35944"
},
{
"category": "external",
"summary": "SUSE Bug 1224648 for CVE-2024-35944",
"url": "https://bugzilla.suse.com/1224648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: phy_device: Prevent nullptr exceptions on ISR\n\nIf phydev-\u003eirq is set unconditionally, check\nfor valid interrupt handler or fall back to polling mode to prevent\nnullptr exceptions in interrupt service routine.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35945",
"url": "https://www.suse.com/security/cve/CVE-2024-35945"
},
{
"category": "external",
"summary": "SUSE Bug 1224639 for CVE-2024-35945",
"url": "https://bugzilla.suse.com/1224639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35945"
},
{
"cve": "CVE-2024-35946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix null pointer access when abort scan\n\nDuring cancel scan we might use vif that weren\u0027t scanning.\nFix this by using the actual scanning vif.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35946",
"url": "https://www.suse.com/security/cve/CVE-2024-35946"
},
{
"category": "external",
"summary": "SUSE Bug 1224646 for CVE-2024-35946",
"url": "https://bugzilla.suse.com/1224646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35946"
},
{
"cve": "CVE-2024-35947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndyndbg: fix old BUG_ON in \u003econtrol parser\n\nFix a BUG_ON from 2009. Even if it looks \"unreachable\" (I didn\u0027t\nreally look), lets make sure by removing it, doing pr_err and return\n-EINVAL instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35947",
"url": "https://www.suse.com/security/cve/CVE-2024-35947"
},
{
"category": "external",
"summary": "SUSE Bug 1224647 for CVE-2024-35947",
"url": "https://bugzilla.suse.com/1224647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35947"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-35951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()\n\nSubject: [PATCH] drm/panfrost: Fix the error path in\n panfrost_mmu_map_fault_addr()\n\nIf some the pages or sgt allocation failed, we shouldn\u0027t release the\npages ref we got earlier, otherwise we will end up with unbalanced\nget/put_pages() calls. We should instead leave everything in place\nand let the BO release function deal with extra cleanup when the object\nis destroyed, or let the fault handler try again next time it\u0027s called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35951",
"url": "https://www.suse.com/security/cve/CVE-2024-35951"
},
{
"category": "external",
"summary": "SUSE Bug 1224701 for CVE-2024-35951",
"url": "https://bugzilla.suse.com/1224701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35951"
},
{
"cve": "CVE-2024-35952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ast: Fix soft lockup\n\nThere is a while-loop in ast_dp_set_on_off() that could lead to\ninfinite-loop. This is because the register, VGACRI-Dx, checked in\nthis API is a scratch register actually controlled by a MCU, named\nDPMCU, in BMC.\n\nThese scratch registers are protected by scu-lock. If suc-lock is not\noff, DPMCU can not update these registers and then host will have soft\nlockup due to never updated status.\n\nDPMCU is used to control DP and relative registers to handshake with\nhost\u0027s VGA driver. Even the most time-consuming task, DP\u0027s link\ntraining, is less than 100ms. 200ms should be enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35952",
"url": "https://www.suse.com/security/cve/CVE-2024-35952"
},
{
"category": "external",
"summary": "SUSE Bug 1224705 for CVE-2024-35952",
"url": "https://bugzilla.suse.com/1224705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35952"
},
{
"cve": "CVE-2024-35953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in context_xa\n\nivpu_device-\u003econtext_xa is locked both in kernel thread and IRQ context.\nIt requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization\notherwise the lock could be acquired from a thread and interrupted by\nan IRQ that locks it for the second time causing the deadlock.\n\nThis deadlock was reported by lockdep and observed in internal tests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35953",
"url": "https://www.suse.com/security/cve/CVE-2024-35953"
},
{
"category": "external",
"summary": "SUSE Bug 1224704 for CVE-2024-35953",
"url": "https://bugzilla.suse.com/1224704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35953"
},
{
"cve": "CVE-2024-35954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Avoid sg device teardown race\n\nsg_remove_sfp_usercontext() must not use sg_device_destroy() after calling\nscsi_device_put().\n\nsg_device_destroy() is accessing the parent scsi_device request_queue which\nwill already be set to NULL when the preceding call to scsi_device_put()\nremoved the last reference to the parent scsi_device.\n\nThe resulting NULL pointer exception will then crash the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35954",
"url": "https://www.suse.com/security/cve/CVE-2024-35954"
},
{
"category": "external",
"summary": "SUSE Bug 1224675 for CVE-2024-35954",
"url": "https://bugzilla.suse.com/1224675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35954"
},
{
"cve": "CVE-2024-35955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: Fix possible use-after-free issue on kprobe registration\n\nWhen unloading a module, its state is changing MODULE_STATE_LIVE -\u003e\n MODULE_STATE_GOING -\u003e MODULE_STATE_UNFORMED. Each change will take\na time. `is_module_text_address()` and `__module_text_address()`\nworks with MODULE_STATE_LIVE and MODULE_STATE_GOING.\nIf we use `is_module_text_address()` and `__module_text_address()`\nseparately, there is a chance that the first one is succeeded but the\nnext one is failed because module-\u003estate becomes MODULE_STATE_UNFORMED\nbetween those operations.\n\nIn `check_kprobe_address_safe()`, if the second `__module_text_address()`\nis failed, that is ignored because it expected a kernel_text address.\nBut it may have failed simply because module-\u003estate has been changed\nto MODULE_STATE_UNFORMED. In this case, arm_kprobe() will try to modify\nnon-exist module text address (use-after-free).\n\nTo fix this problem, we should not use separated `is_module_text_address()`\nand `__module_text_address()`, but use only `__module_text_address()`\nonce and do `try_module_get(module)` which is only available with\nMODULE_STATE_LIVE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35955",
"url": "https://www.suse.com/security/cve/CVE-2024-35955"
},
{
"category": "external",
"summary": "SUSE Bug 1224676 for CVE-2024-35955",
"url": "https://bugzilla.suse.com/1224676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations\n\nCreate subvolume, create snapshot and delete subvolume all use\nbtrfs_subvolume_reserve_metadata() to reserve metadata for the changes\ndone to the parent subvolume\u0027s fs tree, which cannot be mediated in the\nnormal way via start_transaction. When quota groups (squota or qgroups)\nare enabled, this reserves qgroup metadata of type PREALLOC. Once the\noperation is associated to a transaction, we convert PREALLOC to\nPERTRANS, which gets cleared in bulk at the end of the transaction.\n\nHowever, the error paths of these three operations were not implementing\nthis lifecycle correctly. They unconditionally converted the PREALLOC to\nPERTRANS in a generic cleanup step regardless of errors or whether the\noperation was fully associated to a transaction or not. This resulted in\nerror paths occasionally converting this rsv to PERTRANS without calling\nrecord_root_in_trans successfully, which meant that unless that root got\nrecorded in the transaction by some other thread, the end of the\ntransaction would not free that root\u0027s PERTRANS, leaking it. Ultimately,\nthis resulted in hitting a WARN in CONFIG_BTRFS_DEBUG builds at unmount\nfor the leaked reservation.\n\nThe fix is to ensure that every qgroup PREALLOC reservation observes the\nfollowing properties:\n\n1. any failure before record_root_in_trans is called successfully\n results in freeing the PREALLOC reservation.\n2. after record_root_in_trans, we convert to PERTRANS, and now the\n transaction owns freeing the reservation.\n\nThis patch enforces those properties on the three operations. Without\nit, generic/269 with squotas enabled at mkfs time would fail in ~5-10\nruns on my system. With this patch, it ran successfully 1000 times in a\nrow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35956",
"url": "https://www.suse.com/security/cve/CVE-2024-35956"
},
{
"category": "external",
"summary": "SUSE Bug 1224674 for CVE-2024-35956",
"url": "https://bugzilla.suse.com/1224674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35956"
},
{
"cve": "CVE-2024-35957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Fix WARN_ON in iommu probe path\n\nCommit 1a75cc710b95 (\"iommu/vt-d: Use rbtree to track iommu probed\ndevices\") adds all devices probed by the iommu driver in a rbtree\nindexed by the source ID of each device. It assumes that each device\nhas a unique source ID. This assumption is incorrect and the VT-d\nspec doesn\u0027t state this requirement either.\n\nThe reason for using a rbtree to track devices is to look up the device\nwith PCI bus and devfunc in the paths of handling ATS invalidation time\nout error and the PRI I/O page faults. Both are PCI ATS feature related.\n\nOnly track the devices that have PCI ATS capabilities in the rbtree to\navoid unnecessary WARN_ON in the iommu probe path. Otherwise, on some\nplatforms below kernel splat will be displayed and the iommu probe results\nin failure.\n\n WARNING: CPU: 3 PID: 166 at drivers/iommu/intel/iommu.c:158 intel_iommu_probe_device+0x319/0xd90\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x7e/0x180\n ? intel_iommu_probe_device+0x319/0xd90\n ? report_bug+0x1f8/0x200\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? intel_iommu_probe_device+0x319/0xd90\n ? debug_mutex_init+0x37/0x50\n __iommu_probe_device+0xf2/0x4f0\n iommu_probe_device+0x22/0x70\n iommu_bus_notifier+0x1e/0x40\n notifier_call_chain+0x46/0x150\n blocking_notifier_call_chain+0x42/0x60\n bus_notify+0x2f/0x50\n device_add+0x5ed/0x7e0\n platform_device_add+0xf5/0x240\n mfd_add_devices+0x3f9/0x500\n ? preempt_count_add+0x4c/0xa0\n ? up_write+0xa2/0x1b0\n ? __debugfs_create_file+0xe3/0x150\n intel_lpss_probe+0x49f/0x5b0\n ? pci_conf1_write+0xa3/0xf0\n intel_lpss_pci_probe+0xcf/0x110 [intel_lpss_pci]\n pci_device_probe+0x95/0x120\n really_probe+0xd9/0x370\n ? __pfx___driver_attach+0x10/0x10\n __driver_probe_device+0x73/0x150\n driver_probe_device+0x19/0xa0\n __driver_attach+0xb6/0x180\n ? __pfx___driver_attach+0x10/0x10\n bus_for_each_dev+0x77/0xd0\n bus_add_driver+0x114/0x210\n driver_register+0x5b/0x110\n ? __pfx_intel_lpss_pci_driver_init+0x10/0x10 [intel_lpss_pci]\n do_one_initcall+0x57/0x2b0\n ? kmalloc_trace+0x21e/0x280\n ? do_init_module+0x1e/0x210\n do_init_module+0x5f/0x210\n load_module+0x1d37/0x1fc0\n ? init_module_from_file+0x86/0xd0\n init_module_from_file+0x86/0xd0\n idempotent_init_module+0x17c/0x230\n __x64_sys_finit_module+0x56/0xb0\n do_syscall_64+0x6e/0x140\n entry_SYSCALL_64_after_hwframe+0x71/0x79",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35957",
"url": "https://www.suse.com/security/cve/CVE-2024-35957"
},
{
"category": "external",
"summary": "SUSE Bug 1224673 for CVE-2024-35957",
"url": "https://bugzilla.suse.com/1224673"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35957"
},
{
"cve": "CVE-2024-35958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix incorrect descriptor free behavior\n\nENA has two types of TX queues:\n- queues which only process TX packets arriving from the network stack\n- queues which only process TX packets forwarded to it by XDP_REDIRECT\n or XDP_TX instructions\n\nThe ena_free_tx_bufs() cycles through all descriptors in a TX queue\nand unmaps + frees every descriptor that hasn\u0027t been acknowledged yet\nby the device (uncompleted TX transactions).\nThe function assumes that the processed TX queue is necessarily from\nthe first category listed above and ends up using napi_consume_skb()\nfor descriptors belonging to an XDP specific queue.\n\nThis patch solves a bug in which, in case of a VF reset, the\ndescriptors aren\u0027t freed correctly, leading to crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35958",
"url": "https://www.suse.com/security/cve/CVE-2024-35958"
},
{
"category": "external",
"summary": "SUSE Bug 1224677 for CVE-2024-35958",
"url": "https://bugzilla.suse.com/1224677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35958"
},
{
"cve": "CVE-2024-35959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix mlx5e_priv_init() cleanup flow\n\nWhen mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which\ncalls mlx5e_selq_apply() that assures that the `priv-\u003estate_lock` is held using\nlockdep_is_held().\n\nAcquire the state_lock in mlx5e_selq_cleanup().\n\nKernel log:\n=============================\nWARNING: suspicious RCU usage\n6.8.0-rc3_net_next_841a9b5 #1 Not tainted\n-----------------------------\ndrivers/net/ethernet/mellanox/mlx5/core/en/selq.c:124 suspicious rcu_dereference_protected() usage!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n2 locks held by systemd-modules/293:\n #0: ffffffffa05067b0 (devices_rwsem){++++}-{3:3}, at: ib_register_client+0x109/0x1b0 [ib_core]\n #1: ffff8881096c65c0 (\u0026device-\u003eclient_data_rwsem){++++}-{3:3}, at: add_client_context+0x104/0x1c0 [ib_core]\n\nstack backtrace:\nCPU: 4 PID: 293 Comm: systemd-modules Not tainted 6.8.0-rc3_net_next_841a9b5 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x8a/0xa0\n lockdep_rcu_suspicious+0x154/0x1a0\n mlx5e_selq_apply+0x94/0xa0 [mlx5_core]\n mlx5e_selq_cleanup+0x3a/0x60 [mlx5_core]\n mlx5e_priv_init+0x2be/0x2f0 [mlx5_core]\n mlx5_rdma_setup_rn+0x7c/0x1a0 [mlx5_core]\n rdma_init_netdev+0x4e/0x80 [ib_core]\n ? mlx5_rdma_netdev_free+0x70/0x70 [mlx5_core]\n ipoib_intf_init+0x64/0x550 [ib_ipoib]\n ipoib_intf_alloc+0x4e/0xc0 [ib_ipoib]\n ipoib_add_one+0xb0/0x360 [ib_ipoib]\n add_client_context+0x112/0x1c0 [ib_core]\n ib_register_client+0x166/0x1b0 [ib_core]\n ? 0xffffffffa0573000\n ipoib_init_module+0xeb/0x1a0 [ib_ipoib]\n do_one_initcall+0x61/0x250\n do_init_module+0x8a/0x270\n init_module_from_file+0x8b/0xd0\n idempotent_init_module+0x17d/0x230\n __x64_sys_finit_module+0x61/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35959",
"url": "https://www.suse.com/security/cve/CVE-2024-35959"
},
{
"category": "external",
"summary": "SUSE Bug 1224666 for CVE-2024-35959",
"url": "https://bugzilla.suse.com/1224666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35959"
},
{
"cve": "CVE-2024-35960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Properly link new fs rules into the tree\n\nPreviously, add_rule_fg would only add newly created rules from the\nhandle into the tree when they had a refcount of 1. On the other hand,\ncreate_flow_handle tries hard to find and reference already existing\nidentical rules instead of creating new ones.\n\nThese two behaviors can result in a situation where create_flow_handle\n1) creates a new rule and references it, then\n2) in a subsequent step during the same handle creation references it\n again,\nresulting in a rule with a refcount of 2 that is not linked into the\ntree, will have a NULL parent and root and will result in a crash when\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\ndeletion, assumes node-\u003eparent is != NULL.\n\nThis happened in the wild, due to another bug related to incorrect\nhandling of duplicate pkt_reformat ids, which lead to the code in\ncreate_flow_handle incorrectly referencing a just-added rule in the same\nflow handle, resulting in the problem described above. Full details are\nat [1].\n\nThis patch changes add_rule_fg to add new rules without parents into\nthe tree, properly initializing them and avoiding the crash. This makes\nit more consistent with how rules are added to an FTE in\ncreate_flow_handle.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35960",
"url": "https://www.suse.com/security/cve/CVE-2024-35960"
},
{
"category": "external",
"summary": "SUSE Bug 1224588 for CVE-2024-35960",
"url": "https://bugzilla.suse.com/1224588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35960"
},
{
"cve": "CVE-2024-35961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Register devlink first under devlink lock\n\nIn case device is having a non fatal FW error during probe, the\ndriver will report the error to user via devlink. This will trigger\na WARN_ON, since mlx5 is calling devlink_register() last.\nIn order to avoid the WARN_ON[1], change mlx5 to invoke devl_register()\nfirst under devlink lock.\n\n[1]\nWARNING: CPU: 5 PID: 227 at net/devlink/health.c:483 devlink_recover_notify.constprop.0+0xb8/0xc0\nCPU: 5 PID: 227 Comm: kworker/u16:3 Not tainted 6.4.0-rc5_for_upstream_min_debug_2023_06_12_12_38 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nWorkqueue: mlx5_health0000:08:00.0 mlx5_fw_reporter_err_work [mlx5_core]\nRIP: 0010:devlink_recover_notify.constprop.0+0xb8/0xc0\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x79/0x120\n ? devlink_recover_notify.constprop.0+0xb8/0xc0\n ? report_bug+0x17c/0x190\n ? handle_bug+0x3c/0x60\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? devlink_recover_notify.constprop.0+0xb8/0xc0\n devlink_health_report+0x4a/0x1c0\n mlx5_fw_reporter_err_work+0xa4/0xd0 [mlx5_core]\n process_one_work+0x1bb/0x3c0\n ? process_one_work+0x3c0/0x3c0\n worker_thread+0x4d/0x3c0\n ? process_one_work+0x3c0/0x3c0\n kthread+0xc6/0xf0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35961",
"url": "https://www.suse.com/security/cve/CVE-2024-35961"
},
{
"category": "external",
"summary": "SUSE Bug 1224585 for CVE-2024-35961",
"url": "https://bugzilla.suse.com/1224585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35961"
},
{
"cve": "CVE-2024-35962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: complete validation of user input\n\nIn my recent commit, I missed that do_replace() handlers\nuse copy_from_sockptr() (which I fixed), followed\nby unsafe copy_from_sockptr_offset() calls.\n\nIn all functions, we can perform the @optlen validation\nbefore even calling xt_alloc_table_info() with the following\ncheck:\n\nif ((u64)optlen \u003c (u64)tmp.size + sizeof(tmp))\n return -EINVAL;",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35962",
"url": "https://www.suse.com/security/cve/CVE-2024-35962"
},
{
"category": "external",
"summary": "SUSE Bug 1224583 for CVE-2024-35962",
"url": "https://bugzilla.suse.com/1224583"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35962"
},
{
"cve": "CVE-2024-35963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sock: Fix not validating setsockopt user input\n\nCheck user input length before copying data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35963",
"url": "https://www.suse.com/security/cve/CVE-2024-35963"
},
{
"category": "external",
"summary": "SUSE Bug 1224582 for CVE-2024-35963",
"url": "https://bugzilla.suse.com/1224582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35963"
},
{
"cve": "CVE-2024-35964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix not validating setsockopt user input\n\nCheck user input length before copying data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35964",
"url": "https://www.suse.com/security/cve/CVE-2024-35964"
},
{
"category": "external",
"summary": "SUSE Bug 1224581 for CVE-2024-35964",
"url": "https://bugzilla.suse.com/1224581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35964"
},
{
"cve": "CVE-2024-35965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix not validating setsockopt user input\n\nCheck user input length before copying data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35965",
"url": "https://www.suse.com/security/cve/CVE-2024-35965"
},
{
"category": "external",
"summary": "SUSE Bug 1224579 for CVE-2024-35965",
"url": "https://bugzilla.suse.com/1224579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35965"
},
{
"cve": "CVE-2024-35966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: Fix not validating setsockopt user input\n\nsyzbot reported rfcomm_sock_setsockopt_old() is copying data without\nchecking user input length.\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset\ninclude/linux/sockptr.h:49 [inline]\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr\ninclude/linux/sockptr.h:55 [inline]\nBUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt_old\nnet/bluetooth/rfcomm/sock.c:632 [inline]\nBUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt+0x893/0xa70\nnet/bluetooth/rfcomm/sock.c:673\nRead of size 4 at addr ffff8880209a8bc3 by task syz-executor632/5064",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35966",
"url": "https://www.suse.com/security/cve/CVE-2024-35966"
},
{
"category": "external",
"summary": "SUSE Bug 1224576 for CVE-2024-35966",
"url": "https://bugzilla.suse.com/1224576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35966"
},
{
"cve": "CVE-2024-35967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix not validating setsockopt user input\n\nsyzbot reported sco_sock_setsockopt() is copying data without\nchecking user input length.\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset\ninclude/linux/sockptr.h:49 [inline]\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr\ninclude/linux/sockptr.h:55 [inline]\nBUG: KASAN: slab-out-of-bounds in sco_sock_setsockopt+0xc0b/0xf90\nnet/bluetooth/sco.c:893\nRead of size 4 at addr ffff88805f7b15a3 by task syz-executor.5/12578",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35967",
"url": "https://www.suse.com/security/cve/CVE-2024-35967"
},
{
"category": "external",
"summary": "SUSE Bug 1224587 for CVE-2024-35967",
"url": "https://bugzilla.suse.com/1224587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35967"
},
{
"cve": "CVE-2024-35969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr\n\nAlthough ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it\nstill means hlist_for_each_entry_rcu can return an item that got removed\nfrom the list. The memory itself of such item is not freed thanks to RCU\nbut nothing guarantees the actual content of the memory is sane.\n\nIn particular, the reference count can be zero. This can happen if\nipv6_del_addr is called in parallel. ipv6_del_addr removes the entry\nfrom inet6_addr_lst (hlist_del_init_rcu(\u0026ifp-\u003eaddr_lst)) and drops all\nreferences (__in6_ifa_put(ifp) + in6_ifa_put(ifp)). With bad enough\ntiming, this can happen:\n\n1. In ipv6_get_ifaddr, hlist_for_each_entry_rcu returns an entry.\n\n2. Then, the whole ipv6_del_addr is executed for the given entry. The\n reference count drops to zero and kfree_rcu is scheduled.\n\n3. ipv6_get_ifaddr continues and tries to increments the reference count\n (in6_ifa_hold).\n\n4. The rcu is unlocked and the entry is freed.\n\n5. The freed entry is returned.\n\nPrevent increasing of the reference count in such case. The name\nin6_ifa_hold_safe is chosen to mimic the existing fib6_info_hold_safe.\n\n[ 41.506330] refcount_t: addition on 0; use-after-free.\n[ 41.506760] WARNING: CPU: 0 PID: 595 at lib/refcount.c:25 refcount_warn_saturate+0xa5/0x130\n[ 41.507413] Modules linked in: veth bridge stp llc\n[ 41.507821] CPU: 0 PID: 595 Comm: python3 Not tainted 6.9.0-rc2.main-00208-g49563be82afa #14\n[ 41.508479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n[ 41.509163] RIP: 0010:refcount_warn_saturate+0xa5/0x130\n[ 41.509586] Code: ad ff 90 0f 0b 90 90 c3 cc cc cc cc 80 3d c0 30 ad 01 00 75 a0 c6 05 b7 30 ad 01 01 90 48 c7 c7 38 cc 7a 8c e8 cc 18 ad ff 90 \u003c0f\u003e 0b 90 90 c3 cc cc cc cc 80 3d 98 30 ad 01 00 0f 85 75 ff ff ff\n[ 41.510956] RSP: 0018:ffffbda3c026baf0 EFLAGS: 00010282\n[ 41.511368] RAX: 0000000000000000 RBX: ffff9e9c46914800 RCX: 0000000000000000\n[ 41.511910] RDX: ffff9e9c7ec29c00 RSI: ffff9e9c7ec1c900 RDI: ffff9e9c7ec1c900\n[ 41.512445] RBP: ffff9e9c43660c9c R08: 0000000000009ffb R09: 00000000ffffdfff\n[ 41.512998] R10: 00000000ffffdfff R11: ffffffff8ca58a40 R12: ffff9e9c4339a000\n[ 41.513534] R13: 0000000000000001 R14: ffff9e9c438a0000 R15: ffffbda3c026bb48\n[ 41.514086] FS: 00007fbc4cda1740(0000) GS:ffff9e9c7ec00000(0000) knlGS:0000000000000000\n[ 41.514726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 41.515176] CR2: 000056233b337d88 CR3: 000000000376e006 CR4: 0000000000370ef0\n[ 41.515713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 41.516252] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 41.516799] Call Trace:\n[ 41.517037] \u003cTASK\u003e\n[ 41.517249] ? __warn+0x7b/0x120\n[ 41.517535] ? refcount_warn_saturate+0xa5/0x130\n[ 41.517923] ? report_bug+0x164/0x190\n[ 41.518240] ? handle_bug+0x3d/0x70\n[ 41.518541] ? exc_invalid_op+0x17/0x70\n[ 41.520972] ? asm_exc_invalid_op+0x1a/0x20\n[ 41.521325] ? refcount_warn_saturate+0xa5/0x130\n[ 41.521708] ipv6_get_ifaddr+0xda/0xe0\n[ 41.522035] inet6_rtm_getaddr+0x342/0x3f0\n[ 41.522376] ? __pfx_inet6_rtm_getaddr+0x10/0x10\n[ 41.522758] rtnetlink_rcv_msg+0x334/0x3d0\n[ 41.523102] ? netlink_unicast+0x30f/0x390\n[ 41.523445] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n[ 41.523832] netlink_rcv_skb+0x53/0x100\n[ 41.524157] netlink_unicast+0x23b/0x390\n[ 41.524484] netlink_sendmsg+0x1f2/0x440\n[ 41.524826] __sys_sendto+0x1d8/0x1f0\n[ 41.525145] __x64_sys_sendto+0x1f/0x30\n[ 41.525467] do_syscall_64+0xa5/0x1b0\n[ 41.525794] entry_SYSCALL_64_after_hwframe+0x72/0x7a\n[ 41.526213] RIP: 0033:0x7fbc4cfcea9a\n[ 41.526528] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89\n[ 41.527942] RSP: 002b:00007f\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35969",
"url": "https://www.suse.com/security/cve/CVE-2024-35969"
},
{
"category": "external",
"summary": "SUSE Bug 1224580 for CVE-2024-35969",
"url": "https://bugzilla.suse.com/1224580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Clear stale u-\u003eoob_skb.\n\nsyzkaller started to report deadlock of unix_gc_lock after commit\n4090fa373f0e (\"af_unix: Replace garbage collection algorithm.\"), but\nit just uncovers the bug that has been there since commit 314001f0bf92\n(\"af_unix: Add OOB support\").\n\nThe repro basically does the following.\n\n from socket import *\n from array import array\n\n c1, c2 = socketpair(AF_UNIX, SOCK_STREAM)\n c1.sendmsg([b\u0027a\u0027], [(SOL_SOCKET, SCM_RIGHTS, array(\"i\", [c2.fileno()]))], MSG_OOB)\n c2.recv(1) # blocked as no normal data in recv queue\n\n c2.close() # done async and unblock recv()\n c1.close() # done async and trigger GC\n\nA socket sends its file descriptor to itself as OOB data and tries to\nreceive normal data, but finally recv() fails due to async close().\n\nThe problem here is wrong handling of OOB skb in manage_oob(). When\nrecvmsg() is called without MSG_OOB, manage_oob() is called to check\nif the peeked skb is OOB skb. In such a case, manage_oob() pops it\nout of the receive queue but does not clear unix_sock(sk)-\u003eoob_skb.\nThis is wrong in terms of uAPI.\n\nLet\u0027s say we send \"hello\" with MSG_OOB, and \"world\" without MSG_OOB.\nThe \u0027o\u0027 is handled as OOB data. When recv() is called twice without\nMSG_OOB, the OOB data should be lost.\n\n \u003e\u003e\u003e from socket import *\n \u003e\u003e\u003e c1, c2 = socketpair(AF_UNIX, SOCK_STREAM, 0)\n \u003e\u003e\u003e c1.send(b\u0027hello\u0027, MSG_OOB) # \u0027o\u0027 is OOB data\n 5\n \u003e\u003e\u003e c1.send(b\u0027world\u0027)\n 5\n \u003e\u003e\u003e c2.recv(5) # OOB data is not received\n b\u0027hell\u0027\n \u003e\u003e\u003e c2.recv(5) # OOB date is skipped\n b\u0027world\u0027\n \u003e\u003e\u003e c2.recv(5, MSG_OOB) # This should return an error\n b\u0027o\u0027\n\nIn the same situation, TCP actually returns -EINVAL for the last\nrecv().\n\nAlso, if we do not clear unix_sk(sk)-\u003eoob_skb, unix_poll() always set\nEPOLLPRI even though the data has passed through by previous recv().\n\nTo avoid these issues, we must clear unix_sk(sk)-\u003eoob_skb when dequeuing\nit from recv queue.\n\nThe reason why the old GC did not trigger the deadlock is because the\nold GC relied on the receive queue to detect the loop.\n\nWhen it is triggered, the socket with OOB data is marked as GC candidate\nbecause file refcount == inflight count (1). However, after traversing\nall inflight sockets, the socket still has a positive inflight count (1),\nthus the socket is excluded from candidates. Then, the old GC lose the\nchance to garbage-collect the socket.\n\nWith the old GC, the repro continues to create true garbage that will\nnever be freed nor detected by kmemleak as it\u0027s linked to the global\ninflight list. That\u0027s why we couldn\u0027t even notice the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35970",
"url": "https://www.suse.com/security/cve/CVE-2024-35970"
},
{
"category": "external",
"summary": "SUSE Bug 1224584 for CVE-2024-35970",
"url": "https://bugzilla.suse.com/1224584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35970"
},
{
"cve": "CVE-2024-35971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ks8851: Handle softirqs at the end of IRQ thread to fix hang\n\nThe ks8851_irq() thread may call ks8851_rx_pkts() in case there are\nany packets in the MAC FIFO, which calls netif_rx(). This netif_rx()\nimplementation is guarded by local_bh_disable() and local_bh_enable().\nThe local_bh_enable() may call do_softirq() to run softirqs in case\nany are pending. One of the softirqs is net_rx_action, which ultimately\nreaches the driver .start_xmit callback. If that happens, the system\nhangs. The entire call chain is below:\n\nks8851_start_xmit_par from netdev_start_xmit\nnetdev_start_xmit from dev_hard_start_xmit\ndev_hard_start_xmit from sch_direct_xmit\nsch_direct_xmit from __dev_queue_xmit\n__dev_queue_xmit from __neigh_update\n__neigh_update from neigh_update\nneigh_update from arp_process.constprop.0\narp_process.constprop.0 from __netif_receive_skb_one_core\n__netif_receive_skb_one_core from process_backlog\nprocess_backlog from __napi_poll.constprop.0\n__napi_poll.constprop.0 from net_rx_action\nnet_rx_action from __do_softirq\n__do_softirq from call_with_stack\ncall_with_stack from do_softirq\ndo_softirq from __local_bh_enable_ip\n__local_bh_enable_ip from netif_rx\nnetif_rx from ks8851_irq\nks8851_irq from irq_thread_fn\nirq_thread_fn from irq_thread\nirq_thread from kthread\nkthread from ret_from_fork\n\nThe hang happens because ks8851_irq() first locks a spinlock in\nks8851_par.c ks8851_lock_par() spin_lock_irqsave(\u0026ksp-\u003elock, ...)\nand with that spinlock locked, calls netif_rx(). Once the execution\nreaches ks8851_start_xmit_par(), it calls ks8851_lock_par() again\nwhich attempts to claim the already locked spinlock again, and the\nhang happens.\n\nMove the do_softirq() call outside of the spinlock protected section\nof ks8851_irq() by disabling BHs around the entire spinlock protected\nsection of ks8851_irq() handler. Place local_bh_enable() outside of\nthe spinlock protected section, so that it can trigger do_softirq()\nwithout the ks8851_par.c ks8851_lock_par() spinlock being held, and\nsafely call ks8851_start_xmit_par() without attempting to lock the\nalready locked spinlock.\n\nSince ks8851_irq() is protected by local_bh_disable()/local_bh_enable()\nnow, replace netif_rx() with __netif_rx() which is not duplicating the\nlocal_bh_disable()/local_bh_enable() calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35971",
"url": "https://www.suse.com/security/cve/CVE-2024-35971"
},
{
"category": "external",
"summary": "SUSE Bug 1224578 for CVE-2024-35971",
"url": "https://bugzilla.suse.com/1224578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35971"
},
{
"cve": "CVE-2024-35972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()\n\nIf ulp = kzalloc() fails, the allocated edev will leak because it is\nnot properly assigned and the cleanup path will not be able to free it.\nFix it by assigning it properly immediately after allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35972",
"url": "https://www.suse.com/security/cve/CVE-2024-35972"
},
{
"category": "external",
"summary": "SUSE Bug 1224577 for CVE-2024-35972",
"url": "https://bugzilla.suse.com/1224577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35972"
},
{
"cve": "CVE-2024-35973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: fix header validation in geneve[6]_xmit_skb\n\nsyzbot is able to trigger an uninit-value in geneve_xmit() [1]\n\nProblem : While most ip tunnel helpers (like ip_tunnel_get_dsfield())\nuses skb_protocol(skb, true), pskb_inet_may_pull() is only using\nskb-\u003eprotocol.\n\nIf anything else than ETH_P_IPV6 or ETH_P_IP is found in skb-\u003eprotocol,\npskb_inet_may_pull() does nothing at all.\n\nIf a vlan tag was provided by the caller (af_packet in the syzbot case),\nthe network header might not point to the correct location, and skb\nlinear part could be smaller than expected.\n\nAdd skb_vlan_inet_prepare() to perform a complete mac validation.\n\nUse this in geneve for the moment, I suspect we need to adopt this\nmore broadly.\n\nv4 - Jakub reported v3 broke l2_tos_ttl_inherit.sh selftest\n - Only call __vlan_get_protocol() for vlan types.\n\nv2,v3 - Addressed Sabrina comments on v1 and v2\n\n[1]\n\nBUG: KMSAN: uninit-value in geneve_xmit_skb drivers/net/geneve.c:910 [inline]\n BUG: KMSAN: uninit-value in geneve_xmit+0x302d/0x5420 drivers/net/geneve.c:1030\n geneve_xmit_skb drivers/net/geneve.c:910 [inline]\n geneve_xmit+0x302d/0x5420 drivers/net/geneve.c:1030\n __netdev_start_xmit include/linux/netdevice.h:4903 [inline]\n netdev_start_xmit include/linux/netdevice.h:4917 [inline]\n xmit_one net/core/dev.c:3531 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3547\n __dev_queue_xmit+0x348d/0x52c0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8bb0/0x9ef0 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n __sys_sendto+0x685/0x830 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1d0 net/socket.c:2199\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3804 [inline]\n slab_alloc_node mm/slub.c:3845 [inline]\n kmem_cache_alloc_node+0x613/0xc50 mm/slub.c:3888\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:577\n __alloc_skb+0x35b/0x7a0 net/core/skbuff.c:668\n alloc_skb include/linux/skbuff.h:1318 [inline]\n alloc_skb_with_frags+0xc8/0xbf0 net/core/skbuff.c:6504\n sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2795\n packet_alloc_skb net/packet/af_packet.c:2930 [inline]\n packet_snd net/packet/af_packet.c:3024 [inline]\n packet_sendmsg+0x722d/0x9ef0 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n __sys_sendto+0x685/0x830 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1d0 net/socket.c:2199\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nCPU: 0 PID: 5033 Comm: syz-executor346 Not tainted 6.9.0-rc1-syzkaller-00005-g928a87efa423 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35973",
"url": "https://www.suse.com/security/cve/CVE-2024-35973"
},
{
"category": "external",
"summary": "SUSE Bug 1224586 for CVE-2024-35973",
"url": "https://bugzilla.suse.com/1224586"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35973"
},
{
"cve": "CVE-2024-35974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix q-\u003eblkg_list corruption during disk rebind\n\nMultiple gendisk instances can allocated/added for single request queue\nin case of disk rebind. blkg may still stay in q-\u003eblkg_list when calling\nblkcg_init_disk() for rebind, then q-\u003eblkg_list becomes corrupted.\n\nFix the list corruption issue by:\n\n- add blkg_init_queue() to initialize q-\u003eblkg_list \u0026 q-\u003eblkcg_mutex only\n- move calling blkg_init_queue() into blk_alloc_queue()\n\nThe list corruption should be started since commit f1c006f1c685 (\"blk-cgroup:\nsynchronize pd_free_fn() from blkg_free_workfn() and blkcg_deactivate_policy()\")\nwhich delays removing blkg from q-\u003eblkg_list into blkg_free_workfn().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35974",
"url": "https://www.suse.com/security/cve/CVE-2024-35974"
},
{
"category": "external",
"summary": "SUSE Bug 1224573 for CVE-2024-35974",
"url": "https://bugzilla.suse.com/1224573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35974"
},
{
"cve": "CVE-2024-35975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: Fix transmit scheduler resource leak\n\nInorder to support shaping and scheduling, Upon class creation\nNetdev driver allocates trasmit schedulers.\n\nThe previous patch which added support for Round robin scheduling has\na bug due to which driver is not freeing transmit schedulers post\nclass deletion.\n\nThis patch fixes the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35975",
"url": "https://www.suse.com/security/cve/CVE-2024-35975"
},
{
"category": "external",
"summary": "SUSE Bug 1224569 for CVE-2024-35975",
"url": "https://bugzilla.suse.com/1224569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35975"
},
{
"cve": "CVE-2024-35976",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35976"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: validate user input for XDP_{UMEM|COMPLETION}_FILL_RING\n\nsyzbot reported an illegal copy in xsk_setsockopt() [1]\n\nMake sure to validate setsockopt() @optlen parameter.\n\n[1]\n\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420\nRead of size 4 at addr ffff888028c6cde3 by task syz-executor.0/7549\n\nCPU: 0 PID: 7549 Comm: syz-executor.0 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n xsk_setsockopt+0x909/0xa40 net/xdp/xsk.c:1420\n do_sock_setsockopt+0x3af/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\nRIP: 0033:0x7fb40587de69\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fb40665a0c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 00007fb4059abf80 RCX: 00007fb40587de69\nRDX: 0000000000000005 RSI: 000000000000011b RDI: 0000000000000006\nRBP: 00007fb4058ca47a R08: 0000000000000002 R09: 0000000000000000\nR10: 0000000020001980 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007fb4059abf80 R15: 00007fff57ee4d08\n \u003c/TASK\u003e\n\nAllocated by task 7549:\n kasan_save_stack mm/kasan/common.c:47 [inline]\n kasan_save_track+0x3f/0x80 mm/kasan/common.c:68\n poison_kmalloc_redzone mm/kasan/common.c:370 [inline]\n __kasan_kmalloc+0x98/0xb0 mm/kasan/common.c:387\n kasan_kmalloc include/linux/kasan.h:211 [inline]\n __do_kmalloc_node mm/slub.c:3966 [inline]\n __kmalloc+0x233/0x4a0 mm/slub.c:3979\n kmalloc include/linux/slab.h:632 [inline]\n __cgroup_bpf_run_filter_setsockopt+0xd2f/0x1040 kernel/bpf/cgroup.c:1869\n do_sock_setsockopt+0x6b4/0x720 net/socket.c:2293\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfb/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nThe buggy address belongs to the object at ffff888028c6cde0\n which belongs to the cache kmalloc-8 of size 8\nThe buggy address is located 1 bytes to the right of\n allocated 2-byte region [ffff888028c6cde0, ffff888028c6cde2)\n\nThe buggy address belongs to the physical page:\npage:ffffea0000a31b00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888028c6c9c0 pfn:0x28c6c\nanon flags: 0xfff00000000800(slab|node=0|zone=1|lastcpupid=0x7ff)\npage_type: 0xffffffff()\nraw: 00fff00000000800 ffff888014c41280 0000000000000000 dead000000000001\nraw: ffff888028c6c9c0 0000000080800057 00000001ffffffff 0000000000000000\npage dumped because: kasan: bad access detected\npage_owner tracks the page as allocated\npage last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 6648, tgid 6644 (syz-executor.0), ts 133906047828, free_ts 133859922223\n set_page_owner include/linux/page_owner.h:31 [inline]\n post_alloc_hook+0x1ea/0x210 mm/page_alloc.c:1533\n prep_new_page mm/page_alloc.c:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35976",
"url": "https://www.suse.com/security/cve/CVE-2024-35976"
},
{
"category": "external",
"summary": "SUSE Bug 1224575 for CVE-2024-35976",
"url": "https://bugzilla.suse.com/1224575"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35976"
},
{
"cve": "CVE-2024-35977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/chrome: cros_ec_uart: properly fix race condition\n\nThe cros_ec_uart_probe() function calls devm_serdev_device_open() before\nit calls serdev_device_set_client_ops(). This can trigger a NULL pointer\ndereference:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n ? ttyport_receive_buf\n\nA simplified version of crashing code is as follows:\n\n static inline size_t serdev_controller_receive_buf(struct serdev_controller *ctrl,\n const u8 *data,\n size_t count)\n {\n struct serdev_device *serdev = ctrl-\u003eserdev;\n\n if (!serdev || !serdev-\u003eops-\u003ereceive_buf) // CRASH!\n return 0;\n\n return serdev-\u003eops-\u003ereceive_buf(serdev, data, count);\n }\n\nIt assumes that if SERPORT_ACTIVE is set and serdev exists, serdev-\u003eops\nwill also exist. This conflicts with the existing cros_ec_uart_probe()\nlogic, as it first calls devm_serdev_device_open() (which sets\nSERPORT_ACTIVE), and only later sets serdev-\u003eops via\nserdev_device_set_client_ops().\n\nCommit 01f95d42b8f4 (\"platform/chrome: cros_ec_uart: fix race\ncondition\") attempted to fix a similar race condition, but while doing\nso, made the window of error for this race condition to happen much\nwider.\n\nAttempt to fix the race condition again, making sure we fully setup\nbefore calling devm_serdev_device_open().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35977",
"url": "https://www.suse.com/security/cve/CVE-2024-35977"
},
{
"category": "external",
"summary": "SUSE Bug 1224568 for CVE-2024-35977",
"url": "https://bugzilla.suse.com/1224568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35977"
},
{
"cve": "CVE-2024-35978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix memory leak in hci_req_sync_complete()\n\nIn \u0027hci_req_sync_complete()\u0027, always free the previous sync\nrequest state before assigning reference to a new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35978",
"url": "https://www.suse.com/security/cve/CVE-2024-35978"
},
{
"category": "external",
"summary": "SUSE Bug 1224571 for CVE-2024-35978",
"url": "https://bugzilla.suse.com/1224571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35978"
},
{
"cve": "CVE-2024-35979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nraid1: fix use-after-free for original bio in raid1_write_request()\n\nr1_bio-\u003ebios[] is used to record new bios that will be issued to\nunderlying disks, however, in raid1_write_request(), r1_bio-\u003ebios[]\nwill set to the original bio temporarily. Meanwhile, if blocked rdev\nis set, free_r1bio() will be called causing that all r1_bio-\u003ebios[]\nto be freed:\n\nraid1_write_request()\n r1_bio = alloc_r1bio(mddev, bio); -\u003e r1_bio-\u003ebios[] is NULL\n for (i = 0; i \u003c disks; i++) -\u003e for each rdev in conf\n // first rdev is normal\n r1_bio-\u003ebios[0] = bio; -\u003e set to original bio\n // second rdev is blocked\n if (test_bit(Blocked, \u0026rdev-\u003eflags))\n break\n\n if (blocked_rdev)\n free_r1bio()\n put_all_bios()\n bio_put(r1_bio-\u003ebios[0]) -\u003e original bio is freed\n\nTest scripts:\n\nmdadm -CR /dev/md0 -l1 -n4 /dev/sd[abcd] --assume-clean\nfio -filename=/dev/md0 -ioengine=libaio -rw=write -bs=4k -numjobs=1 \\\n -iodepth=128 -name=test -direct=1\necho blocked \u003e /sys/block/md0/md/rd2/state\n\nTest result:\n\nBUG bio-264 (Not tainted): Object already free\n-----------------------------------------------------------------------------\n\nAllocated in mempool_alloc_slab+0x24/0x50 age=1 cpu=1 pid=869\n kmem_cache_alloc+0x324/0x480\n mempool_alloc_slab+0x24/0x50\n mempool_alloc+0x6e/0x220\n bio_alloc_bioset+0x1af/0x4d0\n blkdev_direct_IO+0x164/0x8a0\n blkdev_write_iter+0x309/0x440\n aio_write+0x139/0x2f0\n io_submit_one+0x5ca/0xb70\n __do_sys_io_submit+0x86/0x270\n __x64_sys_io_submit+0x22/0x30\n do_syscall_64+0xb1/0x210\n entry_SYSCALL_64_after_hwframe+0x6c/0x74\nFreed in mempool_free_slab+0x1f/0x30 age=1 cpu=1 pid=869\n kmem_cache_free+0x28c/0x550\n mempool_free_slab+0x1f/0x30\n mempool_free+0x40/0x100\n bio_free+0x59/0x80\n bio_put+0xf0/0x220\n free_r1bio+0x74/0xb0\n raid1_make_request+0xadf/0x1150\n md_handle_request+0xc7/0x3b0\n md_submit_bio+0x76/0x130\n __submit_bio+0xd8/0x1d0\n submit_bio_noacct_nocheck+0x1eb/0x5c0\n submit_bio_noacct+0x169/0xd40\n submit_bio+0xee/0x1d0\n blkdev_direct_IO+0x322/0x8a0\n blkdev_write_iter+0x309/0x440\n aio_write+0x139/0x2f0\n\nSince that bios for underlying disks are not allocated yet, fix this\nproblem by using mempool_free() directly to free the r1_bio.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35979",
"url": "https://www.suse.com/security/cve/CVE-2024-35979"
},
{
"category": "external",
"summary": "SUSE Bug 1224572 for CVE-2024-35979",
"url": "https://bugzilla.suse.com/1224572"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35979"
},
{
"cve": "CVE-2024-35981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Do not send RSS key if it is not supported\n\nThere is a bug when setting the RSS options in virtio_net that can break\nthe whole machine, getting the kernel into an infinite loop.\n\nRunning the following command in any QEMU virtual machine with virtionet\nwill reproduce this problem:\n\n # ethtool -X eth0 hfunc toeplitz\n\nThis is how the problem happens:\n\n1) ethtool_set_rxfh() calls virtnet_set_rxfh()\n\n2) virtnet_set_rxfh() calls virtnet_commit_rss_command()\n\n3) virtnet_commit_rss_command() populates 4 entries for the rss\nscatter-gather\n\n4) Since the command above does not have a key, then the last\nscatter-gatter entry will be zeroed, since rss_key_size == 0.\nsg_buf_size = vi-\u003erss_key_size;\n\n5) This buffer is passed to qemu, but qemu is not happy with a buffer\nwith zero length, and do the following in virtqueue_map_desc() (QEMU\nfunction):\n\n if (!sz) {\n virtio_error(vdev, \"virtio: zero sized buffers are not allowed\");\n\n6) virtio_error() (also QEMU function) set the device as broken\n\n vdev-\u003ebroken = true;\n\n7) Qemu bails out, and do not repond this crazy kernel.\n\n8) The kernel is waiting for the response to come back (function\nvirtnet_send_command())\n\n9) The kernel is waiting doing the following :\n\n while (!virtqueue_get_buf(vi-\u003ecvq, \u0026tmp) \u0026\u0026\n\t !virtqueue_is_broken(vi-\u003ecvq))\n\t cpu_relax();\n\n10) None of the following functions above is true, thus, the kernel\nloops here forever. Keeping in mind that virtqueue_is_broken() does\nnot look at the qemu `vdev-\u003ebroken`, so, it never realizes that the\nvitio is broken at QEMU side.\n\nFix it by not sending RSS commands if the feature is not available in\nthe device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35981",
"url": "https://www.suse.com/security/cve/CVE-2024-35981"
},
{
"category": "external",
"summary": "SUSE Bug 1224565 for CVE-2024-35981",
"url": "https://bugzilla.suse.com/1224565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35981"
},
{
"cve": "CVE-2024-35982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Avoid infinite loop trying to resize local TT\n\nIf the MTU of one of an attached interface becomes too small to transmit\nthe local translation table then it must be resized to fit inside all\nfragments (when enabled) or a single packet.\n\nBut if the MTU becomes too low to transmit even the header + the VLAN\nspecific part then the resizing of the local TT will never succeed. This\ncan for example happen when the usable space is 110 bytes and 11 VLANs are\non top of batman-adv. In this case, at least 116 byte would be needed.\nThere will just be an endless spam of\n\n batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110)\n\nin the log but the function will never finish. Problem here is that the\ntimeout will be halved all the time and will then stagnate at 0 and\ntherefore never be able to reduce the table even more.\n\nThere are other scenarios possible with a similar result. The number of\nBATADV_TT_CLIENT_NOPURGE entries in the local TT can for example be too\nhigh to fit inside a packet. Such a scenario can therefore happen also with\nonly a single VLAN + 7 non-purgable addresses - requiring at least 120\nbytes.\n\nWhile this should be handled proactively when:\n\n* interface with too low MTU is added\n* VLAN is added\n* non-purgeable local mac is added\n* MTU of an attached interface is reduced\n* fragmentation setting gets disabled (which most likely requires dropping\n attached interfaces)\n\nnot all of these scenarios can be prevented because batman-adv is only\nconsuming events without the the possibility to prevent these actions\n(non-purgable MAC address added, MTU of an attached interface is reduced).\nIt is therefore necessary to also make sure that the code is able to handle\nalso the situations when there were already incompatible system\nconfiguration are present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35982",
"url": "https://www.suse.com/security/cve/CVE-2024-35982"
},
{
"category": "external",
"summary": "SUSE Bug 1224566 for CVE-2024-35982",
"url": "https://bugzilla.suse.com/1224566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-35984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: smbus: fix NULL function pointer dereference\n\nBaruch reported an OOPS when using the designware controller as target\nonly. Target-only modes break the assumption of one transfer function\nalways being available. Fix this by always checking the pointer in\n__i2c_transfer.\n\n[wsa: dropped the simplification in core-smbus to avoid theoretical regressions]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35984",
"url": "https://www.suse.com/security/cve/CVE-2024-35984"
},
{
"category": "external",
"summary": "SUSE Bug 1224567 for CVE-2024-35984",
"url": "https://bugzilla.suse.com/1224567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35984"
},
{
"cve": "CVE-2024-35986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered\n\nThe power_supply frame-work is not really designed for there to be\nlong living in kernel references to power_supply devices.\n\nSpecifically unregistering a power_supply while some other code has\na reference to it triggers a WARN in power_supply_unregister():\n\n\tWARN_ON(atomic_dec_return(\u0026psy-\u003euse_cnt));\n\nFolllowed by the power_supply still getting removed and the\nbacking data freed anyway, leaving the tusb1210 charger-detect code\nwith a dangling reference, resulting in a crash the next time\ntusb1210_get_online() is called.\n\nFix this by only holding the reference in tusb1210_get_online()\nfreeing it at the end of the function. Note this still leaves\na theoretical race window, but it avoids the issue when manually\nrmmod-ing the charger chip driver during development.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35986",
"url": "https://www.suse.com/security/cve/CVE-2024-35986"
},
{
"category": "external",
"summary": "SUSE Bug 1224562 for CVE-2024-35986",
"url": "https://bugzilla.suse.com/1224562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35986"
},
{
"cve": "CVE-2024-35989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix oops during rmmod on single-CPU platforms\n\nDuring the removal of the idxd driver, registered offline callback is\ninvoked as part of the clean up process. However, on systems with only\none CPU online, no valid target is available to migrate the\nperf context, resulting in a kernel oops:\n\n BUG: unable to handle page fault for address: 000000000002a2b8\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 1470e1067 P4D 0\n Oops: 0002 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 20 Comm: cpuhp/0 Not tainted 6.8.0-rc6-dsa+ #57\n Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.86B.2492.D03.2307181620 07/18/2023\n RIP: 0010:mutex_lock+0x2e/0x50\n ...\n Call Trace:\n \u003cTASK\u003e\n __die+0x24/0x70\n page_fault_oops+0x82/0x160\n do_user_addr_fault+0x65/0x6b0\n __pfx___rdmsr_safe_on_cpu+0x10/0x10\n exc_page_fault+0x7d/0x170\n asm_exc_page_fault+0x26/0x30\n mutex_lock+0x2e/0x50\n mutex_lock+0x1e/0x50\n perf_pmu_migrate_context+0x87/0x1f0\n perf_event_cpu_offline+0x76/0x90 [idxd]\n cpuhp_invoke_callback+0xa2/0x4f0\n __pfx_perf_event_cpu_offline+0x10/0x10 [idxd]\n cpuhp_thread_fun+0x98/0x150\n smpboot_thread_fn+0x27/0x260\n smpboot_thread_fn+0x1af/0x260\n __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x103/0x140\n __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003cTASK\u003e\n\nFix the issue by preventing the migration of the perf context to an\ninvalid target.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35989",
"url": "https://www.suse.com/security/cve/CVE-2024-35989"
},
{
"category": "external",
"summary": "SUSE Bug 1224558 for CVE-2024-35989",
"url": "https://bugzilla.suse.com/1224558"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35989"
},
{
"cve": "CVE-2024-35990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma: xilinx_dpdma: Fix locking\n\nThere are several places where either chan-\u003elock or chan-\u003evchan.lock was\nnot held. Add appropriate locking. This fixes lockdep warnings like\n\n[ 31.077578] ------------[ cut here ]------------\n[ 31.077831] WARNING: CPU: 2 PID: 40 at drivers/dma/xilinx/xilinx_dpdma.c:834 xilinx_dpdma_chan_queue_transfer+0x274/0x5e0\n[ 31.077953] Modules linked in:\n[ 31.078019] CPU: 2 PID: 40 Comm: kworker/u12:1 Not tainted 6.6.20+ #98\n[ 31.078102] Hardware name: xlnx,zynqmp (DT)\n[ 31.078169] Workqueue: events_unbound deferred_probe_work_func\n[ 31.078272] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 31.078377] pc : xilinx_dpdma_chan_queue_transfer+0x274/0x5e0\n[ 31.078473] lr : xilinx_dpdma_chan_queue_transfer+0x270/0x5e0\n[ 31.078550] sp : ffffffc083bb2e10\n[ 31.078590] x29: ffffffc083bb2e10 x28: 0000000000000000 x27: ffffff880165a168\n[ 31.078754] x26: ffffff880164e920 x25: ffffff880164eab8 x24: ffffff880164d480\n[ 31.078920] x23: ffffff880165a148 x22: ffffff880164e988 x21: 0000000000000000\n[ 31.079132] x20: ffffffc082aa3000 x19: ffffff880164e880 x18: 0000000000000000\n[ 31.079295] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n[ 31.079453] x14: 0000000000000000 x13: ffffff8802263dc0 x12: 0000000000000001\n[ 31.079613] x11: 0001ffc083bb2e34 x10: 0001ff880164e98f x9 : 0001ffc082aa3def\n[ 31.079824] x8 : 0001ffc082aa3dec x7 : 0000000000000000 x6 : 0000000000000516\n[ 31.079982] x5 : ffffffc7f8d43000 x4 : ffffff88003c9c40 x3 : ffffffffffffffff\n[ 31.080147] x2 : ffffffc7f8d43000 x1 : 00000000000000c0 x0 : 0000000000000000\n[ 31.080307] Call trace:\n[ 31.080340] xilinx_dpdma_chan_queue_transfer+0x274/0x5e0\n[ 31.080518] xilinx_dpdma_issue_pending+0x11c/0x120\n[ 31.080595] zynqmp_disp_layer_update+0x180/0x3ac\n[ 31.080712] zynqmp_dpsub_plane_atomic_update+0x11c/0x21c\n[ 31.080825] drm_atomic_helper_commit_planes+0x20c/0x684\n[ 31.080951] drm_atomic_helper_commit_tail+0x5c/0xb0\n[ 31.081139] commit_tail+0x234/0x294\n[ 31.081246] drm_atomic_helper_commit+0x1f8/0x210\n[ 31.081363] drm_atomic_commit+0x100/0x140\n[ 31.081477] drm_client_modeset_commit_atomic+0x318/0x384\n[ 31.081634] drm_client_modeset_commit_locked+0x8c/0x24c\n[ 31.081725] drm_client_modeset_commit+0x34/0x5c\n[ 31.081812] __drm_fb_helper_restore_fbdev_mode_unlocked+0x104/0x168\n[ 31.081899] drm_fb_helper_set_par+0x50/0x70\n[ 31.081971] fbcon_init+0x538/0xc48\n[ 31.082047] visual_init+0x16c/0x23c\n[ 31.082207] do_bind_con_driver.isra.0+0x2d0/0x634\n[ 31.082320] do_take_over_console+0x24c/0x33c\n[ 31.082429] do_fbcon_takeover+0xbc/0x1b0\n[ 31.082503] fbcon_fb_registered+0x2d0/0x34c\n[ 31.082663] register_framebuffer+0x27c/0x38c\n[ 31.082767] __drm_fb_helper_initial_config_and_unlock+0x5c0/0x91c\n[ 31.082939] drm_fb_helper_initial_config+0x50/0x74\n[ 31.083012] drm_fbdev_dma_client_hotplug+0xb8/0x108\n[ 31.083115] drm_client_register+0xa0/0xf4\n[ 31.083195] drm_fbdev_dma_setup+0xb0/0x1cc\n[ 31.083293] zynqmp_dpsub_drm_init+0x45c/0x4e0\n[ 31.083431] zynqmp_dpsub_probe+0x444/0x5e0\n[ 31.083616] platform_probe+0x8c/0x13c\n[ 31.083713] really_probe+0x258/0x59c\n[ 31.083793] __driver_probe_device+0xc4/0x224\n[ 31.083878] driver_probe_device+0x70/0x1c0\n[ 31.083961] __device_attach_driver+0x108/0x1e0\n[ 31.084052] bus_for_each_drv+0x9c/0x100\n[ 31.084125] __device_attach+0x100/0x298\n[ 31.084207] device_initial_probe+0x14/0x20\n[ 31.084292] bus_probe_device+0xd8/0xdc\n[ 31.084368] deferred_probe_work_func+0x11c/0x180\n[ 31.084451] process_one_work+0x3ac/0x988\n[ 31.084643] worker_thread+0x398/0x694\n[ 31.084752] kthread+0x1bc/0x1c0\n[ 31.084848] ret_from_fork+0x10/0x20\n[ 31.084932] irq event stamp: 64549\n[ 31.084970] hardirqs last enabled at (64548): [\u003cffffffc081adf35c\u003e] _raw_spin_unlock_irqrestore+0x80/0x90\n[ 31.085157]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35990",
"url": "https://www.suse.com/security/cve/CVE-2024-35990"
},
{
"category": "external",
"summary": "SUSE Bug 1224559 for CVE-2024-35990",
"url": "https://bugzilla.suse.com/1224559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35990"
},
{
"cve": "CVE-2024-35991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Convert spinlock to mutex to lock evl workqueue\n\ndrain_workqueue() cannot be called safely in a spinlocked context due to\npossible task rescheduling. In the multi-task scenario, calling\nqueue_work() while drain_workqueue() will lead to a Call Trace as\npushing a work on a draining workqueue is not permitted in spinlocked\ncontext.\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x7d/0x140\n ? __queue_work+0x2b2/0x440\n ? report_bug+0x1f8/0x200\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __queue_work+0x2b2/0x440\n queue_work_on+0x28/0x30\n idxd_misc_thread+0x303/0x5a0 [idxd]\n ? __schedule+0x369/0xb40\n ? __pfx_irq_thread_fn+0x10/0x10\n ? irq_thread+0xbc/0x1b0\n irq_thread_fn+0x21/0x70\n irq_thread+0x102/0x1b0\n ? preempt_count_add+0x74/0xa0\n ? __pfx_irq_thread_dtor+0x10/0x10\n ? __pfx_irq_thread+0x10/0x10\n kthread+0x103/0x140\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nThe current implementation uses a spinlock to protect event log workqueue\nand will lead to the Call Trace due to potential task rescheduling.\n\nTo address the locking issue, convert the spinlock to mutex, allowing\nthe drain_workqueue() to be called in a safe mutex-locked context.\n\nThis change ensures proper synchronization when accessing the event log\nworkqueue, preventing potential Call Trace and improving the overall\nrobustness of the code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35991",
"url": "https://www.suse.com/security/cve/CVE-2024-35991"
},
{
"category": "external",
"summary": "SUSE Bug 1224553 for CVE-2024-35991",
"url": "https://bugzilla.suse.com/1224553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35991"
},
{
"cve": "CVE-2024-35992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: marvell: a3700-comphy: Fix out of bounds read\n\nThere is an out of bounds read access of \u0027gbe_phy_init_fix[fix_idx].addr\u0027\nevery iteration after \u0027fix_idx\u0027 reaches \u0027ARRAY_SIZE(gbe_phy_init_fix)\u0027.\n\nMake sure \u0027gbe_phy_init[addr]\u0027 is used when all elements of\n\u0027gbe_phy_init_fix\u0027 array are handled.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35992",
"url": "https://www.suse.com/security/cve/CVE-2024-35992"
},
{
"category": "external",
"summary": "SUSE Bug 1224555 for CVE-2024-35992",
"url": "https://bugzilla.suse.com/1224555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35992"
},
{
"cve": "CVE-2024-35995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Use access_width over bit_width for system memory accesses\n\nTo align with ACPI 6.3+, since bit_width can be any 8-bit value, it\ncannot be depended on to be always on a clean 8b boundary. This was\nuncovered on the Cobalt 100 platform.\n\nSError Interrupt on CPU26, code 0xbe000011 -- SError\n CPU: 26 PID: 1510 Comm: systemd-udevd Not tainted 5.15.2.1-13 #1\n Hardware name: MICROSOFT CORPORATION, BIOS MICROSOFT CORPORATION\n pstate: 62400009 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)\n pc : cppc_get_perf_caps+0xec/0x410\n lr : cppc_get_perf_caps+0xe8/0x410\n sp : ffff8000155ab730\n x29: ffff8000155ab730 x28: ffff0080139d0038 x27: ffff0080139d0078\n x26: 0000000000000000 x25: ffff0080139d0058 x24: 00000000ffffffff\n x23: ffff0080139d0298 x22: ffff0080139d0278 x21: 0000000000000000\n x20: ffff00802b251910 x19: ffff0080139d0000 x18: ffffffffffffffff\n x17: 0000000000000000 x16: ffffdc7e111bad04 x15: ffff00802b251008\n x14: ffffffffffffffff x13: ffff013f1fd63300 x12: 0000000000000006\n x11: ffffdc7e128f4420 x10: 0000000000000000 x9 : ffffdc7e111badec\n x8 : ffff00802b251980 x7 : 0000000000000000 x6 : ffff0080139d0028\n x5 : 0000000000000000 x4 : ffff0080139d0018 x3 : 00000000ffffffff\n x2 : 0000000000000008 x1 : ffff8000155ab7a0 x0 : 0000000000000000\n Kernel panic - not syncing: Asynchronous SError Interrupt\n CPU: 26 PID: 1510 Comm: systemd-udevd Not tainted\n5.15.2.1-13 #1\n Hardware name: MICROSOFT CORPORATION, BIOS MICROSOFT CORPORATION\n Call trace:\n dump_backtrace+0x0/0x1e0\n show_stack+0x24/0x30\n dump_stack_lvl+0x8c/0xb8\n dump_stack+0x18/0x34\n panic+0x16c/0x384\n add_taint+0x0/0xc0\n arm64_serror_panic+0x7c/0x90\n arm64_is_fatal_ras_serror+0x34/0xa4\n do_serror+0x50/0x6c\n el1h_64_error_handler+0x40/0x74\n el1h_64_error+0x7c/0x80\n cppc_get_perf_caps+0xec/0x410\n cppc_cpufreq_cpu_init+0x74/0x400 [cppc_cpufreq]\n cpufreq_online+0x2dc/0xa30\n cpufreq_add_dev+0xc0/0xd4\n subsys_interface_register+0x134/0x14c\n cpufreq_register_driver+0x1b0/0x354\n cppc_cpufreq_init+0x1a8/0x1000 [cppc_cpufreq]\n do_one_initcall+0x50/0x250\n do_init_module+0x60/0x27c\n load_module+0x2300/0x2570\n __do_sys_finit_module+0xa8/0x114\n __arm64_sys_finit_module+0x2c/0x3c\n invoke_syscall+0x78/0x100\n el0_svc_common.constprop.0+0x180/0x1a0\n do_el0_svc+0x84/0xa0\n el0_svc+0x2c/0xc0\n el0t_64_sync_handler+0xa4/0x12c\n el0t_64_sync+0x1a4/0x1a8\n\nInstead, use access_width to determine the size and use the offset and\nwidth to shift and mask the bits to read/write out. Make sure to add a\ncheck for system memory since pcc redefines the access_width to\nsubspace id.\n\nIf access_width is not set, then fall back to using bit_width.\n\n[ rjw: Subject and changelog edits, comment adjustments ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35995",
"url": "https://www.suse.com/security/cve/CVE-2024-35995"
},
{
"category": "external",
"summary": "SUSE Bug 1224557 for CVE-2024-35995",
"url": "https://bugzilla.suse.com/1224557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35995"
},
{
"cve": "CVE-2024-35997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35997",
"url": "https://www.suse.com/security/cve/CVE-2024-35997"
},
{
"category": "external",
"summary": "SUSE Bug 1224552 for CVE-2024-35997",
"url": "https://bugzilla.suse.com/1224552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35997"
},
{
"cve": "CVE-2024-35998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: fix lock ordering potential deadlock in cifs_sync_mid_result\n\nCoverity spotted that the cifs_sync_mid_result function could deadlock\n\n\"Thread deadlock (ORDER_REVERSAL) lock_order: Calling spin_lock acquires\nlock TCP_Server_Info.srv_lock while holding lock TCP_Server_Info.mid_lock\"\n\nAddresses-Coverity: 1590401 (\"Thread deadlock (ORDER_REVERSAL)\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35998",
"url": "https://www.suse.com/security/cve/CVE-2024-35998"
},
{
"category": "external",
"summary": "SUSE Bug 1224549 for CVE-2024-35998",
"url": "https://bugzilla.suse.com/1224549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35998"
},
{
"cve": "CVE-2024-35999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: missing lock when picking channel\n\nCoverity spotted a place where we should have been holding the\nchannel lock when accessing the ses channel index.\n\nAddresses-Coverity: 1582039 (\"Data race condition (MISSING_LOCK)\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35999",
"url": "https://www.suse.com/security/cve/CVE-2024-35999"
},
{
"category": "external",
"summary": "SUSE Bug 1224550 for CVE-2024-35999",
"url": "https://bugzilla.suse.com/1224550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-35999"
},
{
"cve": "CVE-2024-36002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix dpll_pin_on_pin_register() for multiple parent pins\n\nIn scenario where pin is registered with multiple parent pins via\ndpll_pin_on_pin_register(..), all belonging to the same dpll device.\nA second call to dpll_pin_on_pin_unregister(..) would cause a call trace,\nas it tries to use already released registration resources (due to fix\nintroduced in b446631f355e). In this scenario pin was registered twice,\nso resources are not yet expected to be release until each registered\npin/pin pair is unregistered.\n\nCurrently, the following crash/call trace is produced when ice driver is\nremoved on the system with installed E810T NIC which includes dpll device:\n\nWARNING: CPU: 51 PID: 9155 at drivers/dpll/dpll_core.c:809 dpll_pin_ops+0x20/0x30\nRIP: 0010:dpll_pin_ops+0x20/0x30\nCall Trace:\n ? __warn+0x7f/0x130\n ? dpll_pin_ops+0x20/0x30\n dpll_msg_add_pin_freq+0x37/0x1d0\n dpll_cmd_pin_get_one+0x1c0/0x400\n ? __nlmsg_put+0x63/0x80\n dpll_pin_event_send+0x93/0x140\n dpll_pin_on_pin_unregister+0x3f/0x100\n ice_dpll_deinit_pins+0xa1/0x230 [ice]\n ice_remove+0xf1/0x210 [ice]\n\nFix by adding a parent pointer as a cookie when creating a registration,\nalso when searching for it. For the regular pins pass NULL, this allows to\ncreate separated registration for each parent the pin is registered with.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36002",
"url": "https://www.suse.com/security/cve/CVE-2024-36002"
},
{
"category": "external",
"summary": "SUSE Bug 1224546 for CVE-2024-36002",
"url": "https://bugzilla.suse.com/1224546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36002"
},
{
"cve": "CVE-2024-36003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix LAG and VF lock dependency in ice_reset_vf()\n\n9f74a3dfcf83 (\"ice: Fix VF Reset paths when interface in a failed over\naggregate\"), the ice driver has acquired the LAG mutex in ice_reset_vf().\nThe commit placed this lock acquisition just prior to the acquisition of\nthe VF configuration lock.\n\nIf ice_reset_vf() acquires the configuration lock via the ICE_VF_RESET_LOCK\nflag, this could deadlock with ice_vc_cfg_qs_msg() because it always\nacquires the locks in the order of the VF configuration lock and then the\nLAG mutex.\n\nLockdep reports this violation almost immediately on creating and then\nremoving 2 VF:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.8.0-rc6 #54 Tainted: G W O\n------------------------------------------------------\nkworker/60:3/6771 is trying to acquire lock:\nff40d43e099380a0 (\u0026vf-\u003ecfg_lock){+.+.}-{3:3}, at: ice_reset_vf+0x22f/0x4d0 [ice]\n\nbut task is already holding lock:\nff40d43ea1961210 (\u0026pf-\u003elag_mutex){+.+.}-{3:3}, at: ice_reset_vf+0xb7/0x4d0 [ice]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026pf-\u003elag_mutex){+.+.}-{3:3}:\n __lock_acquire+0x4f8/0xb40\n lock_acquire+0xd4/0x2d0\n __mutex_lock+0x9b/0xbf0\n ice_vc_cfg_qs_msg+0x45/0x690 [ice]\n ice_vc_process_vf_msg+0x4f5/0x870 [ice]\n __ice_clean_ctrlq+0x2b5/0x600 [ice]\n ice_service_task+0x2c9/0x480 [ice]\n process_one_work+0x1e9/0x4d0\n worker_thread+0x1e1/0x3d0\n kthread+0x104/0x140\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1b/0x30\n\n-\u003e #0 (\u0026vf-\u003ecfg_lock){+.+.}-{3:3}:\n check_prev_add+0xe2/0xc50\n validate_chain+0x558/0x800\n __lock_acquire+0x4f8/0xb40\n lock_acquire+0xd4/0x2d0\n __mutex_lock+0x9b/0xbf0\n ice_reset_vf+0x22f/0x4d0 [ice]\n ice_process_vflr_event+0x98/0xd0 [ice]\n ice_service_task+0x1cc/0x480 [ice]\n process_one_work+0x1e9/0x4d0\n worker_thread+0x1e1/0x3d0\n kthread+0x104/0x140\n ret_from_fork+0x31/0x50\n ret_from_fork_asm+0x1b/0x30\n\nother info that might help us debug this:\n Possible unsafe locking scenario:\n CPU0 CPU1\n ---- ----\n lock(\u0026pf-\u003elag_mutex);\n lock(\u0026vf-\u003ecfg_lock);\n lock(\u0026pf-\u003elag_mutex);\n lock(\u0026vf-\u003ecfg_lock);\n\n *** DEADLOCK ***\n4 locks held by kworker/60:3/6771:\n #0: ff40d43e05428b38 ((wq_completion)ice){+.+.}-{0:0}, at: process_one_work+0x176/0x4d0\n #1: ff50d06e05197e58 ((work_completion)(\u0026pf-\u003eserv_task)){+.+.}-{0:0}, at: process_one_work+0x176/0x4d0\n #2: ff40d43ea1960e50 (\u0026pf-\u003evfs.table_lock){+.+.}-{3:3}, at: ice_process_vflr_event+0x48/0xd0 [ice]\n #3: ff40d43ea1961210 (\u0026pf-\u003elag_mutex){+.+.}-{3:3}, at: ice_reset_vf+0xb7/0x4d0 [ice]\n\nstack backtrace:\nCPU: 60 PID: 6771 Comm: kworker/60:3 Tainted: G W O 6.8.0-rc6 #54\nHardware name:\nWorkqueue: ice ice_service_task [ice]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4a/0x80\n check_noncircular+0x12d/0x150\n check_prev_add+0xe2/0xc50\n ? save_trace+0x59/0x230\n ? add_chain_cache+0x109/0x450\n validate_chain+0x558/0x800\n __lock_acquire+0x4f8/0xb40\n ? lockdep_hardirqs_on+0x7d/0x100\n lock_acquire+0xd4/0x2d0\n ? ice_reset_vf+0x22f/0x4d0 [ice]\n ? lock_is_held_type+0xc7/0x120\n __mutex_lock+0x9b/0xbf0\n ? ice_reset_vf+0x22f/0x4d0 [ice]\n ? ice_reset_vf+0x22f/0x4d0 [ice]\n ? rcu_is_watching+0x11/0x50\n ? ice_reset_vf+0x22f/0x4d0 [ice]\n ice_reset_vf+0x22f/0x4d0 [ice]\n ? process_one_work+0x176/0x4d0\n ice_process_vflr_event+0x98/0xd0 [ice]\n ice_service_task+0x1cc/0x480 [ice]\n process_one_work+0x1e9/0x4d0\n worker_thread+0x1e1/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x104/0x140\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nTo avoid deadlock, we must acquire the LAG \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36003",
"url": "https://www.suse.com/security/cve/CVE-2024-36003"
},
{
"category": "external",
"summary": "SUSE Bug 1224544 for CVE-2024-36003",
"url": "https://bugzilla.suse.com/1224544"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36003"
},
{
"cve": "CVE-2024-36004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: Do not use WQ_MEM_RECLAIM flag for workqueue\n\nIssue reported by customer during SRIOV testing, call trace:\nWhen both i40e and the i40iw driver are loaded, a warning\nin check_flush_dependency is being triggered. This seems\nto be because of the i40e driver workqueue is allocated with\nthe WQ_MEM_RECLAIM flag, and the i40iw one is not.\n\nSimilar error was encountered on ice too and it was fixed by\nremoving the flag. Do the same for i40e too.\n\n[Feb 9 09:08] ------------[ cut here ]------------\n[ +0.000004] workqueue: WQ_MEM_RECLAIM i40e:i40e_service_task [i40e] is\nflushing !WQ_MEM_RECLAIM infiniband:0x0\n[ +0.000060] WARNING: CPU: 0 PID: 937 at kernel/workqueue.c:2966\ncheck_flush_dependency+0x10b/0x120\n[ +0.000007] Modules linked in: snd_seq_dummy snd_hrtimer snd_seq\nsnd_timer snd_seq_device snd soundcore nls_utf8 cifs cifs_arc4\nnls_ucs2_utils rdma_cm iw_cm ib_cm cifs_md4 dns_resolver netfs qrtr\nrfkill sunrpc vfat fat intel_rapl_msr intel_rapl_common irdma\nintel_uncore_frequency intel_uncore_frequency_common ice ipmi_ssif\nisst_if_common skx_edac nfit libnvdimm x86_pkg_temp_thermal\nintel_powerclamp gnss coretemp ib_uverbs rapl intel_cstate ib_core\niTCO_wdt iTCO_vendor_support acpi_ipmi mei_me ipmi_si intel_uncore\nioatdma i2c_i801 joydev pcspkr mei ipmi_devintf lpc_ich\nintel_pch_thermal i2c_smbus ipmi_msghandler acpi_power_meter acpi_pad\nxfs libcrc32c ast sd_mod drm_shmem_helper t10_pi drm_kms_helper sg ixgbe\ndrm i40e ahci crct10dif_pclmul libahci crc32_pclmul igb crc32c_intel\nlibata ghash_clmulni_intel i2c_algo_bit mdio dca wmi dm_mirror\ndm_region_hash dm_log dm_mod fuse\n[ +0.000050] CPU: 0 PID: 937 Comm: kworker/0:3 Kdump: loaded Not\ntainted 6.8.0-rc2-Feb-net_dev-Qiueue-00279-gbd43c5687e05 #1\n[ +0.000003] Hardware name: Intel Corporation S2600BPB/S2600BPB, BIOS\nSE5C620.86B.02.01.0013.121520200651 12/15/2020\n[ +0.000001] Workqueue: i40e i40e_service_task [i40e]\n[ +0.000024] RIP: 0010:check_flush_dependency+0x10b/0x120\n[ +0.000003] Code: ff 49 8b 54 24 18 48 8d 8b b0 00 00 00 49 89 e8 48\n81 c6 b0 00 00 00 48 c7 c7 b0 97 fa 9f c6 05 8a cc 1f 02 01 e8 35 b3 fd\nff \u003c0f\u003e 0b e9 10 ff ff ff 80 3d 78 cc 1f 02 00 75 94 e9 46 ff ff ff 90\n[ +0.000002] RSP: 0018:ffffbd294976bcf8 EFLAGS: 00010282\n[ +0.000002] RAX: 0000000000000000 RBX: ffff94d4c483c000 RCX:\n0000000000000027\n[ +0.000001] RDX: ffff94d47f620bc8 RSI: 0000000000000001 RDI:\nffff94d47f620bc0\n[ +0.000001] RBP: 0000000000000000 R08: 0000000000000000 R09:\n00000000ffff7fff\n[ +0.000001] R10: ffffbd294976bb98 R11: ffffffffa0be65e8 R12:\nffff94c5451ea180\n[ +0.000001] R13: ffff94c5ab5e8000 R14: ffff94c5c20b6e05 R15:\nffff94c5f1330ab0\n[ +0.000001] FS: 0000000000000000(0000) GS:ffff94d47f600000(0000)\nknlGS:0000000000000000\n[ +0.000002] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.000001] CR2: 00007f9e6f1fca70 CR3: 0000000038e20004 CR4:\n00000000007706f0\n[ +0.000000] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[ +0.000001] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[ +0.000001] PKRU: 55555554\n[ +0.000001] Call Trace:\n[ +0.000001] \u003cTASK\u003e\n[ +0.000002] ? __warn+0x80/0x130\n[ +0.000003] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] ? report_bug+0x195/0x1a0\n[ +0.000005] ? handle_bug+0x3c/0x70\n[ +0.000003] ? exc_invalid_op+0x14/0x70\n[ +0.000002] ? asm_exc_invalid_op+0x16/0x20\n[ +0.000006] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] ? check_flush_dependency+0x10b/0x120\n[ +0.000002] __flush_workqueue+0x126/0x3f0\n[ +0.000015] ib_cache_cleanup_one+0x1c/0xe0 [ib_core]\n[ +0.000056] __ib_unregister_device+0x6a/0xb0 [ib_core]\n[ +0.000023] ib_unregister_device_and_put+0x34/0x50 [ib_core]\n[ +0.000020] i40iw_close+0x4b/0x90 [irdma]\n[ +0.000022] i40e_notify_client_of_netdev_close+0x54/0xc0 [i40e]\n[ +0.000035] i40e_service_task+0x126/0x190 [i40e]\n[ +0.000024] process_one_work+0x174/0x340\n[ +0.000003] worker_th\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36004",
"url": "https://www.suse.com/security/cve/CVE-2024-36004"
},
{
"category": "external",
"summary": "SUSE Bug 1224545 for CVE-2024-36004",
"url": "https://bugzilla.suse.com/1224545"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36004"
},
{
"cve": "CVE-2024-36005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: honor table dormant flag from netdev release event path\n\nCheck for table dormant flag otherwise netdev release event path tries\nto unregister an already unregistered hook.\n\n[524854.857999] ------------[ cut here ]------------\n[524854.858010] WARNING: CPU: 0 PID: 3386599 at net/netfilter/core.c:501 __nf_unregister_net_hook+0x21a/0x260\n[...]\n[524854.858848] CPU: 0 PID: 3386599 Comm: kworker/u32:2 Not tainted 6.9.0-rc3+ #365\n[524854.858869] Workqueue: netns cleanup_net\n[524854.858886] RIP: 0010:__nf_unregister_net_hook+0x21a/0x260\n[524854.858903] Code: 24 e8 aa 73 83 ff 48 63 43 1c 83 f8 01 0f 85 3d ff ff ff e8 98 d1 f0 ff 48 8b 3c 24 e8 8f 73 83 ff 48 63 43 1c e9 26 ff ff ff \u003c0f\u003e 0b 48 83 c4 18 48 c7 c7 00 68 e9 82 5b 5d 41 5c 41 5d 41 5e 41\n[524854.858914] RSP: 0018:ffff8881e36d79e0 EFLAGS: 00010246\n[524854.858926] RAX: 0000000000000000 RBX: ffff8881339ae790 RCX: ffffffff81ba524a\n[524854.858936] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffff8881c8a16438\n[524854.858945] RBP: ffff8881c8a16438 R08: 0000000000000001 R09: ffffed103c6daf34\n[524854.858954] R10: ffff8881e36d79a7 R11: 0000000000000000 R12: 0000000000000005\n[524854.858962] R13: ffff8881c8a16000 R14: 0000000000000000 R15: ffff8881351b5a00\n[524854.858971] FS: 0000000000000000(0000) GS:ffff888390800000(0000) knlGS:0000000000000000\n[524854.858982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[524854.858991] CR2: 00007fc9be0f16f4 CR3: 00000001437cc004 CR4: 00000000001706f0\n[524854.859000] Call Trace:\n[524854.859006] \u003cTASK\u003e\n[524854.859013] ? __warn+0x9f/0x1a0\n[524854.859027] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859044] ? report_bug+0x1b1/0x1e0\n[524854.859060] ? handle_bug+0x3c/0x70\n[524854.859071] ? exc_invalid_op+0x17/0x40\n[524854.859083] ? asm_exc_invalid_op+0x1a/0x20\n[524854.859100] ? __nf_unregister_net_hook+0x6a/0x260\n[524854.859116] ? __nf_unregister_net_hook+0x21a/0x260\n[524854.859135] nf_tables_netdev_event+0x337/0x390 [nf_tables]\n[524854.859304] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859461] ? packet_notifier+0xb3/0x360\n[524854.859476] ? _raw_spin_unlock_irqrestore+0x11/0x40\n[524854.859489] ? dcbnl_netdevice_event+0x35/0x140\n[524854.859507] ? __pfx_nf_tables_netdev_event+0x10/0x10 [nf_tables]\n[524854.859661] notifier_call_chain+0x7d/0x140\n[524854.859677] unregister_netdevice_many_notify+0x5e1/0xae0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36005",
"url": "https://www.suse.com/security/cve/CVE-2024-36005"
},
{
"category": "external",
"summary": "SUSE Bug 1224539 for CVE-2024-36005",
"url": "https://bugzilla.suse.com/1224539"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36005"
},
{
"cve": "CVE-2024-36006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix incorrect list API usage\n\nBoth the function that migrates all the chunks within a region and the\nfunction that migrates all the entries within a chunk call\nlist_first_entry() on the respective lists without checking that the\nlists are not empty. This is incorrect usage of the API, which leads to\nthe following warning [1].\n\nFix by returning if the lists are empty as there is nothing to migrate\nin this case.\n\n[1]\nWARNING: CPU: 0 PID: 6437 at drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c:1266 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0\u003e\nModules linked in:\nCPU: 0 PID: 6437 Comm: kworker/0:37 Not tainted 6.9.0-rc3-custom-00883-g94a65f079ef6 #39\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0x2c0\n[...]\nCall Trace:\n \u003cTASK\u003e\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x4a0\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36006",
"url": "https://www.suse.com/security/cve/CVE-2024-36006"
},
{
"category": "external",
"summary": "SUSE Bug 1224541 for CVE-2024-36006",
"url": "https://bugzilla.suse.com/1224541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36006"
},
{
"cve": "CVE-2024-36007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix warning during rehash\n\nAs previously explained, the rehash delayed work migrates filters from\none region to another. This is done by iterating over all chunks (all\nthe filters with the same priority) in the region and in each chunk\niterating over all the filters.\n\nWhen the work runs out of credits it stores the current chunk and entry\nas markers in the per-work context so that it would know where to resume\nthe migration from the next time the work is scheduled.\n\nUpon error, the chunk marker is reset to NULL, but without resetting the\nentry markers despite being relative to it. This can result in migration\nbeing resumed from an entry that does not belong to the chunk being\nmigrated. In turn, this will eventually lead to a chunk being iterated\nover as if it is an entry. Because of how the two structures happen to\nbe defined, this does not lead to KASAN splats, but to warnings such as\n[1].\n\nFix by creating a helper that resets all the markers and call it from\nall the places the currently only reset the chunk marker. For good\nmeasures also call it when starting a completely new rehash. Add a\nwarning to avoid future cases.\n\n[1]\nWARNING: CPU: 7 PID: 1076 at drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c:407 mlxsw_afk_encode+0x242/0x2f0\nModules linked in:\nCPU: 7 PID: 1076 Comm: kworker/7:24 Tainted: G W 6.9.0-rc3-custom-00880-g29e61d91b77b #29\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_afk_encode+0x242/0x2f0\n[...]\nCall Trace:\n \u003cTASK\u003e\n mlxsw_sp_acl_atcam_entry_add+0xd9/0x3c0\n mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x109/0x290\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x470\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36007",
"url": "https://www.suse.com/security/cve/CVE-2024-36007"
},
{
"category": "external",
"summary": "SUSE Bug 1224543 for CVE-2024-36007",
"url": "https://bugzilla.suse.com/1224543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36007"
},
{
"cve": "CVE-2024-36008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: check for NULL idev in ip_route_use_hint()\n\nsyzbot was able to trigger a NULL deref in fib_validate_source()\nin an old tree [1].\n\nIt appears the bug exists in latest trees.\n\nAll calls to __in_dev_get_rcu() must be checked for a NULL result.\n\n[1]\ngeneral protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 2 PID: 3257 Comm: syz-executor.3 Not tainted 5.10.0-syzkaller #0\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014\n RIP: 0010:fib_validate_source+0xbf/0x15a0 net/ipv4/fib_frontend.c:425\nCode: 18 f2 f2 f2 f2 42 c7 44 20 23 f3 f3 f3 f3 48 89 44 24 78 42 c6 44 20 27 f3 e8 5d 88 48 fc 4c 89 e8 48 c1 e8 03 48 89 44 24 18 \u003c42\u003e 80 3c 20 00 74 08 4c 89 ef e8 d2 15 98 fc 48 89 5c 24 10 41 bf\nRSP: 0018:ffffc900015fee40 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff88800f7a4000 RCX: ffff88800f4f90c0\nRDX: 0000000000000000 RSI: 0000000004001eac RDI: ffff8880160c64c0\nRBP: ffffc900015ff060 R08: 0000000000000000 R09: ffff88800f7a4000\nR10: 0000000000000002 R11: ffff88800f4f90c0 R12: dffffc0000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: ffff88800f7a4000\nFS: 00007f938acfe6c0(0000) GS:ffff888058c00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f938acddd58 CR3: 000000001248e000 CR4: 0000000000352ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ip_route_use_hint+0x410/0x9b0 net/ipv4/route.c:2231\n ip_rcv_finish_core+0x2c4/0x1a30 net/ipv4/ip_input.c:327\n ip_list_rcv_finish net/ipv4/ip_input.c:612 [inline]\n ip_sublist_rcv+0x3ed/0xe50 net/ipv4/ip_input.c:638\n ip_list_rcv+0x422/0x470 net/ipv4/ip_input.c:673\n __netif_receive_skb_list_ptype net/core/dev.c:5572 [inline]\n __netif_receive_skb_list_core+0x6b1/0x890 net/core/dev.c:5620\n __netif_receive_skb_list net/core/dev.c:5672 [inline]\n netif_receive_skb_list_internal+0x9f9/0xdc0 net/core/dev.c:5764\n netif_receive_skb_list+0x55/0x3e0 net/core/dev.c:5816\n xdp_recv_frames net/bpf/test_run.c:257 [inline]\n xdp_test_run_batch net/bpf/test_run.c:335 [inline]\n bpf_test_run_xdp_live+0x1818/0x1d00 net/bpf/test_run.c:363\n bpf_prog_test_run_xdp+0x81f/0x1170 net/bpf/test_run.c:1376\n bpf_prog_test_run+0x349/0x3c0 kernel/bpf/syscall.c:3736\n __sys_bpf+0x45c/0x710 kernel/bpf/syscall.c:5115\n __do_sys_bpf kernel/bpf/syscall.c:5201 [inline]\n __se_sys_bpf kernel/bpf/syscall.c:5199 [inline]\n __x64_sys_bpf+0x7c/0x90 kernel/bpf/syscall.c:5199",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36008",
"url": "https://www.suse.com/security/cve/CVE-2024-36008"
},
{
"category": "external",
"summary": "SUSE Bug 1224540 for CVE-2024-36008",
"url": "https://bugzilla.suse.com/1224540"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36008"
},
{
"cve": "CVE-2024-36009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix netdev refcount issue\n\nThe dev_tracker is added to ax25_cb in ax25_bind(). When the\nax25 device is detaching, the dev_tracker of ax25_cb should be\ndeallocated in ax25_kill_by_device() instead of the dev_tracker\nof ax25_dev. The log reported by ref_tracker is shown below:\n\n[ 80.884935] ref_tracker: reference already released.\n[ 80.885150] ref_tracker: allocated in:\n[ 80.885349] ax25_dev_device_up+0x105/0x540\n[ 80.885730] ax25_device_event+0xa4/0x420\n[ 80.885730] notifier_call_chain+0xc9/0x1e0\n[ 80.885730] __dev_notify_flags+0x138/0x280\n[ 80.885730] dev_change_flags+0xd7/0x180\n[ 80.885730] dev_ifsioc+0x6a9/0xa30\n[ 80.885730] dev_ioctl+0x4d8/0xd90\n[ 80.885730] sock_do_ioctl+0x1c2/0x2d0\n[ 80.885730] sock_ioctl+0x38b/0x4f0\n[ 80.885730] __se_sys_ioctl+0xad/0xf0\n[ 80.885730] do_syscall_64+0xc4/0x1b0\n[ 80.885730] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 80.885730] ref_tracker: freed in:\n[ 80.885730] ax25_device_event+0x272/0x420\n[ 80.885730] notifier_call_chain+0xc9/0x1e0\n[ 80.885730] dev_close_many+0x272/0x370\n[ 80.885730] unregister_netdevice_many_notify+0x3b5/0x1180\n[ 80.885730] unregister_netdev+0xcf/0x120\n[ 80.885730] sixpack_close+0x11f/0x1b0\n[ 80.885730] tty_ldisc_kill+0xcb/0x190\n[ 80.885730] tty_ldisc_hangup+0x338/0x3d0\n[ 80.885730] __tty_hangup+0x504/0x740\n[ 80.885730] tty_release+0x46e/0xd80\n[ 80.885730] __fput+0x37f/0x770\n[ 80.885730] __x64_sys_close+0x7b/0xb0\n[ 80.885730] do_syscall_64+0xc4/0x1b0\n[ 80.885730] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 80.893739] ------------[ cut here ]------------\n[ 80.894030] WARNING: CPU: 2 PID: 140 at lib/ref_tracker.c:255 ref_tracker_free+0x47b/0x6b0\n[ 80.894297] Modules linked in:\n[ 80.894929] CPU: 2 PID: 140 Comm: ax25_conn_rel_6 Not tainted 6.9.0-rc4-g8cd26fd90c1a #11\n[ 80.895190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qem4\n[ 80.895514] RIP: 0010:ref_tracker_free+0x47b/0x6b0\n[ 80.895808] Code: 83 c5 18 4c 89 eb 48 c1 eb 03 8a 04 13 84 c0 0f 85 df 01 00 00 41 83 7d 00 00 75 4b 4c 89 ff 9\n[ 80.896171] RSP: 0018:ffff888009edf8c0 EFLAGS: 00000286\n[ 80.896339] RAX: 1ffff1100141ac00 RBX: 1ffff1100149463b RCX: dffffc0000000000\n[ 80.896502] RDX: 0000000000000001 RSI: 0000000000000246 RDI: ffff88800a0d6518\n[ 80.896925] RBP: ffff888009edf9b0 R08: ffff88806d3288d3 R09: 1ffff1100da6511a\n[ 80.897212] R10: dffffc0000000000 R11: ffffed100da6511b R12: ffff88800a4a31d4\n[ 80.897859] R13: ffff88800a4a31d8 R14: dffffc0000000000 R15: ffff88800a0d6518\n[ 80.898279] FS: 00007fd88b7fe700(0000) GS:ffff88806d300000(0000) knlGS:0000000000000000\n[ 80.899436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 80.900181] CR2: 00007fd88c001d48 CR3: 000000000993e000 CR4: 00000000000006f0\n...\n[ 80.935774] ref_tracker: sp%d@000000000bb9df3d has 1/1 users at\n[ 80.935774] ax25_bind+0x424/0x4e0\n[ 80.935774] __sys_bind+0x1d9/0x270\n[ 80.935774] __x64_sys_bind+0x75/0x80\n[ 80.935774] do_syscall_64+0xc4/0x1b0\n[ 80.935774] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n\nChange ax25_dev-\u003edev_tracker to the dev_tracker of ax25_cb\nin order to mitigate the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36009",
"url": "https://www.suse.com/security/cve/CVE-2024-36009"
},
{
"category": "external",
"summary": "SUSE Bug 1224542 for CVE-2024-36009",
"url": "https://bugzilla.suse.com/1224542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36009"
},
{
"cve": "CVE-2024-36010",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36010"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix string truncation warnings in igb_set_fw_version\n\nCommit 1978d3ead82c (\"intel: fix string truncation warnings\")\nfixes \u0027-Wformat-truncation=\u0027 warnings in igb_main.c by using kasprintf.\n\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:53: warning:\u0027%d\u0027 directive output may be truncated writing between 1 and 5 bytes into a region of size between 1 and 13 [-Wformat-truncation=]\n 3092 | \"%d.%d, 0x%08x, %d.%d.%d\",\n | ^~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note:directive argument in the range [0, 65535]\n 3092 | \"%d.%d, 0x%08x, %d.%d.%d\",\n | ^~~~~~~~~~~~~~~~~~~~~~~~~\ndrivers/net/ethernet/intel/igb/igb_main.c:3092:34: note:directive argument in the range [0, 65535]\ndrivers/net/ethernet/intel/igb/igb_main.c:3090:25: note:\u0027snprintf\u0027 output between 23 and 43 bytes into a destination of size 32\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\n\nFix this warning by using a larger space for adapter-\u003efw_version,\nand then fall back and continue to use snprintf.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36010",
"url": "https://www.suse.com/security/cve/CVE-2024-36010"
},
{
"category": "external",
"summary": "SUSE Bug 1225594 for CVE-2024-36010",
"url": "https://bugzilla.suse.com/1225594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36010"
},
{
"cve": "CVE-2024-36011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: HCI: Fix potential null-ptr-deref\n\nFix potential null-ptr-deref in hci_le_big_sync_established_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36011",
"url": "https://www.suse.com/security/cve/CVE-2024-36011"
},
{
"category": "external",
"summary": "SUSE Bug 1225579 for CVE-2024-36011",
"url": "https://bugzilla.suse.com/1225579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36011"
},
{
"cve": "CVE-2024-36012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: msft: fix slab-use-after-free in msft_do_close()\n\nTying the msft-\u003edata lifetime to hdev by freeing it in\nhci_release_dev() to fix the following case:\n\n[use]\nmsft_do_close()\n msft = hdev-\u003emsft_data;\n if (!msft) ...(1) \u003c- passed.\n return;\n mutex_lock(\u0026msft-\u003efilter_lock); ...(4) \u003c- used after freed.\n\n[free]\nmsft_unregister()\n msft = hdev-\u003emsft_data;\n hdev-\u003emsft_data = NULL; ...(2)\n kfree(msft); ...(3) \u003c- msft is freed.\n\n==================================================================\nBUG: KASAN: slab-use-after-free in __mutex_lock_common\nkernel/locking/mutex.c:587 [inline]\nBUG: KASAN: slab-use-after-free in __mutex_lock+0x8f/0xc30\nkernel/locking/mutex.c:752\nRead of size 8 at addr ffff888106cbbca8 by task kworker/u5:2/309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36012",
"url": "https://www.suse.com/security/cve/CVE-2024-36012"
},
{
"category": "external",
"summary": "SUSE Bug 1225502 for CVE-2024-36012",
"url": "https://bugzilla.suse.com/1225502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36012"
},
{
"cve": "CVE-2024-36013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()\n\nExtend a critical section to prevent chan from early freeing.\nAlso make the l2cap_connect() return type void. Nothing is using the\nreturned value but it is ugly to return a potentially freed pointer.\nMaking it void will help with backports because earlier kernels did use\nthe return value. Now the compile will break for kernels where this\npatch is not a complete fix.\n\nCall stack summary:\n\n[use]\nl2cap_bredr_sig_cmd\n l2cap_connect\n mutex_lock(\u0026conn-\u003echan_lock);\n | chan = pchan-\u003eops-\u003enew_connection(pchan); \u003c- alloc chan\n | __l2cap_chan_add(conn, chan);\n | l2cap_chan_hold(chan);\n | list_add(\u0026chan-\u003elist, \u0026conn-\u003echan_l); ... (1)\n mutex_unlock(\u0026conn-\u003echan_lock);\n chan-\u003econf_state ... (4) \u003c- use after free\n\n[free]\nl2cap_conn_del\n mutex_lock(\u0026conn-\u003echan_lock);\n| foreach chan in conn-\u003echan_l: ... (2)\n| l2cap_chan_put(chan);\n| l2cap_chan_destroy\n| kfree(chan) ... (3) \u003c- chan freed\n mutex_unlock(\u0026conn-\u003echan_lock);\n\n==================================================================\nBUG: KASAN: slab-use-after-free in instrument_atomic_read\ninclude/linux/instrumented.h:68 [inline]\nBUG: KASAN: slab-use-after-free in _test_bit\ninclude/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: slab-use-after-free in l2cap_connect+0xa67/0x11a0\nnet/bluetooth/l2cap_core.c:4260\nRead of size 8 at addr ffff88810bf040a0 by task kworker/u3:1/311",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36013",
"url": "https://www.suse.com/security/cve/CVE-2024-36013"
},
{
"category": "external",
"summary": "SUSE Bug 1225578 for CVE-2024-36013",
"url": "https://bugzilla.suse.com/1225578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36013"
},
{
"cve": "CVE-2024-36014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/arm/malidp: fix a possible null pointer dereference\n\nIn malidp_mw_connector_reset, new memory is allocated with kzalloc, but\nno check is performed. In order to prevent null pointer dereferencing,\nensure that mw_state is checked before calling\n__drm_atomic_helper_connector_reset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36014",
"url": "https://www.suse.com/security/cve/CVE-2024-36014"
},
{
"category": "external",
"summary": "SUSE Bug 1225593 for CVE-2024-36014",
"url": "https://bugzilla.suse.com/1225593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36014"
},
{
"cve": "CVE-2024-36015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppdev: Add an error check in register_device\n\nIn register_device, the return value of ida_simple_get is unchecked,\nin witch ida_simple_get will use an invalid index value.\n\nTo address this issue, index should be checked after ida_simple_get. When\nthe index value is abnormal, a warning message should be printed, the port\nshould be dropped, and the value should be recorded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36015",
"url": "https://www.suse.com/security/cve/CVE-2024-36015"
},
{
"category": "external",
"summary": "SUSE Bug 1225640 for CVE-2024-36015",
"url": "https://bugzilla.suse.com/1225640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36015"
},
{
"cve": "CVE-2024-36016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix possible out-of-bounds in gsm0_receive()\n\nAssuming the following:\n- side A configures the n_gsm in basic option mode\n- side B sends the header of a basic option mode frame with data length 1\n- side A switches to advanced option mode\n- side B sends 2 data bytes which exceeds gsm-\u003elen\n Reason: gsm-\u003elen is not used in advanced option mode.\n- side A switches to basic option mode\n- side B keeps sending until gsm0_receive() writes past gsm-\u003ebuf\n Reason: Neither gsm-\u003estate nor gsm-\u003elen have been reset after\n reconfiguration.\n\nFix this by changing gsm-\u003ecount to gsm-\u003elen comparison from equal to less\nthan. Also add upper limit checks against the constant MAX_MRU in\ngsm0_receive() and gsm1_receive() to harden against memory corruption of\ngsm-\u003elen and gsm-\u003emru.\n\nAll other checks remain as we still need to limit the data according to the\nuser configuration and actual payload size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36016",
"url": "https://www.suse.com/security/cve/CVE-2024-36016"
},
{
"category": "external",
"summary": "SUSE Bug 1225642 for CVE-2024-36016",
"url": "https://bugzilla.suse.com/1225642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36016"
},
{
"cve": "CVE-2024-36017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation\n\nEach attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a\nstruct ifla_vf_vlan_info so the size of such attribute needs to be at least\nof sizeof(struct ifla_vf_vlan_info) which is 14 bytes.\nThe current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes)\nwhich is less than sizeof(struct ifla_vf_vlan_info) so this validation\nis not enough and a too small attribute might be cast to a\nstruct ifla_vf_vlan_info, this might result in an out of bands\nread access when accessing the saved (casted) entry in ivvl.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36017",
"url": "https://www.suse.com/security/cve/CVE-2024-36017"
},
{
"category": "external",
"summary": "SUSE Bug 1225681 for CVE-2024-36017",
"url": "https://bugzilla.suse.com/1225681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36017"
},
{
"cve": "CVE-2024-36018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/uvmm: fix addr/range calcs for remap operations\n\ndEQP-VK.sparse_resources.image_rebind.2d_array.r64i.128_128_8\nwas causing a remap operation like the below.\n\nop_remap: prev: 0000003fffed0000 00000000000f0000 00000000a5abd18a 0000000000000000\nop_remap: next:\nop_remap: unmap: 0000003fffed0000 0000000000100000 0\nop_map: map: 0000003ffffc0000 0000000000010000 000000005b1ba33c 00000000000e0000\n\nThis was resulting in an unmap operation from 0x3fffed0000+0xf0000, 0x100000\nwhich was corrupting the pagetables and oopsing the kernel.\n\nFixes the prev + unmap range calcs to use start/end and map back to addr/range.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36018",
"url": "https://www.suse.com/security/cve/CVE-2024-36018"
},
{
"category": "external",
"summary": "SUSE Bug 1225694 for CVE-2024-36018",
"url": "https://bugzilla.suse.com/1225694"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36018"
},
{
"cve": "CVE-2024-36019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: maple: Fix cache corruption in regcache_maple_drop()\n\nWhen keeping the upper end of a cache block entry, the entry[] array\nmust be indexed by the offset from the base register of the block,\ni.e. max - mas.index.\n\nThe code was indexing entry[] by only the register address, leading\nto an out-of-bounds access that copied some part of the kernel\nmemory over the cache contents.\n\nThis bug was not detected by the regmap KUnit test because it only\ntests with a block of registers starting at 0, so mas.index == 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36019",
"url": "https://www.suse.com/security/cve/CVE-2024-36019"
},
{
"category": "external",
"summary": "SUSE Bug 1225695 for CVE-2024-36019",
"url": "https://bugzilla.suse.com/1225695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36019"
},
{
"cve": "CVE-2024-36020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix vf may be used uninitialized in this function warning\n\nTo fix the regression introduced by commit 52424f974bc5, which causes\nservers hang in very hard to reproduce conditions with resets races.\nUsing two sources for the information is the root cause.\nIn this function before the fix bumping v didn\u0027t mean bumping vf\npointer. But the code used this variables interchangeably, so stale vf\ncould point to different/not intended vf.\n\nRemove redundant \"v\" variable and iterate via single VF pointer across\nwhole function instead to guarantee VF pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36020",
"url": "https://www.suse.com/security/cve/CVE-2024-36020"
},
{
"category": "external",
"summary": "SUSE Bug 1225698 for CVE-2024-36020",
"url": "https://bugzilla.suse.com/1225698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36020"
},
{
"cve": "CVE-2024-36021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when devlink reload during pf initialization\n\nThe devlink reload process will access the hardware resources,\nbut the register operation is done before the hardware is initialized.\nSo, processing the devlink reload during initialization may lead to kernel\ncrash. This patch fixes this by taking devl_lock during initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36021",
"url": "https://www.suse.com/security/cve/CVE-2024-36021"
},
{
"category": "external",
"summary": "SUSE Bug 1225699 for CVE-2024-36021",
"url": "https://bugzilla.suse.com/1225699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36021"
},
{
"cve": "CVE-2024-36024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Disable idle reallow as part of command/gpint execution\n\n[Why]\nWorkaroud for a race condition where DMCUB is in the process of\ncommitting to IPS1 during the handshake causing us to miss the\ntransition into IPS2 and touch the INBOX1 RPTR causing a HW hang.\n\n[How]\nDisable the reallow to ensure that we have enough of a gap between entry\nand exit and we\u0027re not seeing back-to-back wake_and_executes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36024",
"url": "https://www.suse.com/security/cve/CVE-2024-36024"
},
{
"category": "external",
"summary": "SUSE Bug 1225702 for CVE-2024-36024",
"url": "https://bugzilla.suse.com/1225702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36024"
},
{
"cve": "CVE-2024-36025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix off by one in qla_edif_app_getstats()\n\nThe app_reply-\u003eelem[] array is allocated earlier in this function and it\nhas app_req.num_ports elements. Thus this \u003e comparison needs to be \u003e= to\nprevent memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36025",
"url": "https://www.suse.com/security/cve/CVE-2024-36025"
},
{
"category": "external",
"summary": "SUSE Bug 1225704 for CVE-2024-36025",
"url": "https://bugzilla.suse.com/1225704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36025"
},
{
"cve": "CVE-2024-36026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11\n\nWhile doing multiple S4 stress tests, GC/RLC/PMFW get into\nan invalid state resulting into hard hangs.\n\nAdding a GFX reset as workaround just before sending the\nMP1_UNLOAD message avoids this failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36026",
"url": "https://www.suse.com/security/cve/CVE-2024-36026"
},
{
"category": "external",
"summary": "SUSE Bug 1225705 for CVE-2024-36026",
"url": "https://bugzilla.suse.com/1225705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36026"
},
{
"cve": "CVE-2024-36029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-msm: pervent access to suspended controller\n\nGeneric sdhci code registers LED device and uses host-\u003eruntime_suspended\nflag to protect access to it. The sdhci-msm driver doesn\u0027t set this flag,\nwhich causes a crash when LED is accessed while controller is runtime\nsuspended. Fix this by setting the flag correctly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36029",
"url": "https://www.suse.com/security/cve/CVE-2024-36029"
},
{
"category": "external",
"summary": "SUSE Bug 1225708 for CVE-2024-36029",
"url": "https://bugzilla.suse.com/1225708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36029"
},
{
"cve": "CVE-2024-36030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: fix the double free in rvu_npc_freemem()\n\nClang static checker(scan-build) warning:\ndrivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c:line 2184, column 2\nAttempt to free released memory.\n\nnpc_mcam_rsrcs_deinit() has released \u0027mcam-\u003ecounters.bmap\u0027. Deleted this\nredundant kfree() to fix this double free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36030",
"url": "https://www.suse.com/security/cve/CVE-2024-36030"
},
{
"category": "external",
"summary": "SUSE Bug 1225712 for CVE-2024-36030",
"url": "https://bugzilla.suse.com/1225712"
},
{
"category": "external",
"summary": "SUSE Bug 1226326 for CVE-2024-36030",
"url": "https://bugzilla.suse.com/1226326"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36030"
},
{
"cve": "CVE-2024-36032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36032"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: fix info leak when fetching fw build id\n\nAdd the missing sanity checks and move the 255-byte build-id buffer off\nthe stack to avoid leaking stack data through debugfs in case the\nbuild-info reply is malformed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36032",
"url": "https://www.suse.com/security/cve/CVE-2024-36032"
},
{
"category": "external",
"summary": "SUSE Bug 1225720 for CVE-2024-36032",
"url": "https://bugzilla.suse.com/1225720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-36032"
},
{
"cve": "CVE-2024-36281",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36281"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules\n\nrx_create no longer allocates a modify_hdr instance that needs to be\ncleaned up. The mlx5_modify_header_dealloc call will lead to a NULL pointer\ndereference. A leak in the rules also previously occurred since there are\nnow two rules populated related to status.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 109907067 P4D 109907067 PUD 116890067 PMD 0\n Oops: 0000 [#1] SMP\n CPU: 1 PID: 484 Comm: ip Not tainted 6.9.0-rc2-rrameshbabu+ #254\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS Arch Linux 1.16.3-1-1 04/01/2014\n RIP: 0010:mlx5_modify_header_dealloc+0xd/0x70\n \u003csnip\u003e\n Call Trace:\n \u003cTASK\u003e\n ? show_regs+0x60/0x70\n ? __die+0x24/0x70\n ? page_fault_oops+0x15f/0x430\n ? free_to_partial_list.constprop.0+0x79/0x150\n ? do_user_addr_fault+0x2c9/0x5c0\n ? exc_page_fault+0x63/0x110\n ? asm_exc_page_fault+0x27/0x30\n ? mlx5_modify_header_dealloc+0xd/0x70\n rx_create+0x374/0x590\n rx_add_rule+0x3ad/0x500\n ? rx_add_rule+0x3ad/0x500\n ? mlx5_cmd_exec+0x2c/0x40\n ? mlx5_create_ipsec_obj+0xd6/0x200\n mlx5e_accel_ipsec_fs_add_rule+0x31/0xf0\n mlx5e_xfrm_add_state+0x426/0xc00\n \u003csnip\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36281",
"url": "https://www.suse.com/security/cve/CVE-2024-36281"
},
{
"category": "external",
"summary": "SUSE Bug 1226799 for CVE-2024-36281",
"url": "https://bugzilla.suse.com/1226799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36281"
},
{
"cve": "CVE-2024-36477",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36477"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer\n\nThe TPM SPI transfer mechanism uses MAX_SPI_FRAMESIZE for computing the\nmaximum transfer length and the size of the transfer buffer. As such, it\ndoes not account for the 4 bytes of header that prepends the SPI data\nframe. This can result in out-of-bounds accesses and was confirmed with\nKASAN.\n\nIntroduce SPI_HDRSIZE to account for the header and use to allocate the\ntransfer buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36477",
"url": "https://www.suse.com/security/cve/CVE-2024-36477"
},
{
"category": "external",
"summary": "SUSE Bug 1226840 for CVE-2024-36477",
"url": "https://bugzilla.suse.com/1226840"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36477"
},
{
"cve": "CVE-2024-36478",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36478"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnull_blk: fix null-ptr-dereference while configuring \u0027power\u0027 and \u0027submit_queues\u0027\n\nWriting \u0027power\u0027 and \u0027submit_queues\u0027 concurrently will trigger kernel\npanic:\n\nTest script:\n\nmodprobe null_blk nr_devices=0\nmkdir -p /sys/kernel/config/nullb/nullb0\nwhile true; do echo 1 \u003e submit_queues; echo 4 \u003e submit_queues; done \u0026\nwhile true; do echo 1 \u003e power; echo 0 \u003e power; done\n\nTest result:\n\nBUG: kernel NULL pointer dereference, address: 0000000000000148\nOops: 0000 [#1] PREEMPT SMP\nRIP: 0010:__lock_acquire+0x41d/0x28f0\nCall Trace:\n \u003cTASK\u003e\n lock_acquire+0x121/0x450\n down_write+0x5f/0x1d0\n simple_recursive_removal+0x12f/0x5c0\n blk_mq_debugfs_unregister_hctxs+0x7c/0x100\n blk_mq_update_nr_hw_queues+0x4a3/0x720\n nullb_update_nr_hw_queues+0x71/0xf0 [null_blk]\n nullb_device_submit_queues_store+0x79/0xf0 [null_blk]\n configfs_write_iter+0x119/0x1e0\n vfs_write+0x326/0x730\n ksys_write+0x74/0x150\n\nThis is because del_gendisk() can concurrent with\nblk_mq_update_nr_hw_queues():\n\nnullb_device_power_store\tnullb_apply_submit_queues\n null_del_dev\n del_gendisk\n\t\t\t\t nullb_update_nr_hw_queues\n\t\t\t\t if (!dev-\u003enullb)\n\t\t\t\t // still set while gendisk is deleted\n\t\t\t\t return 0\n\t\t\t\t blk_mq_update_nr_hw_queues\n dev-\u003enullb = NULL\n\nFix this problem by resuing the global mutex to protect\nnullb_device_power_store() and nullb_update_nr_hw_queues() from configfs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36478",
"url": "https://www.suse.com/security/cve/CVE-2024-36478"
},
{
"category": "external",
"summary": "SUSE Bug 1226841 for CVE-2024-36478",
"url": "https://bugzilla.suse.com/1226841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36478"
},
{
"cve": "CVE-2024-36479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36479"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: bridge: add owner module and take its refcount\n\nThe current implementation of the fpga bridge assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the bridge if\nthe parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_bridge\nstruct and use it to take the module\u0027s refcount. Modify the function for\nregistering a bridge to take an additional owner module parameter and\nrename it to avoid conflicts. Use the old function name for a helper macro\nthat automatically sets the module that registers the bridge as the owner.\nThis ensures compatibility with existing low-level control modules and\nreduces the chances of registering a bridge without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga bridge.\n\nOther changes: opportunistically move put_device() from __fpga_bridge_get()\nto fpga_bridge_get() and of_fpga_bridge_get() to improve code clarity since\nthe bridge device is taken in these functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36479",
"url": "https://www.suse.com/security/cve/CVE-2024-36479"
},
{
"category": "external",
"summary": "SUSE Bug 1226949 for CVE-2024-36479",
"url": "https://bugzilla.suse.com/1226949"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36479"
},
{
"cve": "CVE-2024-36880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: add missing firmware sanity checks\n\nAdd the missing sanity checks when parsing the firmware files before\ndownloading them to avoid accessing and corrupting memory beyond the\nvmalloced buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36880",
"url": "https://www.suse.com/security/cve/CVE-2024-36880"
},
{
"category": "external",
"summary": "SUSE Bug 1225722 for CVE-2024-36880",
"url": "https://bugzilla.suse.com/1225722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36880"
},
{
"cve": "CVE-2024-36882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: use memalloc_nofs_save() in page_cache_ra_order()\n\nSee commit f2c817bed58d (\"mm: use memalloc_nofs_save in readahead path\"),\nensure that page_cache_ra_order() do not attempt to reclaim file-backed\npages too, or it leads to a deadlock, found issue when test ext4 large\nfolio.\n\n INFO: task DataXceiver for:7494 blocked for more than 120 seconds.\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:DataXceiver for state:D stack:0 pid:7494 ppid:1 flags:0x00000200\n Call trace:\n __switch_to+0x14c/0x240\n __schedule+0x82c/0xdd0\n schedule+0x58/0xf0\n io_schedule+0x24/0xa0\n __folio_lock+0x130/0x300\n migrate_pages_batch+0x378/0x918\n migrate_pages+0x350/0x700\n compact_zone+0x63c/0xb38\n compact_zone_order+0xc0/0x118\n try_to_compact_pages+0xb0/0x280\n __alloc_pages_direct_compact+0x98/0x248\n __alloc_pages+0x510/0x1110\n alloc_pages+0x9c/0x130\n folio_alloc+0x20/0x78\n filemap_alloc_folio+0x8c/0x1b0\n page_cache_ra_order+0x174/0x308\n ondemand_readahead+0x1c8/0x2b8\n page_cache_async_ra+0x68/0xb8\n filemap_readahead.isra.0+0x64/0xa8\n filemap_get_pages+0x3fc/0x5b0\n filemap_splice_read+0xf4/0x280\n ext4_file_splice_read+0x2c/0x48 [ext4]\n vfs_splice_read.part.0+0xa8/0x118\n splice_direct_to_actor+0xbc/0x288\n do_splice_direct+0x9c/0x108\n do_sendfile+0x328/0x468\n __arm64_sys_sendfile64+0x8c/0x148\n invoke_syscall+0x4c/0x118\n el0_svc_common.constprop.0+0xc8/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x4c/0x1f8\n el0t_64_sync_handler+0xc0/0xc8\n el0t_64_sync+0x188/0x190",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36882",
"url": "https://www.suse.com/security/cve/CVE-2024-36882"
},
{
"category": "external",
"summary": "SUSE Bug 1225723 for CVE-2024-36882",
"url": "https://bugzilla.suse.com/1225723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36882"
},
{
"cve": "CVE-2024-36885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36885"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36885",
"url": "https://www.suse.com/security/cve/CVE-2024-36885"
},
{
"category": "external",
"summary": "SUSE Bug 1225728 for CVE-2024-36885",
"url": "https://bugzilla.suse.com/1225728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36885"
},
{
"cve": "CVE-2024-36887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ne1000e: change usleep_range to udelay in PHY mdic access\n\nThis is a partial revert of commit 6dbdd4de0362 (\"e1000e: Workaround\nfor sporadic MDI error on Meteor Lake systems\"). The referenced commit\nused usleep_range inside the PHY access routines, which are sometimes\ncalled from an atomic context. This can lead to a kernel panic in some\nscenarios, such as cable disconnection and reconnection on vPro systems.\n\nSolve this by changing the usleep_range calls back to udelay.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36887",
"url": "https://www.suse.com/security/cve/CVE-2024-36887"
},
{
"category": "external",
"summary": "SUSE Bug 1225731 for CVE-2024-36887",
"url": "https://bugzilla.suse.com/1225731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36887"
},
{
"cve": "CVE-2024-36889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure snd_nxt is properly initialized on connect\n\nChristoph reported a splat hinting at a corrupted snd_una:\n\n WARNING: CPU: 1 PID: 38 at net/mptcp/protocol.c:1005 __mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Modules linked in:\n CPU: 1 PID: 38 Comm: kworker/1:1 Not tainted 6.9.0-rc1-gbbeac67456c9 #59\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.11.0-2.el7 04/01/2014\n Workqueue: events mptcp_worker\n RIP: 0010:__mptcp_clean_una+0x4b3/0x620 net/mptcp/protocol.c:1005\n Code: be 06 01 00 00 bf 06 01 00 00 e8 a8 12 e7 fe e9 00 fe ff ff e8\n \t8e 1a e7 fe 0f b7 ab 3e 02 00 00 e9 d3 fd ff ff e8 7d 1a e7 fe\n \t\u003c0f\u003e 0b 4c 8b bb e0 05 00 00 e9 74 fc ff ff e8 6a 1a e7 fe 0f 0b e9\n RSP: 0018:ffffc9000013fd48 EFLAGS: 00010293\n RAX: 0000000000000000 RBX: ffff8881029bd280 RCX: ffffffff82382fe4\n RDX: ffff8881003cbd00 RSI: ffffffff823833c3 RDI: 0000000000000001\n RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000\n R10: 0000000000000000 R11: fefefefefefefeff R12: ffff888138ba8000\n R13: 0000000000000106 R14: ffff8881029bd908 R15: ffff888126560000\n FS: 0000000000000000(0000) GS:ffff88813bd00000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007f604a5dae38 CR3: 0000000101dac002 CR4: 0000000000170ef0\n Call Trace:\n \u003cTASK\u003e\n __mptcp_clean_una_wakeup net/mptcp/protocol.c:1055 [inline]\n mptcp_clean_una_wakeup net/mptcp/protocol.c:1062 [inline]\n __mptcp_retrans+0x7f/0x7e0 net/mptcp/protocol.c:2615\n mptcp_worker+0x434/0x740 net/mptcp/protocol.c:2767\n process_one_work+0x1e0/0x560 kernel/workqueue.c:3254\n process_scheduled_works kernel/workqueue.c:3335 [inline]\n worker_thread+0x3c7/0x640 kernel/workqueue.c:3416\n kthread+0x121/0x170 kernel/kthread.c:388\n ret_from_fork+0x44/0x50 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n \u003c/TASK\u003e\n\nWhen fallback to TCP happens early on a client socket, snd_nxt\nis not yet initialized and any incoming ack will copy such value\ninto snd_una. If the mptcp worker (dumbly) tries mptcp-level\nre-injection after such ack, that would unconditionally trigger a send\nbuffer cleanup using \u0027bad\u0027 snd_una values.\n\nWe could easily disable re-injection for fallback sockets, but such\ndumb behavior already helped catching a few subtle issues and a very\nlow to zero impact in practice.\n\nInstead address the issue always initializing snd_nxt (and write_seq,\nfor consistency) at connect time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36889",
"url": "https://www.suse.com/security/cve/CVE-2024-36889"
},
{
"category": "external",
"summary": "SUSE Bug 1225746 for CVE-2024-36889",
"url": "https://bugzilla.suse.com/1225746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-36889"
},
{
"cve": "CVE-2024-36890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slab: make __free(kfree) accept error pointers\n\nCurrently, if an automatically freed allocation is an error pointer that\nwill lead to a crash. An example of this is in wm831x_gpio_dbg_show().\n\n 171\tchar *label __free(kfree) = gpiochip_dup_line_label(chip, i);\n 172\tif (IS_ERR(label)) {\n 173\t\tdev_err(wm831x-\u003edev, \"Failed to duplicate label\\n\");\n 174\t\tcontinue;\n 175 }\n\nThe auto clean up function should check for error pointers as well,\notherwise we\u0027re going to keep hitting issues like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36890",
"url": "https://www.suse.com/security/cve/CVE-2024-36890"
},
{
"category": "external",
"summary": "SUSE Bug 1225714 for CVE-2024-36890",
"url": "https://bugzilla.suse.com/1225714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36890"
},
{
"cve": "CVE-2024-36891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmaple_tree: fix mas_empty_area_rev() null pointer dereference\n\nCurrently the code calls mas_start() followed by mas_data_end() if the\nmaple state is MA_START, but mas_start() may return with the maple state\nnode == NULL. This will lead to a null pointer dereference when checking\ninformation in the NULL node, which is done in mas_data_end().\n\nAvoid setting the offset if there is no node by waiting until after the\nmaple state is checked for an empty or single entry state.\n\nA user could trigger the events to cause a kernel oops by unmapping all\nvmas to produce an empty maple tree, then mapping a vma that would cause\nthe scenario described above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36891",
"url": "https://www.suse.com/security/cve/CVE-2024-36891"
},
{
"category": "external",
"summary": "SUSE Bug 1225710 for CVE-2024-36891",
"url": "https://bugzilla.suse.com/1225710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36891"
},
{
"cve": "CVE-2024-36893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36893"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Check for port partner validity before consuming it\n\ntypec_register_partner() does not guarantee partner registration\nto always succeed. In the event of failure, port-\u003epartner is set\nto the error value or NULL. Given that port-\u003epartner validity is\nnot checked, this results in the following crash:\n\nUnable to handle kernel NULL pointer dereference at virtual address xx\n pc : run_state_machine+0x1bc8/0x1c08\n lr : run_state_machine+0x1b90/0x1c08\n..\n Call trace:\n run_state_machine+0x1bc8/0x1c08\n tcpm_state_machine_work+0x94/0xe4\n kthread_worker_fn+0x118/0x328\n kthread+0x1d0/0x23c\n ret_from_fork+0x10/0x20\n\nTo prevent the crash, check for port-\u003epartner validity before\nderefencing it in all the call sites.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36893",
"url": "https://www.suse.com/security/cve/CVE-2024-36893"
},
{
"category": "external",
"summary": "SUSE Bug 1225748 for CVE-2024-36893",
"url": "https://bugzilla.suse.com/1225748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36893"
},
{
"cve": "CVE-2024-36894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete\n\nFFS based applications can utilize the aio_cancel() callback to dequeue\npending USB requests submitted to the UDC. There is a scenario where the\nFFS application issues an AIO cancel call, while the UDC is handling a\nsoft disconnect. For a DWC3 based implementation, the callstack looks\nlike the following:\n\n DWC3 Gadget FFS Application\ndwc3_gadget_soft_disconnect() ...\n --\u003e dwc3_stop_active_transfers()\n --\u003e dwc3_gadget_giveback(-ESHUTDOWN)\n --\u003e ffs_epfile_async_io_complete() ffs_aio_cancel()\n --\u003e usb_ep_free_request() --\u003e usb_ep_dequeue()\n\nThere is currently no locking implemented between the AIO completion\nhandler and AIO cancel, so the issue occurs if the completion routine is\nrunning in parallel to an AIO cancel call coming from the FFS application.\nAs the completion call frees the USB request (io_data-\u003ereq) the FFS\napplication is also referencing it for the usb_ep_dequeue() call. This can\nlead to accessing a stale/hanging pointer.\n\ncommit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus consistently\")\nrelocated the usb_ep_free_request() into ffs_epfile_async_io_complete().\nHowever, in order to properly implement locking to mitigate this issue, the\nspinlock can\u0027t be added to ffs_epfile_async_io_complete(), as\nusb_ep_dequeue() (if successfully dequeuing a USB request) will call the\nfunction driver\u0027s completion handler in the same context. Hence, leading\ninto a deadlock.\n\nFix this issue by moving the usb_ep_free_request() back to\nffs_user_copy_worker(), and ensuring that it explicitly sets io_data-\u003ereq\nto NULL after freeing it within the ffs-\u003eeps_lock. This resolves the race\ncondition above, as the ffs_aio_cancel() routine will not continue\nattempting to dequeue a request that has already been freed, or the\nffs_user_copy_work() not freeing the USB request until the AIO cancel is\ndone referencing it.\n\nThis fix depends on\n commit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus\n consistently\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36894",
"url": "https://www.suse.com/security/cve/CVE-2024-36894"
},
{
"category": "external",
"summary": "SUSE Bug 1225749 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "external",
"summary": "SUSE Bug 1226139 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1226139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36894"
},
{
"cve": "CVE-2024-36895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: use correct buffer size when parsing configfs lists\n\nThis commit fixes uvc gadget support on 32-bit platforms.\n\nCommit 0df28607c5cb (\"usb: gadget: uvc: Generalise helper functions for\nreuse\") introduced a helper function __uvcg_iter_item_entries() to aid\nwith parsing lists of items on configfs attributes stores. This function\nis a generalization of another very similar function, which used a\nstack-allocated temporary buffer of fixed size for each item in the list\nand used the sizeof() operator to check for potential buffer overruns.\nThe new function was changed to allocate the now variably sized temp\nbuffer on heap, but wasn\u0027t properly updated to also check for max buffer\nsize using the computed size instead of sizeof() operator.\n\nAs a result, the maximum item size was 7 (plus null terminator) on\n64-bit platforms, and 3 on 32-bit ones. While 7 is accidentally just\nbarely enough, 3 is definitely too small for some of UVC configfs\nattributes. For example, dwFrameInteval, specified in 100ns units,\nusually has 6-digit item values, e.g. 166666 for 60fps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36895",
"url": "https://www.suse.com/security/cve/CVE-2024-36895"
},
{
"category": "external",
"summary": "SUSE Bug 1225750 for CVE-2024-36895",
"url": "https://bugzilla.suse.com/1225750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-36895"
},
{
"cve": "CVE-2024-36896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36896"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix access violation during port device removal\n\nTesting with KASAN and syzkaller revealed a bug in port.c:disable_store():\nusb_hub_to_struct_hub() can return NULL if the hub that the port belongs to\nis concurrently removed, but the function does not check for this\npossibility before dereferencing the returned value.\n\nIt turns out that the first dereference is unnecessary, since hub-\u003eintfdev\nis the parent of the port device, so it can be changed easily. Adding a\ncheck for hub == NULL prevents further problems.\n\nThe same bug exists in the disable_show() routine, and it can be fixed the\nsame way.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36896",
"url": "https://www.suse.com/security/cve/CVE-2024-36896"
},
{
"category": "external",
"summary": "SUSE Bug 1225734 for CVE-2024-36896",
"url": "https://bugzilla.suse.com/1225734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36896"
},
{
"cve": "CVE-2024-36897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Atom Integrated System Info v2_2 for DCN35\n\nNew request from KMD/VBIOS in order to support new UMA carveout\nmodel. This fixes a null dereference from accessing\nCtx-\u003edc_bios-\u003eintegrated_info while it was NULL.\n\nDAL parses through the BIOS and extracts the necessary\nintegrated_info but was missing a case for the new BIOS\nversion 2.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36897",
"url": "https://www.suse.com/security/cve/CVE-2024-36897"
},
{
"category": "external",
"summary": "SUSE Bug 1225735 for CVE-2024-36897",
"url": "https://bugzilla.suse.com/1225735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36897"
},
{
"cve": "CVE-2024-36898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: fix uninitialised kfifo\n\nIf a line is requested with debounce, and that results in debouncing\nin software, and the line is subsequently reconfigured to enable edge\ndetection then the allocation of the kfifo to contain edge events is\noverlooked. This results in events being written to and read from an\nuninitialised kfifo. Read events are returned to userspace.\n\nInitialise the kfifo in the case where the software debounce is\nalready active.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36898",
"url": "https://www.suse.com/security/cve/CVE-2024-36898"
},
{
"category": "external",
"summary": "SUSE Bug 1225736 for CVE-2024-36898",
"url": "https://bugzilla.suse.com/1225736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36898"
},
{
"cve": "CVE-2024-36899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: Fix use after free in lineinfo_changed_notify\n\nThe use-after-free issue occurs as follows: when the GPIO chip device file\nis being closed by invoking gpio_chrdev_release(), watched_lines is freed\nby bitmap_free(), but the unregistration of lineinfo_changed_nb notifier\nchain failed due to waiting write rwsem. Additionally, one of the GPIO\nchip\u0027s lines is also in the release process and holds the notifier chain\u0027s\nread rwsem. Consequently, a race condition leads to the use-after-free of\nwatched_lines.\n\nHere is the typical stack when issue happened:\n\n[free]\ngpio_chrdev_release()\n --\u003e bitmap_free(cdev-\u003ewatched_lines) \u003c-- freed\n --\u003e blocking_notifier_chain_unregister()\n --\u003e down_write(\u0026nh-\u003erwsem) \u003c-- waiting rwsem\n --\u003e __down_write_common()\n --\u003e rwsem_down_write_slowpath()\n --\u003e schedule_preempt_disabled()\n --\u003e schedule()\n\n[use]\nst54spi_gpio_dev_release()\n --\u003e gpio_free()\n --\u003e gpiod_free()\n --\u003e gpiod_free_commit()\n --\u003e gpiod_line_state_notify()\n --\u003e blocking_notifier_call_chain()\n --\u003e down_read(\u0026nh-\u003erwsem); \u003c-- held rwsem\n --\u003e notifier_call_chain()\n --\u003e lineinfo_changed_notify()\n --\u003e test_bit(xxxx, cdev-\u003ewatched_lines) \u003c-- use after free\n\nThe side effect of the use-after-free issue is that a GPIO line event is\nbeing generated for userspace where it shouldn\u0027t. However, since the chrdev\nis being closed, userspace won\u0027t have the chance to read that event anyway.\n\nTo fix the issue, call the bitmap_free() function after the unregistration\nof lineinfo_changed_nb notifier chain.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36899",
"url": "https://www.suse.com/security/cve/CVE-2024-36899"
},
{
"category": "external",
"summary": "SUSE Bug 1225737 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225737"
},
{
"category": "external",
"summary": "SUSE Bug 1225739 for CVE-2024-36899",
"url": "https://bugzilla.suse.com/1225739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36899"
},
{
"cve": "CVE-2024-36900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when devlink reload during initialization\n\nThe devlink reload process will access the hardware resources,\nbut the register operation is done before the hardware is initialized.\nSo, processing the devlink reload during initialization may lead to kernel\ncrash.\n\nThis patch fixes this by registering the devlink after\nhardware initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36900",
"url": "https://www.suse.com/security/cve/CVE-2024-36900"
},
{
"category": "external",
"summary": "SUSE Bug 1225726 for CVE-2024-36900",
"url": "https://bugzilla.suse.com/1225726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36900"
},
{
"cve": "CVE-2024-36901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent NULL dereference in ip6_output()\n\nAccording to syzbot, there is a chance that ip6_dst_idev()\nreturns NULL in ip6_output(). Most places in IPv6 stack\ndeal with a NULL idev just fine, but not here.\n\nsyzbot reported:\n\ngeneral protection fault, probably for non-canonical address 0xdffffc00000000bc: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x00000000000005e0-0x00000000000005e7]\nCPU: 0 PID: 9775 Comm: syz-executor.4 Not tainted 6.9.0-rc5-syzkaller-00157-g6a30653b604a #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:ip6_output+0x231/0x3f0 net/ipv6/ip6_output.c:237\nCode: 3c 1e 00 49 89 df 74 08 4c 89 ef e8 19 58 db f7 48 8b 44 24 20 49 89 45 00 49 89 c5 48 8d 9d e0 05 00 00 48 89 d8 48 c1 e8 03 \u003c42\u003e 0f b6 04 38 84 c0 4c 8b 74 24 28 0f 85 61 01 00 00 8b 1b 31 ff\nRSP: 0018:ffffc9000927f0d8 EFLAGS: 00010202\nRAX: 00000000000000bc RBX: 00000000000005e0 RCX: 0000000000040000\nRDX: ffffc900131f9000 RSI: 0000000000004f47 RDI: 0000000000004f48\nRBP: 0000000000000000 R08: ffffffff8a1f0b9a R09: 1ffffffff1f51fad\nR10: dffffc0000000000 R11: fffffbfff1f51fae R12: ffff8880293ec8c0\nR13: ffff88805d7fc000 R14: 1ffff1100527d91a R15: dffffc0000000000\nFS: 00007f135c6856c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000080 CR3: 0000000064096000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip6_xmit+0xefe/0x17f0 net/ipv6/ip6_output.c:358\n sctp_v6_xmit+0x9f2/0x13f0 net/sctp/ipv6.c:248\n sctp_packet_transmit+0x26ad/0x2ca0 net/sctp/output.c:653\n sctp_packet_singleton+0x22c/0x320 net/sctp/outqueue.c:783\n sctp_outq_flush_ctrl net/sctp/outqueue.c:914 [inline]\n sctp_outq_flush+0x6d5/0x3e20 net/sctp/outqueue.c:1212\n sctp_side_effects net/sctp/sm_sideeffect.c:1198 [inline]\n sctp_do_sm+0x59cc/0x60c0 net/sctp/sm_sideeffect.c:1169\n sctp_primitive_ASSOCIATE+0x95/0xc0 net/sctp/primitive.c:73\n __sctp_connect+0x9cd/0xe30 net/sctp/socket.c:1234\n sctp_connect net/sctp/socket.c:4819 [inline]\n sctp_inet_connect+0x149/0x1f0 net/sctp/socket.c:4834\n __sys_connect_file net/socket.c:2048 [inline]\n __sys_connect+0x2df/0x310 net/socket.c:2065\n __do_sys_connect net/socket.c:2075 [inline]\n __se_sys_connect net/socket.c:2072 [inline]\n __x64_sys_connect+0x7a/0x90 net/socket.c:2072\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36901",
"url": "https://www.suse.com/security/cve/CVE-2024-36901"
},
{
"category": "external",
"summary": "SUSE Bug 1225711 for CVE-2024-36901",
"url": "https://bugzilla.suse.com/1225711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36901"
},
{
"cve": "CVE-2024-36902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36902"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fib6_rules: avoid possible NULL dereference in fib6_rule_action()\n\nsyzbot is able to trigger the following crash [1],\ncaused by unsafe ip6_dst_idev() use.\n\nIndeed ip6_dst_idev() can return NULL, and must always be checked.\n\n[1]\n\nOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\nCPU: 0 PID: 31648 Comm: syz-executor.0 Not tainted 6.9.0-rc4-next-20240417-syzkaller #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\n RIP: 0010:__fib6_rule_action net/ipv6/fib6_rules.c:237 [inline]\n RIP: 0010:fib6_rule_action+0x241/0x7b0 net/ipv6/fib6_rules.c:267\nCode: 02 00 00 49 8d 9f d8 00 00 00 48 89 d8 48 c1 e8 03 42 80 3c 20 00 74 08 48 89 df e8 f9 32 bf f7 48 8b 1b 48 89 d8 48 c1 e8 03 \u003c42\u003e 80 3c 20 00 74 08 48 89 df e8 e0 32 bf f7 4c 8b 03 48 89 ef 4c\nRSP: 0018:ffffc9000fc1f2f0 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 1a772f98c8186700\nRDX: 0000000000000003 RSI: ffffffff8bcac4e0 RDI: ffffffff8c1f9760\nRBP: ffff8880673fb980 R08: ffffffff8fac15ef R09: 1ffffffff1f582bd\nR10: dffffc0000000000 R11: fffffbfff1f582be R12: dffffc0000000000\nR13: 0000000000000080 R14: ffff888076509000 R15: ffff88807a029a00\nFS: 00007f55e82ca6c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b31d23000 CR3: 0000000022b66000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n fib_rules_lookup+0x62c/0xdb0 net/core/fib_rules.c:317\n fib6_rule_lookup+0x1fd/0x790 net/ipv6/fib6_rules.c:108\n ip6_route_output_flags_noref net/ipv6/route.c:2637 [inline]\n ip6_route_output_flags+0x38e/0x610 net/ipv6/route.c:2649\n ip6_route_output include/net/ip6_route.h:93 [inline]\n ip6_dst_lookup_tail+0x189/0x11a0 net/ipv6/ip6_output.c:1120\n ip6_dst_lookup_flow+0xb9/0x180 net/ipv6/ip6_output.c:1250\n sctp_v6_get_dst+0x792/0x1e20 net/sctp/ipv6.c:326\n sctp_transport_route+0x12c/0x2e0 net/sctp/transport.c:455\n sctp_assoc_add_peer+0x614/0x15c0 net/sctp/associola.c:662\n sctp_connect_new_asoc+0x31d/0x6c0 net/sctp/socket.c:1099\n __sctp_connect+0x66d/0xe30 net/sctp/socket.c:1197\n sctp_connect net/sctp/socket.c:4819 [inline]\n sctp_inet_connect+0x149/0x1f0 net/sctp/socket.c:4834\n __sys_connect_file net/socket.c:2048 [inline]\n __sys_connect+0x2df/0x310 net/socket.c:2065\n __do_sys_connect net/socket.c:2075 [inline]\n __se_sys_connect net/socket.c:2072 [inline]\n __x64_sys_connect+0x7a/0x90 net/socket.c:2072\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf5/0x240 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36902",
"url": "https://www.suse.com/security/cve/CVE-2024-36902"
},
{
"category": "external",
"summary": "SUSE Bug 1225719 for CVE-2024-36902",
"url": "https://bugzilla.suse.com/1225719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36902"
},
{
"cve": "CVE-2024-36903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: Fix potential uninit-value access in __ip6_make_skb()\n\nAs it was done in commit fc1092f51567 (\"ipv4: Fix uninit-value access in\n__ip_make_skb()\") for IPv4, check FLOWI_FLAG_KNOWN_NH on fl6-\u003eflowi6_flags\ninstead of testing HDRINCL on the socket to avoid a race condition which\ncauses uninit-value access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36903",
"url": "https://www.suse.com/security/cve/CVE-2024-36903"
},
{
"category": "external",
"summary": "SUSE Bug 1225741 for CVE-2024-36903",
"url": "https://bugzilla.suse.com/1225741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36903"
},
{
"cve": "CVE-2024-36904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: Use refcount_inc_not_zero() in tcp_twsk_unique().\n\nAnderson Nascimento reported a use-after-free splat in tcp_twsk_unique()\nwith nice analysis.\n\nSince commit ec94c2696f0b (\"tcp/dccp: avoid one atomic operation for\ntimewait hashdance\"), inet_twsk_hashdance() sets TIME-WAIT socket\u0027s\nsk_refcnt after putting it into ehash and releasing the bucket lock.\n\nThus, there is a small race window where other threads could try to\nreuse the port during connect() and call sock_hold() in tcp_twsk_unique()\nfor the TIME-WAIT socket with zero refcnt.\n\nIf that happens, the refcnt taken by tcp_twsk_unique() is overwritten\nand sock_put() will cause underflow, triggering a real use-after-free\nsomewhere else.\n\nTo avoid the use-after-free, we need to use refcount_inc_not_zero() in\ntcp_twsk_unique() and give up on reusing the port if it returns false.\n\n[0]:\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 0 PID: 1039313 at lib/refcount.c:25 refcount_warn_saturate+0xe5/0x110\nCPU: 0 PID: 1039313 Comm: trigger Not tainted 6.8.6-200.fc39.x86_64 #1\nHardware name: VMware, Inc. VMware20,1/440BX Desktop Reference Platform, BIOS VMW201.00V.21805430.B64.2305221830 05/22/2023\nRIP: 0010:refcount_warn_saturate+0xe5/0x110\nCode: 42 8e ff 0f 0b c3 cc cc cc cc 80 3d aa 13 ea 01 00 0f 85 5e ff ff ff 48 c7 c7 f8 8e b7 82 c6 05 96 13 ea 01 01 e8 7b 42 8e ff \u003c0f\u003e 0b c3 cc cc cc cc 48 c7 c7 50 8f b7 82 c6 05 7a 13 ea 01 01 e8\nRSP: 0018:ffffc90006b43b60 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: ffff888009bb3ef0 RCX: 0000000000000027\nRDX: ffff88807be218c8 RSI: 0000000000000001 RDI: ffff88807be218c0\nRBP: 0000000000069d70 R08: 0000000000000000 R09: ffffc90006b439f0\nR10: ffffc90006b439e8 R11: 0000000000000003 R12: ffff8880029ede84\nR13: 0000000000004e20 R14: ffffffff84356dc0 R15: ffff888009bb3ef0\nFS: 00007f62c10926c0(0000) GS:ffff88807be00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020ccb000 CR3: 000000004628c005 CR4: 0000000000f70ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? refcount_warn_saturate+0xe5/0x110\n ? __warn+0x81/0x130\n ? refcount_warn_saturate+0xe5/0x110\n ? report_bug+0x171/0x1a0\n ? refcount_warn_saturate+0xe5/0x110\n ? handle_bug+0x3c/0x80\n ? exc_invalid_op+0x17/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? refcount_warn_saturate+0xe5/0x110\n tcp_twsk_unique+0x186/0x190\n __inet_check_established+0x176/0x2d0\n __inet_hash_connect+0x74/0x7d0\n ? __pfx___inet_check_established+0x10/0x10\n tcp_v4_connect+0x278/0x530\n __inet_stream_connect+0x10f/0x3d0\n inet_stream_connect+0x3a/0x60\n __sys_connect+0xa8/0xd0\n __x64_sys_connect+0x18/0x20\n do_syscall_64+0x83/0x170\n entry_SYSCALL_64_after_hwframe+0x78/0x80\nRIP: 0033:0x7f62c11a885d\nCode: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d a3 45 0c 00 f7 d8 64 89 01 48\nRSP: 002b:00007f62c1091e58 EFLAGS: 00000296 ORIG_RAX: 000000000000002a\nRAX: ffffffffffffffda RBX: 0000000020ccb004 RCX: 00007f62c11a885d\nRDX: 0000000000000010 RSI: 0000000020ccb000 RDI: 0000000000000003\nRBP: 00007f62c1091e90 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000296 R12: 00007f62c10926c0\nR13: ffffffffffffff88 R14: 0000000000000000 R15: 00007ffe237885b0\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36904",
"url": "https://www.suse.com/security/cve/CVE-2024-36904"
},
{
"category": "external",
"summary": "SUSE Bug 1225732 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225732"
},
{
"category": "external",
"summary": "SUSE Bug 1225733 for CVE-2024-36904",
"url": "https://bugzilla.suse.com/1225733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36904"
},
{
"cve": "CVE-2024-36906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9381/1: kasan: clear stale stack poison\n\nWe found below OOB crash:\n\n[ 33.452494] ==================================================================\n[ 33.453513] BUG: KASAN: stack-out-of-bounds in refresh_cpu_vm_stats.constprop.0+0xcc/0x2ec\n[ 33.454660] Write of size 164 at addr c1d03d30 by task swapper/0/0\n[ 33.455515]\n[ 33.455767] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G O 6.1.25-mainline #1\n[ 33.456880] Hardware name: Generic DT based system\n[ 33.457555] unwind_backtrace from show_stack+0x18/0x1c\n[ 33.458326] show_stack from dump_stack_lvl+0x40/0x4c\n[ 33.459072] dump_stack_lvl from print_report+0x158/0x4a4\n[ 33.459863] print_report from kasan_report+0x9c/0x148\n[ 33.460616] kasan_report from kasan_check_range+0x94/0x1a0\n[ 33.461424] kasan_check_range from memset+0x20/0x3c\n[ 33.462157] memset from refresh_cpu_vm_stats.constprop.0+0xcc/0x2ec\n[ 33.463064] refresh_cpu_vm_stats.constprop.0 from tick_nohz_idle_stop_tick+0x180/0x53c\n[ 33.464181] tick_nohz_idle_stop_tick from do_idle+0x264/0x354\n[ 33.465029] do_idle from cpu_startup_entry+0x20/0x24\n[ 33.465769] cpu_startup_entry from rest_init+0xf0/0xf4\n[ 33.466528] rest_init from arch_post_acpi_subsys_init+0x0/0x18\n[ 33.467397]\n[ 33.467644] The buggy address belongs to stack of task swapper/0/0\n[ 33.468493] and is located at offset 112 in frame:\n[ 33.469172] refresh_cpu_vm_stats.constprop.0+0x0/0x2ec\n[ 33.469917]\n[ 33.470165] This frame has 2 objects:\n[ 33.470696] [32, 76) \u0027global_zone_diff\u0027\n[ 33.470729] [112, 276) \u0027global_node_diff\u0027\n[ 33.471294]\n[ 33.472095] The buggy address belongs to the physical page:\n[ 33.472862] page:3cd72da8 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x41d03\n[ 33.473944] flags: 0x1000(reserved|zone=0)\n[ 33.474565] raw: 00001000 ed741470 ed741470 00000000 00000000 00000000 ffffffff 00000001\n[ 33.475656] raw: 00000000\n[ 33.476050] page dumped because: kasan: bad access detected\n[ 33.476816]\n[ 33.477061] Memory state around the buggy address:\n[ 33.477732] c1d03c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 33.478630] c1d03c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00\n[ 33.479526] \u003ec1d03d00: 00 04 f2 f2 f2 f2 00 00 00 00 00 00 f1 f1 f1 f1\n[ 33.480415] ^\n[ 33.481195] c1d03d80: 00 00 00 00 00 00 00 00 00 00 04 f3 f3 f3 f3 f3\n[ 33.482088] c1d03e00: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00\n[ 33.482978] ==================================================================\n\nWe find the root cause of this OOB is that arm does not clear stale stack\npoison in the case of cpuidle.\n\nThis patch refer to arch/arm64/kernel/sleep.S to resolve this issue.\n\nFrom cited commit [1] that explain the problem\n\nFunctions which the compiler has instrumented for KASAN place poison on\nthe stack shadow upon entry and remove this poison prior to returning.\n\nIn the case of cpuidle, CPUs exit the kernel a number of levels deep in\nC code. Any instrumented functions on this critical path will leave\nportions of the stack shadow poisoned.\n\nIf CPUs lose context and return to the kernel via a cold path, we\nrestore a prior context saved in __cpu_suspend_enter are forgotten, and\nwe never remove the poison they placed in the stack shadow area by\nfunctions calls between this and the actual exit of the kernel.\n\nThus, (depending on stackframe layout) subsequent calls to instrumented\nfunctions may hit this stale poison, resulting in (spurious) KASAN\nsplats to the console.\n\nTo avoid this, clear any stale poison from the idle thread for a CPU\nprior to bringing a CPU online.\n\nFrom cited commit [2]\n\nExtend to check for CONFIG_KASAN_STACK\n\n[1] commit 0d97e6d8024c (\"arm64: kasan: clear stale stack poison\")\n[2] commit d56a9ef84bd0 (\"kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36906",
"url": "https://www.suse.com/security/cve/CVE-2024-36906"
},
{
"category": "external",
"summary": "SUSE Bug 1225715 for CVE-2024-36906",
"url": "https://bugzilla.suse.com/1225715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36906"
},
{
"cve": "CVE-2024-36909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Don\u0027t free ring buffers that couldn\u0027t be re-encrypted\n\nIn CoCo VMs it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nThe VMBus ring buffer code could free decrypted/shared pages if\nset_memory_decrypted() fails. Check the decrypted field in the struct\nvmbus_gpadl for the ring buffers to decide whether to free the memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36909",
"url": "https://www.suse.com/security/cve/CVE-2024-36909"
},
{
"category": "external",
"summary": "SUSE Bug 1225744 for CVE-2024-36909",
"url": "https://bugzilla.suse.com/1225744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36909"
},
{
"cve": "CVE-2024-36910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nuio_hv_generic: Don\u0027t free decrypted memory\n\nIn CoCo VMs it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nThe VMBus device UIO driver could free decrypted/shared pages if\nset_memory_decrypted() fails. Check the decrypted field in the gpadl\nto decide whether to free the memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36910",
"url": "https://www.suse.com/security/cve/CVE-2024-36910"
},
{
"category": "external",
"summary": "SUSE Bug 1225717 for CVE-2024-36910",
"url": "https://bugzilla.suse.com/1225717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36910"
},
{
"cve": "CVE-2024-36911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhv_netvsc: Don\u0027t free decrypted memory\n\nIn CoCo VMs it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nThe netvsc driver could free decrypted/shared pages if\nset_memory_decrypted() fails. Check the decrypted field in the gpadl\nto decide whether to free the memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36911",
"url": "https://www.suse.com/security/cve/CVE-2024-36911"
},
{
"category": "external",
"summary": "SUSE Bug 1225745 for CVE-2024-36911",
"url": "https://bugzilla.suse.com/1225745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36911"
},
{
"cve": "CVE-2024-36912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Track decrypted status in vmbus_gpadl\n\nIn CoCo VMs it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nIn order to make sure callers of vmbus_establish_gpadl() and\nvmbus_teardown_gpadl() don\u0027t return decrypted/shared pages to\nallocators, add a field in struct vmbus_gpadl to keep track of the\ndecryption status of the buffers. This will allow the callers to\nknow if they should free or leak the pages.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36912",
"url": "https://www.suse.com/security/cve/CVE-2024-36912"
},
{
"category": "external",
"summary": "SUSE Bug 1225752 for CVE-2024-36912",
"url": "https://bugzilla.suse.com/1225752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36912"
},
{
"cve": "CVE-2024-36913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36913"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nDrivers: hv: vmbus: Leak pages if set_memory_encrypted() fails\n\nIn CoCo VMs it is possible for the untrusted host to cause\nset_memory_encrypted() or set_memory_decrypted() to fail such that an\nerror is returned and the resulting memory is shared. Callers need to\ntake care to handle these errors to avoid returning decrypted (shared)\nmemory to the page allocator, which could lead to functional or security\nissues.\n\nVMBus code could free decrypted pages if set_memory_encrypted()/decrypted()\nfails. Leak the pages if this happens.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36913",
"url": "https://www.suse.com/security/cve/CVE-2024-36913"
},
{
"category": "external",
"summary": "SUSE Bug 1225753 for CVE-2024-36913",
"url": "https://bugzilla.suse.com/1225753"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36913"
},
{
"cve": "CVE-2024-36914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Skip on writeback when it\u0027s not applicable\n\n[WHY]\ndynamic memory safety error detector (KASAN) catches and generates error\nmessages \"BUG: KASAN: slab-out-of-bounds\" as writeback connector does not\nsupport certain features which are not initialized.\n\n[HOW]\nSkip them when connector type is DRM_MODE_CONNECTOR_WRITEBACK.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36914",
"url": "https://www.suse.com/security/cve/CVE-2024-36914"
},
{
"category": "external",
"summary": "SUSE Bug 1225757 for CVE-2024-36914",
"url": "https://bugzilla.suse.com/1225757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36914"
},
{
"cve": "CVE-2024-36915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: llcp: fix nfc_llcp_setsockopt() unsafe copies\n\nsyzbot reported unsafe calls to copy_from_sockptr() [1]\n\nUse copy_safe_from_sockptr() instead.\n\n[1]\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n BUG: KASAN: slab-out-of-bounds in copy_from_sockptr include/linux/sockptr.h:55 [inline]\n BUG: KASAN: slab-out-of-bounds in nfc_llcp_setsockopt+0x6c2/0x850 net/nfc/llcp_sock.c:255\nRead of size 4 at addr ffff88801caa1ec3 by task syz-executor459/5078\n\nCPU: 0 PID: 5078 Comm: syz-executor459 Not tainted 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x241/0x360 lib/dump_stack.c:114\n print_address_description mm/kasan/report.c:377 [inline]\n print_report+0x169/0x550 mm/kasan/report.c:488\n kasan_report+0x143/0x180 mm/kasan/report.c:601\n copy_from_sockptr_offset include/linux/sockptr.h:49 [inline]\n copy_from_sockptr include/linux/sockptr.h:55 [inline]\n nfc_llcp_setsockopt+0x6c2/0x850 net/nfc/llcp_sock.c:255\n do_sock_setsockopt+0x3b1/0x720 net/socket.c:2311\n __sys_setsockopt+0x1ae/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0xb5/0xd0 net/socket.c:2340\n do_syscall_64+0xfd/0x240\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\nRIP: 0033:0x7f7fac07fd89\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 91 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fff660eb788 EFLAGS: 00000246 ORIG_RAX: 0000000000000036\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007f7fac07fd89\nRDX: 0000000000000000 RSI: 0000000000000118 RDI: 0000000000000004\nRBP: 0000000000000000 R08: 0000000000000002 R09: 0000000000000000\nR10: 0000000020000a80 R11: 0000000000000246 R12: 0000000000000000\nR13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36915",
"url": "https://www.suse.com/security/cve/CVE-2024-36915"
},
{
"category": "external",
"summary": "SUSE Bug 1225758 for CVE-2024-36915",
"url": "https://bugzilla.suse.com/1225758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36915"
},
{
"cve": "CVE-2024-36916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-iocost: avoid out of bounds shift\n\nUBSAN catches undefined behavior in blk-iocost, where sometimes\niocg-\u003edelay is shifted right by a number that is too large,\nresulting in undefined behavior on some architectures.\n\n[ 186.556576] ------------[ cut here ]------------\nUBSAN: shift-out-of-bounds in block/blk-iocost.c:1366:23\nshift exponent 64 is too large for 64-bit type \u0027u64\u0027 (aka \u0027unsigned long long\u0027)\nCPU: 16 PID: 0 Comm: swapper/16 Tainted: G S E N 6.9.0-0_fbk700_debug_rc2_kbuilder_0_gc85af715cac0 #1\nHardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A23 12/08/2020\nCall Trace:\n \u003cIRQ\u003e\n dump_stack_lvl+0x8f/0xe0\n __ubsan_handle_shift_out_of_bounds+0x22c/0x280\n iocg_kick_delay+0x30b/0x310\n ioc_timer_fn+0x2fb/0x1f80\n __run_timer_base+0x1b6/0x250\n...\n\nAvoid that undefined behavior by simply taking the\n\"delay = 0\" branch if the shift is too large.\n\nI am not sure what the symptoms of an undefined value\ndelay will be, but I suspect it could be more than a\nlittle annoying to debug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36916",
"url": "https://www.suse.com/security/cve/CVE-2024-36916"
},
{
"category": "external",
"summary": "SUSE Bug 1225759 for CVE-2024-36916",
"url": "https://bugzilla.suse.com/1225759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36916"
},
{
"cve": "CVE-2024-36917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix overflow in blk_ioctl_discard()\n\nThere is no check for overflow of \u0027start + len\u0027 in blk_ioctl_discard().\nHung task occurs if submit an discard ioctl with the following param:\n start = 0x80000000000ff000, len = 0x8000000000fff000;\nAdd the overflow validation now.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36917",
"url": "https://www.suse.com/security/cve/CVE-2024-36917"
},
{
"category": "external",
"summary": "SUSE Bug 1225770 for CVE-2024-36917",
"url": "https://bugzilla.suse.com/1225770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36917"
},
{
"cve": "CVE-2024-36918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check bloom filter map value size\n\nThis patch adds a missing check to bloom filter creating, rejecting\nvalues above KMALLOC_MAX_SIZE. This brings the bloom map in line with\nmany other map types.\n\nThe lack of this protection can cause kernel crashes for value sizes\nthat overflow int\u0027s. Such a crash was caught by syzkaller. The next\npatch adds more guard-rails at a lower level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36918",
"url": "https://www.suse.com/security/cve/CVE-2024-36918"
},
{
"category": "external",
"summary": "SUSE Bug 1225766 for CVE-2024-36918",
"url": "https://bugzilla.suse.com/1225766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36918"
},
{
"cve": "CVE-2024-36919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload\n\nThe session resources are used by FW and driver when session is offloaded,\nonce session is uploaded these resources are not used. The lock is not\nrequired as these fields won\u0027t be used any longer. The offload and upload\ncalls are sequential, hence lock is not required.\n\nThis will suppress following BUG_ON():\n\n[ 449.843143] ------------[ cut here ]------------\n[ 449.848302] kernel BUG at mm/vmalloc.c:2727!\n[ 449.853072] invalid opcode: 0000 [#1] PREEMPT SMP PTI\n[ 449.858712] CPU: 5 PID: 1996 Comm: kworker/u24:2 Not tainted 5.14.0-118.el9.x86_64 #1\nRebooting.\n[ 449.867454] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.3.4 11/08/2016\n[ 449.876966] Workqueue: fc_rport_eq fc_rport_work [libfc]\n[ 449.882910] RIP: 0010:vunmap+0x2e/0x30\n[ 449.887098] Code: 00 65 8b 05 14 a2 f0 4a a9 00 ff ff 00 75 1b 55 48 89 fd e8 34 36 79 00 48 85 ed 74 0b 48 89 ef 31 f6 5d e9 14 fc ff ff 5d c3 \u003c0f\u003e 0b 0f 1f 44 00 00 41 57 41 56 49 89 ce 41 55 49 89 fd 41 54 41\n[ 449.908054] RSP: 0018:ffffb83d878b3d68 EFLAGS: 00010206\n[ 449.913887] RAX: 0000000080000201 RBX: ffff8f4355133550 RCX: 000000000d400005\n[ 449.921843] RDX: 0000000000000001 RSI: 0000000000001000 RDI: ffffb83da53f5000\n[ 449.929808] RBP: ffff8f4ac6675800 R08: ffffb83d878b3d30 R09: 00000000000efbdf\n[ 449.937774] R10: 0000000000000003 R11: ffff8f434573e000 R12: 0000000000001000\n[ 449.945736] R13: 0000000000001000 R14: ffffb83da53f5000 R15: ffff8f43d4ea3ae0\n[ 449.953701] FS: 0000000000000000(0000) GS:ffff8f529fc80000(0000) knlGS:0000000000000000\n[ 449.962732] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 449.969138] CR2: 00007f8cf993e150 CR3: 0000000efbe10003 CR4: 00000000003706e0\n[ 449.977102] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 449.985065] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 449.993028] Call Trace:\n[ 449.995756] __iommu_dma_free+0x96/0x100\n[ 450.000139] bnx2fc_free_session_resc+0x67/0x240 [bnx2fc]\n[ 450.006171] bnx2fc_upload_session+0xce/0x100 [bnx2fc]\n[ 450.011910] bnx2fc_rport_event_handler+0x9f/0x240 [bnx2fc]\n[ 450.018136] fc_rport_work+0x103/0x5b0 [libfc]\n[ 450.023103] process_one_work+0x1e8/0x3c0\n[ 450.027581] worker_thread+0x50/0x3b0\n[ 450.031669] ? rescuer_thread+0x370/0x370\n[ 450.036143] kthread+0x149/0x170\n[ 450.039744] ? set_kthread_struct+0x40/0x40\n[ 450.044411] ret_from_fork+0x22/0x30\n[ 450.048404] Modules linked in: vfat msdos fat xfs nfs_layout_nfsv41_files rpcsec_gss_krb5 auth_rpcgss nfsv4 dns_resolver dm_service_time qedf qed crc8 bnx2fc libfcoe libfc scsi_transport_fc intel_rapl_msr intel_rapl_common x86_pkg_temp_thermal intel_powerclamp dcdbas rapl intel_cstate intel_uncore mei_me pcspkr mei ipmi_ssif lpc_ich ipmi_si fuse zram ext4 mbcache jbd2 loop nfsv3 nfs_acl nfs lockd grace fscache netfs irdma ice sd_mod t10_pi sg ib_uverbs ib_core 8021q garp mrp stp llc mgag200 i2c_algo_bit drm_kms_helper syscopyarea sysfillrect sysimgblt mxm_wmi fb_sys_fops cec crct10dif_pclmul ahci crc32_pclmul bnx2x drm ghash_clmulni_intel libahci rfkill i40e libata megaraid_sas mdio wmi sunrpc lrw dm_crypt dm_round_robin dm_multipath dm_snapshot dm_bufio dm_mirror dm_region_hash dm_log dm_zero dm_mod linear raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx raid6_pq libcrc32c crc32c_intel raid1 raid0 iscsi_ibft squashfs be2iscsi bnx2i cnic uio cxgb4i cxgb4 tls\n[ 450.048497] libcxgbi libcxgb qla4xxx iscsi_boot_sysfs iscsi_tcp libiscsi_tcp libiscsi scsi_transport_iscsi edd ipmi_devintf ipmi_msghandler\n[ 450.159753] ---[ end trace 712de2c57c64abc8 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36919",
"url": "https://www.suse.com/security/cve/CVE-2024-36919"
},
{
"category": "external",
"summary": "SUSE Bug 1225767 for CVE-2024-36919",
"url": "https://bugzilla.suse.com/1225767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36919"
},
{
"cve": "CVE-2024-36921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: guard against invalid STA ID on removal\n\nGuard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would\nresult in out-of-bounds array accesses. This prevents issues should the\ndriver get into a bad state during error handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36921",
"url": "https://www.suse.com/security/cve/CVE-2024-36921"
},
{
"category": "external",
"summary": "SUSE Bug 1225769 for CVE-2024-36921",
"url": "https://bugzilla.suse.com/1225769"
},
{
"category": "external",
"summary": "SUSE Bug 1225850 for CVE-2024-36921",
"url": "https://bugzilla.suse.com/1225850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36921"
},
{
"cve": "CVE-2024-36922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: read txq-\u003eread_ptr under lock\n\nIf we read txq-\u003eread_ptr without lock, we can read the same\nvalue twice, then obtain the lock, and reclaim from there\nto two different places, but crucially reclaim the same\nentry twice, resulting in the WARN_ONCE() a little later.\nFix that by reading txq-\u003eread_ptr under lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36922",
"url": "https://www.suse.com/security/cve/CVE-2024-36922"
},
{
"category": "external",
"summary": "SUSE Bug 1225805 for CVE-2024-36922",
"url": "https://bugzilla.suse.com/1225805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36922"
},
{
"cve": "CVE-2024-36923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: fix uninitialized values during inode evict\n\nIf an iget fails due to not being able to retrieve information\nfrom the server then the inode structure is only partially\ninitialized. When the inode gets evicted, references to\nuninitialized structures (like fscache cookies) were being\nmade.\n\nThis patch checks for a bad_inode before doing anything other\nthan clearing the inode from the cache. Since the inode is\nbad, it shouldn\u0027t have any state associated with it that needs\nto be written back (and there really isn\u0027t a way to complete\nthose anyways).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36923",
"url": "https://www.suse.com/security/cve/CVE-2024-36923"
},
{
"category": "external",
"summary": "SUSE Bug 1225815 for CVE-2024-36923",
"url": "https://bugzilla.suse.com/1225815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36923"
},
{
"cve": "CVE-2024-36924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Release hbalock before calling lpfc_worker_wake_up()\n\nlpfc_worker_wake_up() calls the lpfc_work_done() routine, which takes the\nhbalock. Thus, lpfc_worker_wake_up() should not be called while holding the\nhbalock to avoid potential deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36924",
"url": "https://www.suse.com/security/cve/CVE-2024-36924"
},
{
"category": "external",
"summary": "SUSE Bug 1225820 for CVE-2024-36924",
"url": "https://bugzilla.suse.com/1225820"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36924"
},
{
"cve": "CVE-2024-36926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36926"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/pseries/iommu: LPAR panics during boot up with a frozen PE\n\nAt the time of LPAR boot up, partition firmware provides Open Firmware\nproperty ibm,dma-window for the PE. This property is provided on the PCI\nbus the PE is attached to.\n\nThere are execptions where the partition firmware might not provide this\nproperty for the PE at the time of LPAR boot up. One of the scenario is\nwhere the firmware has frozen the PE due to some error condition. This\nPE is frozen for 24 hours or unless the whole system is reinitialized.\n\nWithin this time frame, if the LPAR is booted, the frozen PE will be\npresented to the LPAR but ibm,dma-window property could be missing.\n\nToday, under these circumstances, the LPAR oopses with NULL pointer\ndereference, when configuring the PCI bus the PE is attached to.\n\n BUG: Kernel NULL pointer dereference on read at 0x000000c8\n Faulting instruction address: 0xc0000000001024c0\n Oops: Kernel access of bad area, sig: 7 [#1]\n LE PAGE_SIZE=64K MMU=Radix SMP NR_CPUS=2048 NUMA pSeries\n Modules linked in:\n Supported: Yes\n CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.4.0-150600.9-default #1\n Hardware name: IBM,9043-MRX POWER10 (raw) 0x800200 0xf000006 of:IBM,FW1060.00 (NM1060_023) hv:phyp pSeries\n NIP: c0000000001024c0 LR: c0000000001024b0 CTR: c000000000102450\n REGS: c0000000037db5c0 TRAP: 0300 Not tainted (6.4.0-150600.9-default)\n MSR: 8000000002009033 \u003cSF,VEC,EE,ME,IR,DR,RI,LE\u003e CR: 28000822 XER: 00000000\n CFAR: c00000000010254c DAR: 00000000000000c8 DSISR: 00080000 IRQMASK: 0\n ...\n NIP [c0000000001024c0] pci_dma_bus_setup_pSeriesLP+0x70/0x2a0\n LR [c0000000001024b0] pci_dma_bus_setup_pSeriesLP+0x60/0x2a0\n Call Trace:\n pci_dma_bus_setup_pSeriesLP+0x60/0x2a0 (unreliable)\n pcibios_setup_bus_self+0x1c0/0x370\n __of_scan_bus+0x2f8/0x330\n pcibios_scan_phb+0x280/0x3d0\n pcibios_init+0x88/0x12c\n do_one_initcall+0x60/0x320\n kernel_init_freeable+0x344/0x3e4\n kernel_init+0x34/0x1d0\n ret_from_kernel_user_thread+0x14/0x1c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36926",
"url": "https://www.suse.com/security/cve/CVE-2024-36926"
},
{
"category": "external",
"summary": "SUSE Bug 1225829 for CVE-2024-36926",
"url": "https://bugzilla.suse.com/1225829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36926"
},
{
"cve": "CVE-2024-36928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: Fix kernel panic after setting hsuid\n\nSymptom:\nWhen the hsuid attribute is set for the first time on an IQD Layer3\ndevice while the corresponding network interface is already UP,\nthe kernel will try to execute a napi function pointer that is NULL.\n\nExample:\n---------------------------------------------------------------------------\n[ 2057.572696] illegal operation: 0001 ilc:1 [#1] SMP\n[ 2057.572702] Modules linked in: af_iucv qeth_l3 zfcp scsi_transport_fc sunrpc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6\nnft_reject nft_ct nf_tables_set nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink ghash_s390 prng xts aes_s390 des_s390 de\ns_generic sha3_512_s390 sha3_256_s390 sha512_s390 vfio_ccw vfio_mdev mdev vfio_iommu_type1 eadm_sch vfio ext4 mbcache jbd2 qeth_l2 bridge stp llc dasd_eckd_mod qeth dasd_mod\n qdio ccwgroup pkey zcrypt\n[ 2057.572739] CPU: 6 PID: 60182 Comm: stress_client Kdump: loaded Not tainted 4.18.0-541.el8.s390x #1\n[ 2057.572742] Hardware name: IBM 3931 A01 704 (LPAR)\n[ 2057.572744] Krnl PSW : 0704f00180000000 0000000000000002 (0x2)\n[ 2057.572748] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:3 PM:0 RI:0 EA:3\n[ 2057.572751] Krnl GPRS: 0000000000000004 0000000000000000 00000000a3b008d8 0000000000000000\n[ 2057.572754] 00000000a3b008d8 cb923a29c779abc5 0000000000000000 00000000814cfd80\n[ 2057.572756] 000000000000012c 0000000000000000 00000000a3b008d8 00000000a3b008d8\n[ 2057.572758] 00000000bab6d500 00000000814cfd80 0000000091317e46 00000000814cfc68\n[ 2057.572762] Krnl Code:#0000000000000000: 0000 illegal\n \u003e0000000000000002: 0000 illegal\n 0000000000000004: 0000 illegal\n 0000000000000006: 0000 illegal\n 0000000000000008: 0000 illegal\n 000000000000000a: 0000 illegal\n 000000000000000c: 0000 illegal\n 000000000000000e: 0000 illegal\n[ 2057.572800] Call Trace:\n[ 2057.572801] ([\u003c00000000ec639700\u003e] 0xec639700)\n[ 2057.572803] [\u003c00000000913183e2\u003e] net_rx_action+0x2ba/0x398\n[ 2057.572809] [\u003c0000000091515f76\u003e] __do_softirq+0x11e/0x3a0\n[ 2057.572813] [\u003c0000000090ce160c\u003e] do_softirq_own_stack+0x3c/0x58\n[ 2057.572817] ([\u003c0000000090d2cbd6\u003e] do_softirq.part.1+0x56/0x60)\n[ 2057.572822] [\u003c0000000090d2cc60\u003e] __local_bh_enable_ip+0x80/0x98\n[ 2057.572825] [\u003c0000000091314706\u003e] __dev_queue_xmit+0x2be/0xd70\n[ 2057.572827] [\u003c000003ff803dd6d6\u003e] afiucv_hs_send+0x24e/0x300 [af_iucv]\n[ 2057.572830] [\u003c000003ff803dd88a\u003e] iucv_send_ctrl+0x102/0x138 [af_iucv]\n[ 2057.572833] [\u003c000003ff803de72a\u003e] iucv_sock_connect+0x37a/0x468 [af_iucv]\n[ 2057.572835] [\u003c00000000912e7e90\u003e] __sys_connect+0xa0/0xd8\n[ 2057.572839] [\u003c00000000912e9580\u003e] sys_socketcall+0x228/0x348\n[ 2057.572841] [\u003c0000000091514e1a\u003e] system_call+0x2a6/0x2c8\n[ 2057.572843] Last Breaking-Event-Address:\n[ 2057.572844] [\u003c0000000091317e44\u003e] __napi_poll+0x4c/0x1d8\n[ 2057.572846]\n[ 2057.572847] Kernel panic - not syncing: Fatal exception in interrupt\n-------------------------------------------------------------------------------------------\n\nAnalysis:\nThere is one napi structure per out_q: card-\u003eqdio.out_qs[i].napi\nThe napi.poll functions are set during qeth_open().\n\nSince\ncommit 1cfef80d4c2b (\"s390/qeth: Don\u0027t call dev_close/dev_open (DOWN/UP)\")\nqeth_set_offline()/qeth_set_online() no longer call dev_close()/\ndev_open(). So if qeth_free_qdio_queues() cleared\ncard-\u003eqdio.out_qs[i].napi.poll while the network interface was UP and the\ncard was offline, they are not set again.\n\nReproduction:\nchzdev -e $devno layer2=0\nip link set dev $network_interface up\necho 0 \u003e /sys/bus/ccw\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36928",
"url": "https://www.suse.com/security/cve/CVE-2024-36928"
},
{
"category": "external",
"summary": "SUSE Bug 1225775 for CVE-2024-36928",
"url": "https://bugzilla.suse.com/1225775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36928"
},
{
"cve": "CVE-2024-36930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix null pointer dereference within spi_sync\n\nIf spi_sync() is called with the non-empty queue and the same spi_message\nis then reused, the complete callback for the message remains set while\nthe context is cleared, leading to a null pointer dereference when the\ncallback is invoked from spi_finalize_current_message().\n\nWith function inlining disabled, the call stack might look like this:\n\n _raw_spin_lock_irqsave from complete_with_flags+0x18/0x58\n complete_with_flags from spi_complete+0x8/0xc\n spi_complete from spi_finalize_current_message+0xec/0x184\n spi_finalize_current_message from spi_transfer_one_message+0x2a8/0x474\n spi_transfer_one_message from __spi_pump_transfer_message+0x104/0x230\n __spi_pump_transfer_message from __spi_transfer_message_noqueue+0x30/0xc4\n __spi_transfer_message_noqueue from __spi_sync+0x204/0x248\n __spi_sync from spi_sync+0x24/0x3c\n spi_sync from mcp251xfd_regmap_crc_read+0x124/0x28c [mcp251xfd]\n mcp251xfd_regmap_crc_read [mcp251xfd] from _regmap_raw_read+0xf8/0x154\n _regmap_raw_read from _regmap_bus_read+0x44/0x70\n _regmap_bus_read from _regmap_read+0x60/0xd8\n _regmap_read from regmap_read+0x3c/0x5c\n regmap_read from mcp251xfd_alloc_can_err_skb+0x1c/0x54 [mcp251xfd]\n mcp251xfd_alloc_can_err_skb [mcp251xfd] from mcp251xfd_irq+0x194/0xe70 [mcp251xfd]\n mcp251xfd_irq [mcp251xfd] from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x118/0x1f4\n irq_thread from kthread+0xd8/0xf4\n kthread from ret_from_fork+0x14/0x28\n\nFix this by also setting message-\u003ecomplete to NULL when the transfer is\ncomplete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36930",
"url": "https://www.suse.com/security/cve/CVE-2024-36930"
},
{
"category": "external",
"summary": "SUSE Bug 1225830 for CVE-2024-36930",
"url": "https://bugzilla.suse.com/1225830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36930"
},
{
"cve": "CVE-2024-36931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/cio: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a lbuf-sized kernel buffer and copy lbuf from\nuserspace to that buffer. Later, we use scanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using scanf. Fix this issue by using memdup_user_nul instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36931",
"url": "https://www.suse.com/security/cve/CVE-2024-36931"
},
{
"category": "external",
"summary": "SUSE Bug 1225747 for CVE-2024-36931",
"url": "https://bugzilla.suse.com/1225747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36931"
},
{
"cve": "CVE-2024-36934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbna: ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul\ninstead of memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36934",
"url": "https://www.suse.com/security/cve/CVE-2024-36934"
},
{
"category": "external",
"summary": "SUSE Bug 1225760 for CVE-2024-36934",
"url": "https://bugzilla.suse.com/1225760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36934"
},
{
"cve": "CVE-2024-36935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: ensure the copied buf is NUL terminated\n\nCurrently, we allocate a count-sized kernel buffer and copy count bytes\nfrom userspace to that buffer. Later, we use sscanf on this buffer but we\ndon\u0027t ensure that the string is terminated inside the buffer, this can lead\nto OOB read when using sscanf. Fix this issue by using memdup_user_nul\ninstead of memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36935",
"url": "https://www.suse.com/security/cve/CVE-2024-36935"
},
{
"category": "external",
"summary": "SUSE Bug 1225763 for CVE-2024-36935",
"url": "https://bugzilla.suse.com/1225763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36935"
},
{
"cve": "CVE-2024-36936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi/unaccepted: touch soft lockup during memory accept\n\nCommit 50e782a86c98 (\"efi/unaccepted: Fix soft lockups caused by\nparallel memory acceptance\") has released the spinlock so other CPUs can\ndo memory acceptance in parallel and not triggers softlockup on other\nCPUs.\n\nHowever the softlock up was intermittent shown up if the memory of the\nTD guest is large, and the timeout of softlockup is set to 1 second:\n\n RIP: 0010:_raw_spin_unlock_irqrestore\n Call Trace:\n ? __hrtimer_run_queues\n \u003cIRQ\u003e\n ? hrtimer_interrupt\n ? watchdog_timer_fn\n ? __sysvec_apic_timer_interrupt\n ? __pfx_watchdog_timer_fn\n ? sysvec_apic_timer_interrupt\n \u003c/IRQ\u003e\n ? __hrtimer_run_queues\n \u003cTASK\u003e\n ? hrtimer_interrupt\n ? asm_sysvec_apic_timer_interrupt\n ? _raw_spin_unlock_irqrestore\n ? __sysvec_apic_timer_interrupt\n ? sysvec_apic_timer_interrupt\n accept_memory\n try_to_accept_memory\n do_huge_pmd_anonymous_page\n get_page_from_freelist\n __handle_mm_fault\n __alloc_pages\n __folio_alloc\n ? __tdx_hypercall\n handle_mm_fault\n vma_alloc_folio\n do_user_addr_fault\n do_huge_pmd_anonymous_page\n exc_page_fault\n ? __do_huge_pmd_anonymous_page\n asm_exc_page_fault\n __handle_mm_fault\n\nWhen the local irq is enabled at the end of accept_memory(), the\nsoftlockup detects that the watchdog on single CPU has not been fed for\na while. That is to say, even other CPUs will not be blocked by\nspinlock, the current CPU might be stunk with local irq disabled for a\nwhile, which hurts not only nmi watchdog but also softlockup.\n\nChao Gao pointed out that the memory accept could be time costly and\nthere was similar report before. Thus to avoid any softlocup detection\nduring this stage, give the softlockup a flag to skip the timeout check\nat the end of accept_memory(), by invoking touch_softlockup_watchdog().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36936",
"url": "https://www.suse.com/security/cve/CVE-2024-36936"
},
{
"category": "external",
"summary": "SUSE Bug 1225773 for CVE-2024-36936",
"url": "https://bugzilla.suse.com/1225773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-36936"
},
{
"cve": "CVE-2024-36937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxdp: use flags field to disambiguate broadcast redirect\n\nWhen redirecting a packet using XDP, the bpf_redirect_map() helper will set\nup the redirect destination information in struct bpf_redirect_info (using\nthe __bpf_xdp_redirect_map() helper function), and the xdp_do_redirect()\nfunction will read this information after the XDP program returns and pass\nthe frame on to the right redirect destination.\n\nWhen using the BPF_F_BROADCAST flag to do multicast redirect to a whole\nmap, __bpf_xdp_redirect_map() sets the \u0027map\u0027 pointer in struct\nbpf_redirect_info to point to the destination map to be broadcast. And\nxdp_do_redirect() reacts to the value of this map pointer to decide whether\nit\u0027s dealing with a broadcast or a single-value redirect. However, if the\ndestination map is being destroyed before xdp_do_redirect() is called, the\nmap pointer will be cleared out (by bpf_clear_redirect_map()) without\nwaiting for any XDP programs to stop running. This causes xdp_do_redirect()\nto think that the redirect was to a single target, but the target pointer\nis also NULL (since broadcast redirects don\u0027t have a single target), so\nthis causes a crash when a NULL pointer is passed to dev_map_enqueue().\n\nTo fix this, change xdp_do_redirect() to react directly to the presence of\nthe BPF_F_BROADCAST flag in the \u0027flags\u0027 value in struct bpf_redirect_info\nto disambiguate between a single-target and a broadcast redirect. And only\nread the \u0027map\u0027 pointer if the broadcast flag is set, aborting if that has\nbeen cleared out in the meantime. This prevents the crash, while keeping\nthe atomic (cmpxchg-based) clearing of the map pointer itself, and without\nadding any more checks in the non-broadcast fast path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36937",
"url": "https://www.suse.com/security/cve/CVE-2024-36937"
},
{
"category": "external",
"summary": "SUSE Bug 1225834 for CVE-2024-36937",
"url": "https://bugzilla.suse.com/1225834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36937"
},
{
"cve": "CVE-2024-36938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, skmsg: Fix NULL pointer dereference in sk_psock_skb_ingress_enqueue\n\nFix NULL pointer data-races in sk_psock_skb_ingress_enqueue() which\nsyzbot reported [1].\n\n[1]\nBUG: KCSAN: data-race in sk_psock_drop / sk_psock_skb_ingress_enqueue\n\nwrite to 0xffff88814b3278b8 of 8 bytes by task 10724 on cpu 1:\n sk_psock_stop_verdict net/core/skmsg.c:1257 [inline]\n sk_psock_drop+0x13e/0x1f0 net/core/skmsg.c:843\n sk_psock_put include/linux/skmsg.h:459 [inline]\n sock_map_close+0x1a7/0x260 net/core/sock_map.c:1648\n unix_release+0x4b/0x80 net/unix/af_unix.c:1048\n __sock_release net/socket.c:659 [inline]\n sock_close+0x68/0x150 net/socket.c:1421\n __fput+0x2c1/0x660 fs/file_table.c:422\n __fput_sync+0x44/0x60 fs/file_table.c:507\n __do_sys_close fs/open.c:1556 [inline]\n __se_sys_close+0x101/0x1b0 fs/open.c:1541\n __x64_sys_close+0x1f/0x30 fs/open.c:1541\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff88814b3278b8 of 8 bytes by task 10713 on cpu 0:\n sk_psock_data_ready include/linux/skmsg.h:464 [inline]\n sk_psock_skb_ingress_enqueue+0x32d/0x390 net/core/skmsg.c:555\n sk_psock_skb_ingress_self+0x185/0x1e0 net/core/skmsg.c:606\n sk_psock_verdict_apply net/core/skmsg.c:1008 [inline]\n sk_psock_verdict_recv+0x3e4/0x4a0 net/core/skmsg.c:1202\n unix_read_skb net/unix/af_unix.c:2546 [inline]\n unix_stream_read_skb+0x9e/0xf0 net/unix/af_unix.c:2682\n sk_psock_verdict_data_ready+0x77/0x220 net/core/skmsg.c:1223\n unix_stream_sendmsg+0x527/0x860 net/unix/af_unix.c:2339\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x140/0x180 net/socket.c:745\n ____sys_sendmsg+0x312/0x410 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x1e9/0x280 net/socket.c:2667\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x46/0x50 net/socket.c:2674\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nvalue changed: 0xffffffff83d7feb0 -\u003e 0x0000000000000000\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 0 PID: 10713 Comm: syz-executor.4 Tainted: G W 6.8.0-syzkaller-08951-gfe46a7dd189e #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\n\nPrior to this, commit 4cd12c6065df (\"bpf, sockmap: Fix NULL pointer\ndereference in sk_psock_verdict_data_ready()\") fixed one NULL pointer\nsimilarly due to no protection of saved_data_ready. Here is another\ndifferent caller causing the same issue because of the same reason. So\nwe should protect it with sk_callback_lock read lock because the writer\nside in the sk_psock_drop() uses \"write_lock_bh(\u0026sk-\u003esk_callback_lock);\".\n\nTo avoid errors that could happen in future, I move those two pairs of\nlock into the sk_psock_data_ready(), which is suggested by John Fastabend.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36938",
"url": "https://www.suse.com/security/cve/CVE-2024-36938"
},
{
"category": "external",
"summary": "SUSE Bug 1225761 for CVE-2024-36938",
"url": "https://bugzilla.suse.com/1225761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36938"
},
{
"cve": "CVE-2024-36940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36940",
"url": "https://www.suse.com/security/cve/CVE-2024-36940"
},
{
"category": "external",
"summary": "SUSE Bug 1225840 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "external",
"summary": "SUSE Bug 1225841 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36940"
},
{
"cve": "CVE-2024-36941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: don\u0027t free NULL coalescing rule\n\nIf the parsing fails, we can dereference a NULL pointer here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36941",
"url": "https://www.suse.com/security/cve/CVE-2024-36941"
},
{
"category": "external",
"summary": "SUSE Bug 1225835 for CVE-2024-36941",
"url": "https://bugzilla.suse.com/1225835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36941"
},
{
"cve": "CVE-2024-36942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36942"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36942",
"url": "https://www.suse.com/security/cve/CVE-2024-36942"
},
{
"category": "external",
"summary": "SUSE Bug 1225843 for CVE-2024-36942",
"url": "https://bugzilla.suse.com/1225843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36942"
},
{
"cve": "CVE-2024-36944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nReapply \"drm/qxl: simplify qxl_fence_wait\"\n\nThis reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea.\n\nStephen Rostedt reports:\n \"I went to run my tests on my VMs and the tests hung on boot up.\n Unfortunately, the most I ever got out was:\n\n [ 93.607888] Testing event system initcall: OK\n [ 93.667730] Running tests on all trace events:\n [ 93.669757] Testing all events: OK\n [ 95.631064] ------------[ cut here ]------------\n Timed out after 60 seconds\"\n\nand further debugging points to a possible circular locking dependency\nbetween the console_owner locking and the worker pool locking.\n\nReverting the commit allows Steve\u0027s VM to boot to completion again.\n\n[ This may obviously result in the \"[TTM] Buffer eviction failed\"\n messages again, which was the reason for that original revert. But at\n this point this seems preferable to a non-booting system... ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36944",
"url": "https://www.suse.com/security/cve/CVE-2024-36944"
},
{
"category": "external",
"summary": "SUSE Bug 1225847 for CVE-2024-36944",
"url": "https://bugzilla.suse.com/1225847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36944"
},
{
"cve": "CVE-2024-36945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/smc: fix neighbour and rtable leak in smc_ib_find_route()\n\nIn smc_ib_find_route(), the neighbour found by neigh_lookup() and rtable\nresolved by ip_route_output_flow() are not released or put before return.\nIt may cause the refcount leak, so fix it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36945",
"url": "https://www.suse.com/security/cve/CVE-2024-36945"
},
{
"category": "external",
"summary": "SUSE Bug 1225823 for CVE-2024-36945",
"url": "https://bugzilla.suse.com/1225823"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36945"
},
{
"cve": "CVE-2024-36946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphonet: fix rtm_phonet_notify() skb allocation\n\nfill_route() stores three components in the skb:\n\n- struct rtmsg\n- RTA_DST (u8)\n- RTA_OIF (u32)\n\nTherefore, rtm_phonet_notify() should use\n\nNLMSG_ALIGN(sizeof(struct rtmsg)) +\nnla_total_size(1) +\nnla_total_size(4)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36946",
"url": "https://www.suse.com/security/cve/CVE-2024-36946"
},
{
"category": "external",
"summary": "SUSE Bug 1225851 for CVE-2024-36946",
"url": "https://bugzilla.suse.com/1225851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36946"
},
{
"cve": "CVE-2024-36947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix dentry leak\n\nsimple_recursive_removal() drops the pinning references to all positives\nin subtree. For the cases when its argument has been kept alive by\nthe pinning alone that\u0027s exactly the right thing to do, but here\nthe argument comes from dcache lookup, that needs to be balanced by\nexplicit dput().\n\nFucked-up-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36947",
"url": "https://www.suse.com/security/cve/CVE-2024-36947"
},
{
"category": "external",
"summary": "SUSE Bug 1225856 for CVE-2024-36947",
"url": "https://bugzilla.suse.com/1225856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-36947"
},
{
"cve": "CVE-2024-36949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: sync all devices to wait all processes being evicted\n\nIf there are more than one device doing reset in parallel, the first\ndevice will call kfd_suspend_all_processes() to evict all processes\non all devices, this call takes time to finish. other device will\nstart reset and recover without waiting. if the process has not been\nevicted before doing recover, it will be restored, then caused page\nfault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36949",
"url": "https://www.suse.com/security/cve/CVE-2024-36949"
},
{
"category": "external",
"summary": "SUSE Bug 1225894 for CVE-2024-36949",
"url": "https://bugzilla.suse.com/1225894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36949"
},
{
"cve": "CVE-2024-36950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: ohci: mask bus reset interrupts between ISR and bottom half\n\nIn the FireWire OHCI interrupt handler, if a bus reset interrupt has\noccurred, mask bus reset interrupts until bus_reset_work has serviced and\ncleared the interrupt.\n\nNormally, we always leave bus reset interrupts masked. We infer the bus\nreset from the self-ID interrupt that happens shortly thereafter. A\nscenario where we unmask bus reset interrupts was introduced in 2008 in\na007bb857e0b26f5d8b73c2ff90782d9c0972620: If\nOHCI_PARAM_DEBUG_BUSRESETS (8) is set in the debug parameter bitmask, we\nwill unmask bus reset interrupts so we can log them.\n\nirq_handler logs the bus reset interrupt. However, we can\u0027t clear the bus\nreset event flag in irq_handler, because we won\u0027t service the event until\nlater. irq_handler exits with the event flag still set. If the\ncorresponding interrupt is still unmasked, the first bus reset will\nusually freeze the system due to irq_handler being called again each\ntime it exits. This freeze can be reproduced by loading firewire_ohci\nwith \"modprobe firewire_ohci debug=-1\" (to enable all debugging output).\nApparently there are also some cases where bus_reset_work will get called\nsoon enough to clear the event, and operation will continue normally.\n\nThis freeze was first reported a few months after a007bb85 was committed,\nbut until now it was never fixed. The debug level could safely be set\nto -1 through sysfs after the module was loaded, but this would be\nineffectual in logging bus reset interrupts since they were only\nunmasked during initialization.\n\nirq_handler will now leave the event flag set but mask bus reset\ninterrupts, so irq_handler won\u0027t be called again and there will be no\nfreeze. If OHCI_PARAM_DEBUG_BUSRESETS is enabled, bus_reset_work will\nunmask the interrupt after servicing the event, so future interrupts\nwill be caught as desired.\n\nAs a side effect to this change, OHCI_PARAM_DEBUG_BUSRESETS can now be\nenabled through sysfs in addition to during initial module loading.\nHowever, when enabled through sysfs, logging of bus reset interrupts will\nbe effective only starting with the second bus reset, after\nbus_reset_work has executed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36950",
"url": "https://www.suse.com/security/cve/CVE-2024-36950"
},
{
"category": "external",
"summary": "SUSE Bug 1225895 for CVE-2024-36950",
"url": "https://bugzilla.suse.com/1225895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36950"
},
{
"cve": "CVE-2024-36951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: range check cp bad op exception interrupts\n\nDue to a CP interrupt bug, bad packet garbage exception codes are raised.\nDo a range check so that the debugger and runtime do not receive garbage\ncodes.\nUpdate the user api to guard exception code type checking as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36951",
"url": "https://www.suse.com/security/cve/CVE-2024-36951"
},
{
"category": "external",
"summary": "SUSE Bug 1225896 for CVE-2024-36951",
"url": "https://bugzilla.suse.com/1225896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36951"
},
{
"cve": "CVE-2024-36952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Move NPIV\u0027s transport unregistration to after resource clean up\n\nThere are cases after NPIV deletion where the fabric switch still believes\nthe NPIV is logged into the fabric. This occurs when a vport is\nunregistered before the Remove All DA_ID CT and LOGO ELS are sent to the\nfabric.\n\nCurrently fc_remove_host(), which calls dev_loss_tmo for all D_IDs including\nthe fabric D_ID, removes the last ndlp reference and frees the ndlp rport\nobject. This sometimes causes the race condition where the final DA_ID and\nLOGO are skipped from being sent to the fabric switch.\n\nFix by moving the fc_remove_host() and scsi_remove_host() calls after DA_ID\nand LOGO are sent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36952",
"url": "https://www.suse.com/security/cve/CVE-2024-36952"
},
{
"category": "external",
"summary": "SUSE Bug 1225898 for CVE-2024-36952",
"url": "https://bugzilla.suse.com/1225898"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36952"
},
{
"cve": "CVE-2024-36955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()\n\nThe documentation for device_get_named_child_node() mentions this\nimportant point:\n\n\"\nThe caller is responsible for calling fwnode_handle_put() on the\nreturned fwnode pointer.\n\"\n\nAdd fwnode_handle_put() to avoid a leaked reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36955",
"url": "https://www.suse.com/security/cve/CVE-2024-36955"
},
{
"category": "external",
"summary": "SUSE Bug 1225810 for CVE-2024-36955",
"url": "https://bugzilla.suse.com/1225810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-36955"
},
{
"cve": "CVE-2024-36957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: avoid off-by-one read from userspace\n\nWe try to access count + 1 byte from userspace with memdup_user(buffer,\ncount + 1). However, the userspace only provides buffer of count bytes and\nonly these count bytes are verified to be okay to access. To ensure the\ncopied buffer is NUL terminated, we use memdup_user_nul instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36957",
"url": "https://www.suse.com/security/cve/CVE-2024-36957"
},
{
"category": "external",
"summary": "SUSE Bug 1225762 for CVE-2024-36957",
"url": "https://bugzilla.suse.com/1225762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-36957"
},
{
"cve": "CVE-2024-36959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()\n\nIf we fail to allocate propname buffer, we need to drop the reference\ncount we just took. Because the pinctrl_dt_free_maps() includes the\ndroping operation, here we call it directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36959",
"url": "https://www.suse.com/security/cve/CVE-2024-36959"
},
{
"category": "external",
"summary": "SUSE Bug 1225839 for CVE-2024-36959",
"url": "https://bugzilla.suse.com/1225839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36959"
},
{
"cve": "CVE-2024-36960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix invalid reads in fence signaled events\n\nCorrectly set the length of the drm_event to the size of the structure\nthat\u0027s actually used.\n\nThe length of the drm_event was set to the parent structure instead of\nto the drm_vmw_event_fence which is supposed to be read. drm_read\nuses the length parameter to copy the event to the user space thus\nresuling in oob reads.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36960",
"url": "https://www.suse.com/security/cve/CVE-2024-36960"
},
{
"category": "external",
"summary": "SUSE Bug 1225872 for CVE-2024-36960",
"url": "https://bugzilla.suse.com/1225872"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36960"
},
{
"cve": "CVE-2024-36962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ks8851: Queue RX packets in IRQ handler instead of disabling BHs\n\nCurrently the driver uses local_bh_disable()/local_bh_enable() in its\nIRQ handler to avoid triggering net_rx_action() softirq on exit from\nnetif_rx(). The net_rx_action() could trigger this driver .start_xmit\ncallback, which is protected by the same lock as the IRQ handler, so\ncalling the .start_xmit from netif_rx() from the IRQ handler critical\nsection protected by the lock could lead to an attempt to claim the\nalready claimed lock, and a hang.\n\nThe local_bh_disable()/local_bh_enable() approach works only in case\nthe IRQ handler is protected by a spinlock, but does not work if the\nIRQ handler is protected by mutex, i.e. this works for KS8851 with\nParallel bus interface, but not for KS8851 with SPI bus interface.\n\nRemove the BH manipulation and instead of calling netif_rx() inside\nthe IRQ handler code protected by the lock, queue all the received\nSKBs in the IRQ handler into a queue first, and once the IRQ handler\nexits the critical section protected by the lock, dequeue all the\nqueued SKBs and push them all into netif_rx(). At this point, it is\nsafe to trigger the net_rx_action() softirq, since the netif_rx()\ncall is outside of the lock that protects the IRQ handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36962",
"url": "https://www.suse.com/security/cve/CVE-2024-36962"
},
{
"category": "external",
"summary": "SUSE Bug 1225827 for CVE-2024-36962",
"url": "https://bugzilla.suse.com/1225827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36962"
},
{
"cve": "CVE-2024-36964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/9p: only translate RWX permissions for plain 9P2000\n\nGarbage in plain 9P2000\u0027s perm bits is allowed through, which causes it\nto be able to set (among others) the suid bit. This was presumably not\nthe intent since the unix extended bits are handled explicitly and\nconditionally on .u.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36964",
"url": "https://www.suse.com/security/cve/CVE-2024-36964"
},
{
"category": "external",
"summary": "SUSE Bug 1225866 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1225866"
},
{
"category": "external",
"summary": "SUSE Bug 1226325 for CVE-2024-36964",
"url": "https://bugzilla.suse.com/1226325"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36964"
},
{
"cve": "CVE-2024-36965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nremoteproc: mediatek: Make sure IPI buffer fits in L2TCM\n\nThe IPI buffer location is read from the firmware that we load to the\nSystem Companion Processor, and it\u0027s not granted that both the SRAM\n(L2TCM) size that is defined in the devicetree node is large enough\nfor that, and while this is especially true for multi-core SCP, it\u0027s\nstill useful to check on single-core variants as well.\n\nFailing to perform this check may make this driver perform R/W\noperations out of the L2TCM boundary, resulting (at best) in a\nkernel panic.\n\nTo fix that, check that the IPI buffer fits, otherwise return a\nfailure and refuse to boot the relevant SCP core (or the SCP at\nall, if this is single core).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36965",
"url": "https://www.suse.com/security/cve/CVE-2024-36965"
},
{
"category": "external",
"summary": "SUSE Bug 1226149 for CVE-2024-36965",
"url": "https://bugzilla.suse.com/1226149"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36965"
},
{
"cve": "CVE-2024-36967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: Fix memory leak in tpm2_key_encode()\n\n\u0027scratch\u0027 is never freed. Fix this by calling kfree() in the success, and\nin the error case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36967",
"url": "https://www.suse.com/security/cve/CVE-2024-36967"
},
{
"category": "external",
"summary": "SUSE Bug 1226131 for CVE-2024-36967",
"url": "https://bugzilla.suse.com/1226131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36967"
},
{
"cve": "CVE-2024-36969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix division by zero in setup_dsc_config\n\nWhen slice_height is 0, the division by slice_height in the calculation\nof the number of slices will cause a division by zero driver crash. This\nleaves the kernel in a state that requires a reboot. This patch adds a\ncheck to avoid the division by zero.\n\nThe stack trace below is for the 6.8.4 Kernel. I reproduced the issue on\na Z16 Gen 2 Lenovo Thinkpad with a Apple Studio Display monitor\nconnected via Thunderbolt. The amdgpu driver crashed with this exception\nwhen I rebooted the system with the monitor connected.\n\nkernel: ? die (arch/x86/kernel/dumpstack.c:421 arch/x86/kernel/dumpstack.c:434 arch/x86/kernel/dumpstack.c:447)\nkernel: ? do_trap (arch/x86/kernel/traps.c:113 arch/x86/kernel/traps.c:154)\nkernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu\nkernel: ? do_error_trap (./arch/x86/include/asm/traps.h:58 arch/x86/kernel/traps.c:175)\nkernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu\nkernel: ? exc_divide_error (arch/x86/kernel/traps.c:194 (discriminator 2))\nkernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu\nkernel: ? asm_exc_divide_error (./arch/x86/include/asm/idtentry.h:548)\nkernel: ? setup_dsc_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1053) amdgpu\nkernel: dc_dsc_compute_config (drivers/gpu/drm/amd/amdgpu/../display/dc/dsc/dc_dsc.c:1109) amdgpu\n\nAfter applying this patch, the driver no longer crashes when the monitor\nis connected and the system is rebooted. I believe this is the same\nissue reported for 3113.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36969",
"url": "https://www.suse.com/security/cve/CVE-2024-36969"
},
{
"category": "external",
"summary": "SUSE Bug 1226155 for CVE-2024-36969",
"url": "https://bugzilla.suse.com/1226155"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36969"
},
{
"cve": "CVE-2024-36971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fix __dst_negative_advice() race\n\n__dst_negative_advice() does not enforce proper RCU rules when\nsk-\u003edst_cache must be cleared, leading to possible UAF.\n\nRCU rules are that we must first clear sk-\u003esk_dst_cache,\nthen call dst_release(old_dst).\n\nNote that sk_dst_reset(sk) is implementing this protocol correctly,\nwhile __dst_negative_advice() uses the wrong order.\n\nGiven that ip6_negative_advice() has special logic\nagainst RTF_CACHE, this means each of the three -\u003enegative_advice()\nexisting methods must perform the sk_dst_reset() themselves.\n\nNote the check against NULL dst is centralized in\n__dst_negative_advice(), there is no need to duplicate\nit in various callbacks.\n\nMany thanks to Clement Lecigne for tracking this issue.\n\nThis old bug became visible after the blamed commit, using UDP sockets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36971",
"url": "https://www.suse.com/security/cve/CVE-2024-36971"
},
{
"category": "external",
"summary": "SUSE Bug 1226145 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226145"
},
{
"category": "external",
"summary": "SUSE Bug 1226324 for CVE-2024-36971",
"url": "https://bugzilla.suse.com/1226324"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36971"
},
{
"cve": "CVE-2024-36972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Update unix_sk(sk)-\u003eoob_skb under sk_receive_queue lock.\n\nBilly Jheng Bing-Jhong reported a race between __unix_gc() and\nqueue_oob().\n\n__unix_gc() tries to garbage-collect close()d inflight sockets,\nand then if the socket has MSG_OOB in unix_sk(sk)-\u003eoob_skb, GC\nwill drop the reference and set NULL to it locklessly.\n\nHowever, the peer socket still can send MSG_OOB message and\nqueue_oob() can update unix_sk(sk)-\u003eoob_skb concurrently, leading\nNULL pointer dereference. [0]\n\nTo fix the issue, let\u0027s update unix_sk(sk)-\u003eoob_skb under the\nsk_receive_queue\u0027s lock and take it everywhere we touch oob_skb.\n\nNote that we defer kfree_skb() in manage_oob() to silence lockdep\nfalse-positive (See [1]).\n\n[0]:\nBUG: kernel NULL pointer dereference, address: 0000000000000008\n PF: supervisor write access in kernel mode\n PF: error_code(0x0002) - not-present page\nPGD 8000000009f5e067 P4D 8000000009f5e067 PUD 9f5d067 PMD 0\nOops: 0002 [#1] PREEMPT SMP PTI\nCPU: 3 PID: 50 Comm: kworker/3:1 Not tainted 6.9.0-rc5-00191-gd091e579b864 #110\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\nWorkqueue: events delayed_fput\nRIP: 0010:skb_dequeue (./include/linux/skbuff.h:2386 ./include/linux/skbuff.h:2402 net/core/skbuff.c:3847)\nCode: 39 e3 74 3e 8b 43 10 48 89 ef 83 e8 01 89 43 10 49 8b 44 24 08 49 c7 44 24 08 00 00 00 00 49 8b 14 24 49 c7 04 24 00 00 00 00 \u003c48\u003e 89 42 08 48 89 10 e8 e7 c5 42 00 4c 89 e0 5b 5d 41 5c c3 cc cc\nRSP: 0018:ffffc900001bfd48 EFLAGS: 00000002\nRAX: 0000000000000000 RBX: ffff8880088f5ae8 RCX: 00000000361289f9\nRDX: 0000000000000000 RSI: 0000000000000206 RDI: ffff8880088f5b00\nRBP: ffff8880088f5b00 R08: 0000000000080000 R09: 0000000000000001\nR10: 0000000000000003 R11: 0000000000000001 R12: ffff8880056b6a00\nR13: ffff8880088f5280 R14: 0000000000000001 R15: ffff8880088f5a80\nFS: 0000000000000000(0000) GS:ffff88807dd80000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 0000000006314000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n unix_release_sock (net/unix/af_unix.c:654)\n unix_release (net/unix/af_unix.c:1050)\n __sock_release (net/socket.c:660)\n sock_close (net/socket.c:1423)\n __fput (fs/file_table.c:423)\n delayed_fput (fs/file_table.c:444 (discriminator 3))\n process_one_work (kernel/workqueue.c:3259)\n worker_thread (kernel/workqueue.c:3329 kernel/workqueue.c:3416)\n kthread (kernel/kthread.c:388)\n ret_from_fork (arch/x86/kernel/process.c:153)\n ret_from_fork_asm (arch/x86/entry/entry_64.S:257)\n \u003c/TASK\u003e\nModules linked in:\nCR2: 0000000000000008",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36972",
"url": "https://www.suse.com/security/cve/CVE-2024-36972"
},
{
"category": "external",
"summary": "SUSE Bug 1226163 for CVE-2024-36972",
"url": "https://bugzilla.suse.com/1226163"
},
{
"category": "external",
"summary": "SUSE Bug 1245989 for CVE-2024-36972",
"url": "https://bugzilla.suse.com/1245989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36972"
},
{
"cve": "CVE-2024-36973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe()\n\nWhen auxiliary_device_add() returns error and then calls\nauxiliary_device_uninit(), callback function\ngp_auxiliary_device_release() calls ida_free() and\nkfree(aux_device_wrapper) to free memory. We should\u0027t\ncall them again in the error handling path.\n\nFix this by skipping the redundant cleanup functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36973",
"url": "https://www.suse.com/security/cve/CVE-2024-36973"
},
{
"category": "external",
"summary": "SUSE Bug 1226457 for CVE-2024-36973",
"url": "https://bugzilla.suse.com/1226457"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36973"
},
{
"cve": "CVE-2024-36974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP\n\nIf one TCA_TAPRIO_ATTR_PRIOMAP attribute has been provided,\ntaprio_parse_mqprio_opt() must validate it, or userspace\ncan inject arbitrary data to the kernel, the second time\ntaprio_change() is called.\n\nFirst call (with valid attributes) sets dev-\u003enum_tc\nto a non zero value.\n\nSecond call (with arbitrary mqprio attributes)\nreturns early from taprio_parse_mqprio_opt()\nand bad things can happen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36974",
"url": "https://www.suse.com/security/cve/CVE-2024-36974"
},
{
"category": "external",
"summary": "SUSE Bug 1226519 for CVE-2024-36974",
"url": "https://bugzilla.suse.com/1226519"
},
{
"category": "external",
"summary": "SUSE Bug 1227371 for CVE-2024-36974",
"url": "https://bugzilla.suse.com/1227371"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36974"
},
{
"cve": "CVE-2024-36975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKEYS: trusted: Do not use WARN when encode fails\n\nWhen asn1_encode_sequence() fails, WARN is not the correct solution.\n\n1. asn1_encode_sequence() is not an internal function (located\n in lib/asn1_encode.c).\n2. Location is known, which makes the stack trace useless.\n3. Results a crash if panic_on_warn is set.\n\nIt is also noteworthy that the use of WARN is undocumented, and it\nshould be avoided unless there is a carefully considered rationale to\nuse it.\n\nReplace WARN with pr_err, and print the return value instead, which is\nonly useful piece of information.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36975",
"url": "https://www.suse.com/security/cve/CVE-2024-36975"
},
{
"category": "external",
"summary": "SUSE Bug 1226520 for CVE-2024-36975",
"url": "https://bugzilla.suse.com/1226520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36975"
},
{
"cve": "CVE-2024-36977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3: Wait unconditionally after issuing EndXfer command\n\nCurrently all controller IP/revisions except DWC3_usb3 \u003e= 310a\nwait 1ms unconditionally for ENDXFER completion when IOC is not\nset. This is because DWC_usb3 controller revisions \u003e= 3.10a\nsupports GUCTL2[14: Rst_actbitlater] bit which allows polling\nCMDACT bit to know whether ENDXFER command is completed.\n\nConsider a case where an IN request was queued, and parallelly\nsoft_disconnect was called (due to ffs_epfile_release). This\neventually calls stop_active_transfer with IOC cleared, hence\nsend_gadget_ep_cmd() skips waiting for CMDACT cleared during\nEndXfer. For DWC3 controllers with revisions \u003e= 310a, we don\u0027t\nforcefully wait for 1ms either, and we proceed by unmapping the\nrequests. If ENDXFER didn\u0027t complete by this time, it leads to\nSMMU faults since the controller would still be accessing those\nrequests.\n\nFix this by ensuring ENDXFER completion by adding 1ms delay in\n__dwc3_stop_active_transfer() unconditionally.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36977",
"url": "https://www.suse.com/security/cve/CVE-2024-36977"
},
{
"category": "external",
"summary": "SUSE Bug 1226513 for CVE-2024-36977",
"url": "https://bugzilla.suse.com/1226513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-36977"
},
{
"cve": "CVE-2024-36978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: sch_multiq: fix possible OOB write in multiq_tune()\n\nq-\u003ebands will be assigned to qopt-\u003ebands to execute subsequent code logic\nafter kmalloc. So the old q-\u003ebands should not be used in kmalloc.\nOtherwise, an out-of-bounds write will occur.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36978",
"url": "https://www.suse.com/security/cve/CVE-2024-36978"
},
{
"category": "external",
"summary": "SUSE Bug 1226514 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1226514"
},
{
"category": "external",
"summary": "SUSE Bug 1244631 for CVE-2024-36978",
"url": "https://bugzilla.suse.com/1244631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-36978"
},
{
"cve": "CVE-2024-37021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfpga: manager: add owner module and take its refcount\n\nThe current implementation of the fpga manager assumes that the low-level\nmodule registers a driver for the parent device and uses its owner pointer\nto take the module\u0027s refcount. This approach is problematic since it can\nlead to a null pointer dereference while attempting to get the manager if\nthe parent device does not have a driver.\n\nTo address this problem, add a module owner pointer to the fpga_manager\nstruct and use it to take the module\u0027s refcount. Modify the functions for\nregistering the manager to take an additional owner module parameter and\nrename them to avoid conflicts. Use the old function names for helper\nmacros that automatically set the module that registers the manager as the\nowner. This ensures compatibility with existing low-level control modules\nand reduces the chances of registering a manager without setting the owner.\n\nAlso, update the documentation to keep it consistent with the new interface\nfor registering an fpga manager.\n\nOther changes: opportunistically move put_device() from __fpga_mgr_get() to\nfpga_mgr_get() and of_fpga_mgr_get() to improve code clarity since the\nmanager device is taken in these functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37021",
"url": "https://www.suse.com/security/cve/CVE-2024-37021"
},
{
"category": "external",
"summary": "SUSE Bug 1226950 for CVE-2024-37021",
"url": "https://bugzilla.suse.com/1226950"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-37021"
},
{
"cve": "CVE-2024-37078",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37078"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential kernel bug due to lack of writeback flag waiting\n\nDestructive writes to a block device on which nilfs2 is mounted can cause\na kernel bug in the folio/page writeback start routine or writeback end\nroutine (__folio_start_writeback in the log below):\n\n kernel BUG at mm/page-writeback.c:3070!\n Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI\n ...\n RIP: 0010:__folio_start_writeback+0xbaa/0x10e0\n Code: 25 ff 0f 00 00 0f 84 18 01 00 00 e8 40 ca c6 ff e9 17 f6 ff ff\n e8 36 ca c6 ff 4c 89 f7 48 c7 c6 80 c0 12 84 e8 e7 b3 0f 00 90 \u003c0f\u003e\n 0b e8 1f ca c6 ff 4c 89 f7 48 c7 c6 a0 c6 12 84 e8 d0 b3 0f 00\n ...\n Call Trace:\n \u003cTASK\u003e\n nilfs_segctor_do_construct+0x4654/0x69d0 [nilfs2]\n nilfs_segctor_construct+0x181/0x6b0 [nilfs2]\n nilfs_segctor_thread+0x548/0x11c0 [nilfs2]\n kthread+0x2f0/0x390\n ret_from_fork+0x4b/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nThis is because when the log writer starts a writeback for segment summary\nblocks or a super root block that use the backing device\u0027s page cache, it\ndoes not wait for the ongoing folio/page writeback, resulting in an\ninconsistent writeback state.\n\nFix this issue by waiting for ongoing writebacks when putting\nfolios/pages on the backing device into writeback state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37078",
"url": "https://www.suse.com/security/cve/CVE-2024-37078"
},
{
"category": "external",
"summary": "SUSE Bug 1227066 for CVE-2024-37078",
"url": "https://bugzilla.suse.com/1227066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-37078"
},
{
"cve": "CVE-2024-37353",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37353"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37353",
"url": "https://www.suse.com/security/cve/CVE-2024-37353"
},
{
"category": "external",
"summary": "SUSE Bug 1226875 for CVE-2024-37353",
"url": "https://bugzilla.suse.com/1226875"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-37353"
},
{
"cve": "CVE-2024-37354",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-37354"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix crash on racing fsync and size-extending write into prealloc\n\nWe have been seeing crashes on duplicate keys in\nbtrfs_set_item_key_safe():\n\n BTRFS critical (device vdb): slot 4 key (450 108 8192) new key (450 108 8192)\n ------------[ cut here ]------------\n kernel BUG at fs/btrfs/ctree.c:2620!\n invalid opcode: 0000 [#1] PREEMPT SMP PTI\n CPU: 0 PID: 3139 Comm: xfs_io Kdump: loaded Not tainted 6.9.0 #6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-2.fc40 04/01/2014\n RIP: 0010:btrfs_set_item_key_safe+0x11f/0x290 [btrfs]\n\nWith the following stack trace:\n\n #0 btrfs_set_item_key_safe (fs/btrfs/ctree.c:2620:4)\n #1 btrfs_drop_extents (fs/btrfs/file.c:411:4)\n #2 log_one_extent (fs/btrfs/tree-log.c:4732:9)\n #3 btrfs_log_changed_extents (fs/btrfs/tree-log.c:4955:9)\n #4 btrfs_log_inode (fs/btrfs/tree-log.c:6626:9)\n #5 btrfs_log_inode_parent (fs/btrfs/tree-log.c:7070:8)\n #6 btrfs_log_dentry_safe (fs/btrfs/tree-log.c:7171:8)\n #7 btrfs_sync_file (fs/btrfs/file.c:1933:8)\n #8 vfs_fsync_range (fs/sync.c:188:9)\n #9 vfs_fsync (fs/sync.c:202:9)\n #10 do_fsync (fs/sync.c:212:9)\n #11 __do_sys_fdatasync (fs/sync.c:225:9)\n #12 __se_sys_fdatasync (fs/sync.c:223:1)\n #13 __x64_sys_fdatasync (fs/sync.c:223:1)\n #14 do_syscall_x64 (arch/x86/entry/common.c:52:14)\n #15 do_syscall_64 (arch/x86/entry/common.c:83:7)\n #16 entry_SYSCALL_64+0xaf/0x14c (arch/x86/entry/entry_64.S:121)\n\nSo we\u0027re logging a changed extent from fsync, which is splitting an\nextent in the log tree. But this split part already exists in the tree,\ntriggering the BUG().\n\nThis is the state of the log tree at the time of the crash, dumped with\ndrgn (https://github.com/osandov/drgn/blob/main/contrib/btrfs_tree.py)\nto get more details than btrfs_print_leaf() gives us:\n\n \u003e\u003e\u003e print_extent_buffer(prog.crashed_thread().stack_trace()[0][\"eb\"])\n leaf 33439744 level 0 items 72 generation 9 owner 18446744073709551610\n leaf 33439744 flags 0x100000000000000\n fs uuid e5bd3946-400c-4223-8923-190ef1f18677\n chunk uuid d58cb17e-6d02-494a-829a-18b7d8a399da\n item 0 key (450 INODE_ITEM 0) itemoff 16123 itemsize 160\n generation 7 transid 9 size 8192 nbytes 8473563889606862198\n block group 0 mode 100600 links 1 uid 0 gid 0 rdev 0\n sequence 204 flags 0x10(PREALLOC)\n atime 1716417703.220000000 (2024-05-22 15:41:43)\n ctime 1716417704.983333333 (2024-05-22 15:41:44)\n mtime 1716417704.983333333 (2024-05-22 15:41:44)\n otime 17592186044416.000000000 (559444-03-08 01:40:16)\n item 1 key (450 INODE_REF 256) itemoff 16110 itemsize 13\n index 195 namelen 3 name: 193\n item 2 key (450 XATTR_ITEM 1640047104) itemoff 16073 itemsize 37\n location key (0 UNKNOWN.0 0) type XATTR\n transid 7 data_len 1 name_len 6\n name: user.a\n data a\n item 3 key (450 EXTENT_DATA 0) itemoff 16020 itemsize 53\n generation 9 type 1 (regular)\n extent data disk byte 303144960 nr 12288\n extent data offset 0 nr 4096 ram 12288\n extent compression 0 (none)\n item 4 key (450 EXTENT_DATA 4096) itemoff 15967 itemsize 53\n generation 9 type 2 (prealloc)\n prealloc data disk byte 303144960 nr 12288\n prealloc data offset 4096 nr 8192\n item 5 key (450 EXTENT_DATA 8192) itemoff 15914 itemsize 53\n generation 9 type 2 (prealloc)\n prealloc data disk byte 303144960 nr 12288\n prealloc data offset 8192 nr 4096\n ...\n\nSo the real problem happened earlier: notice that items 4 (4k-12k) and 5\n(8k-12k) overlap. Both are prealloc extents. Item 4 straddles i_size and\nitem 5 starts at i_size.\n\nHere is the state of \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-37354",
"url": "https://www.suse.com/security/cve/CVE-2024-37354"
},
{
"category": "external",
"summary": "SUSE Bug 1227101 for CVE-2024-37354",
"url": "https://bugzilla.suse.com/1227101"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-37354"
},
{
"cve": "CVE-2024-38381",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38381"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: Fix uninit-value in nci_rx_work\n\nsyzbot reported the following uninit-value access issue [1]\n\nnci_rx_work() parses received packet from ndev-\u003erx_q. It should be\nvalidated header size, payload size and total packet size before\nprocessing the packet. If an invalid packet is detected, it should be\nsilently discarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38381",
"url": "https://www.suse.com/security/cve/CVE-2024-38381"
},
{
"category": "external",
"summary": "SUSE Bug 1226878 for CVE-2024-38381",
"url": "https://bugzilla.suse.com/1226878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38381"
},
{
"cve": "CVE-2024-38384",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38384"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix list corruption from reorder of WRITE -\u003elqueued\n\n__blkcg_rstat_flush() can be run anytime, especially when blk_cgroup_bio_start\nis being executed.\n\nIf WRITE of `-\u003elqueued` is re-ordered with READ of \u0027bisc-\u003elnode.next\u0027 in\nthe loop of __blkcg_rstat_flush(), `next_bisc` can be assigned with one\nstat instance being added in blk_cgroup_bio_start(), then the local\nlist in __blkcg_rstat_flush() could be corrupted.\n\nFix the issue by adding one barrier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38384",
"url": "https://www.suse.com/security/cve/CVE-2024-38384"
},
{
"category": "external",
"summary": "SUSE Bug 1226938 for CVE-2024-38384",
"url": "https://bugzilla.suse.com/1226938"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38384"
},
{
"cve": "CVE-2024-38385",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38385"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngenirq/irqdesc: Prevent use-after-free in irq_find_at_or_after()\n\nirq_find_at_or_after() dereferences the interrupt descriptor which is\nreturned by mt_find() while neither holding sparse_irq_lock nor RCU read\nlock, which means the descriptor can be freed between mt_find() and the\ndereference:\n\n CPU0 CPU1\n desc = mt_find()\n delayed_free_desc(desc)\n irq_desc_get_irq(desc)\n\nThe use-after-free is reported by KASAN:\n\n Call trace:\n irq_get_next_irq+0x58/0x84\n show_stat+0x638/0x824\n seq_read_iter+0x158/0x4ec\n proc_reg_read_iter+0x94/0x12c\n vfs_read+0x1e0/0x2c8\n\n Freed by task 4471:\n slab_free_freelist_hook+0x174/0x1e0\n __kmem_cache_free+0xa4/0x1dc\n kfree+0x64/0x128\n irq_kobj_release+0x28/0x3c\n kobject_put+0xcc/0x1e0\n delayed_free_desc+0x14/0x2c\n rcu_do_batch+0x214/0x720\n\nGuard the access with a RCU read lock section.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38385",
"url": "https://www.suse.com/security/cve/CVE-2024-38385"
},
{
"category": "external",
"summary": "SUSE Bug 1227085 for CVE-2024-38385",
"url": "https://bugzilla.suse.com/1227085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38385"
},
{
"cve": "CVE-2024-38388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda/cs_dsp_ctl: Use private_free for control cleanup\n\nUse the control private_free callback to free the associated data\nblock. This ensures that the memory won\u0027t leak, whatever way the\ncontrol gets destroyed.\n\nThe original implementation didn\u0027t actually remove the ALSA\ncontrols in hda_cs_dsp_control_remove(). It only freed the internal\ntracking structure. This meant it was possible to remove/unload the\namp driver while leaving its ALSA controls still present in the\nsoundcard. Obviously attempting to access them could cause segfaults\nor at least dereferencing stale pointers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38388",
"url": "https://www.suse.com/security/cve/CVE-2024-38388"
},
{
"category": "external",
"summary": "SUSE Bug 1226890 for CVE-2024-38388",
"url": "https://bugzilla.suse.com/1226890"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38388"
},
{
"cve": "CVE-2024-38390",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38390"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails\n\nCalling a6xx_destroy() before adreno_gpu_init() leads to a null pointer\ndereference on:\n\nmsm_gpu_cleanup() : platform_set_drvdata(gpu-\u003epdev, NULL);\n\nas gpu-\u003epdev is only assigned in:\n\na6xx_gpu_init()\n|_ adreno_gpu_init\n |_ msm_gpu_init()\n\nInstead of relying on handwavy null checks down the cleanup chain,\nexplicitly de-allocate the LLC data and free a6xx_gpu instead.\n\nPatchwork: https://patchwork.freedesktop.org/patch/588919/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38390",
"url": "https://www.suse.com/security/cve/CVE-2024-38390"
},
{
"category": "external",
"summary": "SUSE Bug 1226891 for CVE-2024-38390",
"url": "https://bugzilla.suse.com/1226891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38390"
},
{
"cve": "CVE-2024-38391",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38391"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38391",
"url": "https://www.suse.com/security/cve/CVE-2024-38391"
},
{
"category": "external",
"summary": "SUSE Bug 1226894 for CVE-2024-38391",
"url": "https://bugzilla.suse.com/1226894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38391"
},
{
"cve": "CVE-2024-38539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw\n\nWhen running blktests nvme/rdma, the following kmemleak issue will appear.\n\nkmemleak: Kernel memory leak detector initialized (mempool available:36041)\nkmemleak: Automatic memory scanning thread started\nkmemleak: 2 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\nkmemleak: 8 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\nkmemleak: 17 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\nkmemleak: 4 new suspected memory leaks (see /sys/kernel/debug/kmemleak)\n\nunreferenced object 0xffff88855da53400 (size 192):\n comm \"rdma\", pid 10630, jiffies 4296575922\n hex dump (first 32 bytes):\n 37 00 00 00 00 00 00 00 c0 ff ff ff 1f 00 00 00 7...............\n 10 34 a5 5d 85 88 ff ff 10 34 a5 5d 85 88 ff ff .4.].....4.]....\n backtrace (crc 47f66721):\n [\u003cffffffff911251bd\u003e] kmalloc_trace+0x30d/0x3b0\n [\u003cffffffffc2640ff7\u003e] alloc_gid_entry+0x47/0x380 [ib_core]\n [\u003cffffffffc2642206\u003e] add_modify_gid+0x166/0x930 [ib_core]\n [\u003cffffffffc2643468\u003e] ib_cache_update.part.0+0x6d8/0x910 [ib_core]\n [\u003cffffffffc2644e1a\u003e] ib_cache_setup_one+0x24a/0x350 [ib_core]\n [\u003cffffffffc263949e\u003e] ib_register_device+0x9e/0x3a0 [ib_core]\n [\u003cffffffffc2a3d389\u003e] 0xffffffffc2a3d389\n [\u003cffffffffc2688cd8\u003e] nldev_newlink+0x2b8/0x520 [ib_core]\n [\u003cffffffffc2645fe3\u003e] rdma_nl_rcv_msg+0x2c3/0x520 [ib_core]\n [\u003cffffffffc264648c\u003e]\nrdma_nl_rcv_skb.constprop.0.isra.0+0x23c/0x3a0 [ib_core]\n [\u003cffffffff9270e7b5\u003e] netlink_unicast+0x445/0x710\n [\u003cffffffff9270f1f1\u003e] netlink_sendmsg+0x761/0xc40\n [\u003cffffffff9249db29\u003e] __sys_sendto+0x3a9/0x420\n [\u003cffffffff9249dc8c\u003e] __x64_sys_sendto+0xdc/0x1b0\n [\u003cffffffff92db0ad3\u003e] do_syscall_64+0x93/0x180\n [\u003cffffffff92e00126\u003e] entry_SYSCALL_64_after_hwframe+0x71/0x79\n\nThe root cause: rdma_put_gid_attr is not called when sgid_attr is set\nto ERR_PTR(-ENODEV).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38539",
"url": "https://www.suse.com/security/cve/CVE-2024-38539"
},
{
"category": "external",
"summary": "SUSE Bug 1226608 for CVE-2024-38539",
"url": "https://bugzilla.suse.com/1226608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38539"
},
{
"cve": "CVE-2024-38540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38540"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq\n\nUndefined behavior is triggered when bnxt_qplib_alloc_init_hwq is called\nwith hwq_attr-\u003eaux_depth != 0 and hwq_attr-\u003eaux_stride == 0.\nIn that case, \"roundup_pow_of_two(hwq_attr-\u003eaux_stride)\" gets called.\nroundup_pow_of_two is documented as undefined for 0.\n\nFix it in the one caller that had this combination.\n\nThe undefined behavior was detected by UBSAN:\n UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13\n shift exponent 64 is too large for 64-bit type \u0027long unsigned int\u0027\n CPU: 24 PID: 1075 Comm: (udev-worker) Not tainted 6.9.0-rc6+ #4\n Hardware name: Abacus electric, s.r.o. - servis@abacus.cz Super Server/H12SSW-iN, BIOS 2.7 10/25/2023\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x5d/0x80\n ubsan_epilogue+0x5/0x30\n __ubsan_handle_shift_out_of_bounds.cold+0x61/0xec\n __roundup_pow_of_two+0x25/0x35 [bnxt_re]\n bnxt_qplib_alloc_init_hwq+0xa1/0x470 [bnxt_re]\n bnxt_qplib_create_qp+0x19e/0x840 [bnxt_re]\n bnxt_re_create_qp+0x9b1/0xcd0 [bnxt_re]\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __kmalloc+0x1b6/0x4f0\n ? create_qp.part.0+0x128/0x1c0 [ib_core]\n ? __pfx_bnxt_re_create_qp+0x10/0x10 [bnxt_re]\n create_qp.part.0+0x128/0x1c0 [ib_core]\n ib_create_qp_kernel+0x50/0xd0 [ib_core]\n create_mad_qp+0x8e/0xe0 [ib_core]\n ? __pfx_qp_event_handler+0x10/0x10 [ib_core]\n ib_mad_init_device+0x2be/0x680 [ib_core]\n add_client_context+0x10d/0x1a0 [ib_core]\n enable_device_and_get+0xe0/0x1d0 [ib_core]\n ib_register_device+0x53c/0x630 [ib_core]\n ? srso_alias_return_thunk+0x5/0xfbef5\n bnxt_re_probe+0xbd8/0xe50 [bnxt_re]\n ? __pfx_bnxt_re_probe+0x10/0x10 [bnxt_re]\n auxiliary_bus_probe+0x49/0x80\n ? driver_sysfs_add+0x57/0xc0\n really_probe+0xde/0x340\n ? pm_runtime_barrier+0x54/0x90\n ? __pfx___driver_attach+0x10/0x10\n __driver_probe_device+0x78/0x110\n driver_probe_device+0x1f/0xa0\n __driver_attach+0xba/0x1c0\n bus_for_each_dev+0x8f/0xe0\n bus_add_driver+0x146/0x220\n driver_register+0x72/0xd0\n __auxiliary_driver_register+0x6e/0xd0\n ? __pfx_bnxt_re_mod_init+0x10/0x10 [bnxt_re]\n bnxt_re_mod_init+0x3e/0xff0 [bnxt_re]\n ? __pfx_bnxt_re_mod_init+0x10/0x10 [bnxt_re]\n do_one_initcall+0x5b/0x310\n do_init_module+0x90/0x250\n init_module_from_file+0x86/0xc0\n idempotent_init_module+0x121/0x2b0\n __x64_sys_finit_module+0x5e/0xb0\n do_syscall_64+0x82/0x160\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? syscall_exit_to_user_mode_prepare+0x149/0x170\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? syscall_exit_to_user_mode+0x75/0x230\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? do_syscall_64+0x8e/0x160\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __count_memcg_events+0x69/0x100\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? count_memcg_events.constprop.0+0x1a/0x30\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? handle_mm_fault+0x1f0/0x300\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? do_user_addr_fault+0x34e/0x640\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? srso_alias_return_thunk+0x5/0xfbef5\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f4e5132821d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d e3 db 0c 00 f7 d8 64 89 01 48\n RSP: 002b:00007ffca9c906a8 EFLAGS: 00000246 ORIG_RAX: 0000000000000139\n RAX: ffffffffffffffda RBX: 0000563ec8a8f130 RCX: 00007f4e5132821d\n RDX: 0000000000000000 RSI: 00007f4e518fa07d RDI: 000000000000003b\n RBP: 00007ffca9c90760 R08: 00007f4e513f6b20 R09: 00007ffca9c906f0\n R10: 0000563ec8a8faa0 R11: 0000000000000246 R12: 00007f4e518fa07d\n R13: 0000000000020000 R14: 0000563ec8409e90 R15: 0000563ec8a8fa60\n \u003c/TASK\u003e\n ---[ end trace ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38540",
"url": "https://www.suse.com/security/cve/CVE-2024-38540"
},
{
"category": "external",
"summary": "SUSE Bug 1226582 for CVE-2024-38540",
"url": "https://bugzilla.suse.com/1226582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38540"
},
{
"cve": "CVE-2024-38541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38541"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: add buffer overflow check in of_modalias()\n\nIn of_modalias(), if the buffer happens to be too small even for the 1st\nsnprintf() call, the len parameter will become negative and str parameter\n(if not NULL initially) will point beyond the buffer\u0027s end. Add the buffer\noverflow check after the 1st snprintf() call and fix such check after the\nstrlen() call (accounting for the terminating NUL char).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38541",
"url": "https://www.suse.com/security/cve/CVE-2024-38541"
},
{
"category": "external",
"summary": "SUSE Bug 1226587 for CVE-2024-38541",
"url": "https://bugzilla.suse.com/1226587"
},
{
"category": "external",
"summary": "SUSE Bug 1227496 for CVE-2024-38541",
"url": "https://bugzilla.suse.com/1227496"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38541"
},
{
"cve": "CVE-2024-38543",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38543"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlib/test_hmm.c: handle src_pfns and dst_pfns allocation failure\n\nThe kcalloc() in dmirror_device_evict_chunk() will return null if the\nphysical memory has run out. As a result, if src_pfns or dst_pfns is\ndereferenced, the null pointer dereference bug will happen.\n\nMoreover, the device is going away. If the kcalloc() fails, the pages\nmapping a chunk could not be evicted. So add a __GFP_NOFAIL flag in\nkcalloc().\n\nFinally, as there is no need to have physically contiguous memory, Switch\nkcalloc() to kvcalloc() in order to avoid failing allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38543",
"url": "https://www.suse.com/security/cve/CVE-2024-38543"
},
{
"category": "external",
"summary": "SUSE Bug 1226594 for CVE-2024-38543",
"url": "https://bugzilla.suse.com/1226594"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38543"
},
{
"cve": "CVE-2024-38544",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38544"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix seg fault in rxe_comp_queue_pkt\n\nIn rxe_comp_queue_pkt() an incoming response packet skb is enqueued to the\nresp_pkts queue and then a decision is made whether to run the completer\ntask inline or schedule it. Finally the skb is dereferenced to bump a \u0027hw\u0027\nperformance counter. This is wrong because if the completer task is\nalready running in a separate thread it may have already processed the skb\nand freed it which can cause a seg fault. This has been observed\ninfrequently in testing at high scale.\n\nThis patch fixes this by changing the order of enqueuing the packet until\nafter the counter is accessed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38544",
"url": "https://www.suse.com/security/cve/CVE-2024-38544"
},
{
"category": "external",
"summary": "SUSE Bug 1226597 for CVE-2024-38544",
"url": "https://bugzilla.suse.com/1226597"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38544"
},
{
"cve": "CVE-2024-38545",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38545"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix UAF for cq async event\n\nThe refcount of CQ is not protected by locks. When CQ asynchronous\nevents and CQ destruction are concurrent, CQ may have been released,\nwhich will cause UAF.\n\nUse the xa_lock() to protect the CQ refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38545",
"url": "https://www.suse.com/security/cve/CVE-2024-38545"
},
{
"category": "external",
"summary": "SUSE Bug 1226595 for CVE-2024-38545",
"url": "https://bugzilla.suse.com/1226595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38545"
},
{
"cve": "CVE-2024-38546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: vc4: Fix possible null pointer dereference\n\nIn vc4_hdmi_audio_init() of_get_address() may return\nNULL which is later dereferenced. Fix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38546",
"url": "https://www.suse.com/security/cve/CVE-2024-38546"
},
{
"category": "external",
"summary": "SUSE Bug 1226593 for CVE-2024-38546",
"url": "https://bugzilla.suse.com/1226593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38546"
},
{
"cve": "CVE-2024-38547",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38547"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries\n\nThe allocation failure of mycs-\u003eyuv_scaler_binary in load_video_binaries()\nis followed with a dereference of mycs-\u003eyuv_scaler_binary after the\nfollowing call chain:\n\nsh_css_pipe_load_binaries()\n |-\u003e load_video_binaries(mycs-\u003eyuv_scaler_binary == NULL)\n |\n |-\u003e sh_css_pipe_unload_binaries()\n |-\u003e unload_video_binaries()\n\nIn unload_video_binaries(), it calls to ia_css_binary_unload with argument\n\u0026pipe-\u003epipe_settings.video.yuv_scaler_binary[i], which refers to the\nsame memory slot as mycs-\u003eyuv_scaler_binary. Thus, a null-pointer\ndereference is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38547",
"url": "https://www.suse.com/security/cve/CVE-2024-38547"
},
{
"category": "external",
"summary": "SUSE Bug 1226632 for CVE-2024-38547",
"url": "https://bugzilla.suse.com/1226632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38547"
},
{
"cve": "CVE-2024-38548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: bridge: cdns-mhdp8546: Fix possible null pointer dereference\n\nIn cdns_mhdp_atomic_enable(), the return value of drm_mode_duplicate() is\nassigned to mhdp_state-\u003ecurrent_mode, and there is a dereference of it in\ndrm_mode_set_name(), which will lead to a NULL pointer dereference on\nfailure of drm_mode_duplicate().\n\nFix this bug add a check of mhdp_state-\u003ecurrent_mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38548",
"url": "https://www.suse.com/security/cve/CVE-2024-38548"
},
{
"category": "external",
"summary": "SUSE Bug 1228202 for CVE-2024-38548",
"url": "https://bugzilla.suse.com/1228202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38548"
},
{
"cve": "CVE-2024-38549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Add 0 size check to mtk_drm_gem_obj\n\nAdd a check to mtk_drm_gem_init if we attempt to allocate a GEM object\nof 0 bytes. Currently, no such check exists and the kernel will panic if\na userspace application attempts to allocate a 0x0 GBM buffer.\n\nTested by attempting to allocate a 0x0 GBM buffer on an MT8188 and\nverifying that we now return EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38549",
"url": "https://www.suse.com/security/cve/CVE-2024-38549"
},
{
"category": "external",
"summary": "SUSE Bug 1226735 for CVE-2024-38549",
"url": "https://bugzilla.suse.com/1226735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38549"
},
{
"cve": "CVE-2024-38550",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38550"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: kirkwood: Fix potential NULL dereference\n\nIn kirkwood_dma_hw_params() mv_mbus_dram_info() returns NULL if\nCONFIG_PLAT_ORION macro is not defined.\nFix this bug by adding NULL check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38550",
"url": "https://www.suse.com/security/cve/CVE-2024-38550"
},
{
"category": "external",
"summary": "SUSE Bug 1226633 for CVE-2024-38550",
"url": "https://bugzilla.suse.com/1226633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38550"
},
{
"cve": "CVE-2024-38551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38551"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: Assign dummy when codec not specified for a DAI link\n\nMediaTek sound card drivers are checking whether a DAI link is present\nand used on a board to assign the correct parameters and this is done\nby checking the codec DAI names at probe time.\n\nIf no real codec is present, assign the dummy codec to the DAI link\nto avoid NULL pointer during string comparison.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38551",
"url": "https://www.suse.com/security/cve/CVE-2024-38551"
},
{
"category": "external",
"summary": "SUSE Bug 1226761 for CVE-2024-38551",
"url": "https://bugzilla.suse.com/1226761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38551"
},
{
"cve": "CVE-2024-38552",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38552"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix potential index out of bounds in color transformation function\n\nFixes index out of bounds issue in the color transformation function.\nThe issue could occur when the index \u0027i\u0027 exceeds the number of transfer\nfunction points (TRANSFER_FUNC_POINTS).\n\nThe fix adds a check to ensure \u0027i\u0027 is within bounds before accessing the\ntransfer function points. If \u0027i\u0027 is out of bounds, an error message is\nlogged and the function returns false to indicate an error.\n\nReported by smatch:\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:405 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.red\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:406 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.green\u0027 1025 \u003c= s32max\ndrivers/gpu/drm/amd/amdgpu/../display/dc/dcn10/dcn10_cm_common.c:407 cm_helper_translate_curve_to_hw_format() error: buffer overflow \u0027output_tf-\u003etf_pts.blue\u0027 1025 \u003c= s32max",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38552",
"url": "https://www.suse.com/security/cve/CVE-2024-38552"
},
{
"category": "external",
"summary": "SUSE Bug 1226767 for CVE-2024-38552",
"url": "https://bugzilla.suse.com/1226767"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38552"
},
{
"cve": "CVE-2024-38553",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38553"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: fec: remove .ndo_poll_controller to avoid deadlocks\n\nThere is a deadlock issue found in sungem driver, please refer to the\ncommit ac0a230f719b (\"eth: sungem: remove .ndo_poll_controller to avoid\ndeadlocks\"). The root cause of the issue is that netpoll is in atomic\ncontext and disable_irq() is called by .ndo_poll_controller interface\nof sungem driver, however, disable_irq() might sleep. After analyzing\nthe implementation of fec_poll_controller(), the fec driver should have\nthe same issue. Due to the fec driver uses NAPI for TX completions, the\n.ndo_poll_controller is unnecessary to be implemented in the fec driver,\nso fec_poll_controller() can be safely removed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38553",
"url": "https://www.suse.com/security/cve/CVE-2024-38553"
},
{
"category": "external",
"summary": "SUSE Bug 1226744 for CVE-2024-38553",
"url": "https://bugzilla.suse.com/1226744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38553"
},
{
"cve": "CVE-2024-38554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38554"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix reference count leak issue of net_device\n\nThere is a reference count leak issue of the object \"net_device\" in\nax25_dev_device_down(). When the ax25 device is shutting down, the\nax25_dev_device_down() drops the reference count of net_device one\nor zero times depending on if we goto unlock_put or not, which will\ncause memory leak.\n\nIn order to solve the above issue, decrease the reference count of\nnet_device after dev-\u003eax25_ptr is set to null.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38554",
"url": "https://www.suse.com/security/cve/CVE-2024-38554"
},
{
"category": "external",
"summary": "SUSE Bug 1226742 for CVE-2024-38554",
"url": "https://bugzilla.suse.com/1226742"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38554"
},
{
"cve": "CVE-2024-38555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Discard command completions in internal error\n\nFix use after free when FW completion arrives while device is in\ninternal error state. Avoid calling completion handler in this case,\nsince the device will flush the command interface and trigger all\ncompletions manually.\n\nKernel log:\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\n...\nRIP: 0010:refcount_warn_saturate+0xd8/0xe0\n...\nCall Trace:\n\u003cIRQ\u003e\n? __warn+0x79/0x120\n? refcount_warn_saturate+0xd8/0xe0\n? report_bug+0x17c/0x190\n? handle_bug+0x3c/0x60\n? exc_invalid_op+0x14/0x70\n? asm_exc_invalid_op+0x16/0x20\n? refcount_warn_saturate+0xd8/0xe0\ncmd_ent_put+0x13b/0x160 [mlx5_core]\nmlx5_cmd_comp_handler+0x5f9/0x670 [mlx5_core]\ncmd_comp_notifier+0x1f/0x30 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nmlx5_eq_async_int+0xf6/0x290 [mlx5_core]\nnotifier_call_chain+0x35/0xb0\natomic_notifier_call_chain+0x16/0x20\nirq_int_handler+0x19/0x30 [mlx5_core]\n__handle_irq_event_percpu+0x4b/0x160\nhandle_irq_event+0x2e/0x80\nhandle_edge_irq+0x98/0x230\n__common_interrupt+0x3b/0xa0\ncommon_interrupt+0x7b/0xa0\n\u003c/IRQ\u003e\n\u003cTASK\u003e\nasm_common_interrupt+0x22/0x40",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38555",
"url": "https://www.suse.com/security/cve/CVE-2024-38555"
},
{
"category": "external",
"summary": "SUSE Bug 1226607 for CVE-2024-38555",
"url": "https://bugzilla.suse.com/1226607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38555"
},
{
"cve": "CVE-2024-38556",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38556"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Add a timeout to acquire the command queue semaphore\n\nPrevent forced completion handling on an entry that has not yet been\nassigned an index, causing an out of bounds access on idx = -22.\nInstead of waiting indefinitely for the sem, blocking flow now waits for\nindex to be allocated or a sem acquisition timeout before beginning the\ntimer for FW completion.\n\nKernel log example:\nmlx5_core 0000:06:00.0: wait_func_handle_exec_timeout:1128:(pid 185911): cmd[-22]: CREATE_UCTX(0xa04) No done completion",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38556",
"url": "https://www.suse.com/security/cve/CVE-2024-38556"
},
{
"category": "external",
"summary": "SUSE Bug 1226774 for CVE-2024-38556",
"url": "https://bugzilla.suse.com/1226774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38556"
},
{
"cve": "CVE-2024-38557",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38557"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Reload only IB representors upon lag disable/enable\n\nOn lag disable, the bond IB device along with all of its\nrepresentors are destroyed, and then the slaves\u0027 representors get reloaded.\n\nIn case the slave IB representor load fails, the eswitch error flow\nunloads all representors, including ethernet representors, where the\nnetdevs get detached and removed from lag bond. Such flow is inaccurate\nas the lag driver is not responsible for loading/unloading ethernet\nrepresentors. Furthermore, the flow described above begins by holding\nlag lock to prevent bond changes during disable flow. However, when\nreaching the ethernet representors detachment from lag, the lag lock is\nrequired again, triggering the following deadlock:\n\nCall trace:\n__switch_to+0xf4/0x148\n__schedule+0x2c8/0x7d0\nschedule+0x50/0xe0\nschedule_preempt_disabled+0x18/0x28\n__mutex_lock.isra.13+0x2b8/0x570\n__mutex_lock_slowpath+0x1c/0x28\nmutex_lock+0x4c/0x68\nmlx5_lag_remove_netdev+0x3c/0x1a0 [mlx5_core]\nmlx5e_uplink_rep_disable+0x70/0xa0 [mlx5_core]\nmlx5e_detach_netdev+0x6c/0xb0 [mlx5_core]\nmlx5e_netdev_change_profile+0x44/0x138 [mlx5_core]\nmlx5e_netdev_attach_nic_profile+0x28/0x38 [mlx5_core]\nmlx5e_vport_rep_unload+0x184/0x1b8 [mlx5_core]\nmlx5_esw_offloads_rep_load+0xd8/0xe0 [mlx5_core]\nmlx5_eswitch_reload_reps+0x74/0xd0 [mlx5_core]\nmlx5_disable_lag+0x130/0x138 [mlx5_core]\nmlx5_lag_disable_change+0x6c/0x70 [mlx5_core] // hold ldev-\u003elock\nmlx5_devlink_eswitch_mode_set+0xc0/0x410 [mlx5_core]\ndevlink_nl_cmd_eswitch_set_doit+0xdc/0x180\ngenl_family_rcv_msg_doit.isra.17+0xe8/0x138\ngenl_rcv_msg+0xe4/0x220\nnetlink_rcv_skb+0x44/0x108\ngenl_rcv+0x40/0x58\nnetlink_unicast+0x198/0x268\nnetlink_sendmsg+0x1d4/0x418\nsock_sendmsg+0x54/0x60\n__sys_sendto+0xf4/0x120\n__arm64_sys_sendto+0x30/0x40\nel0_svc_common+0x8c/0x120\ndo_el0_svc+0x30/0xa0\nel0_svc+0x20/0x30\nel0_sync_handler+0x90/0xb8\nel0_sync+0x160/0x180\n\nThus, upon lag enable/disable, load and unload only the IB representors\nof the slaves preventing the deadlock mentioned above.\n\nWhile at it, refactor the mlx5_esw_offloads_rep_load() function to have\na static helper method for its internal logic, in symmetry with the\nrepresentor unload design.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38557",
"url": "https://www.suse.com/security/cve/CVE-2024-38557"
},
{
"category": "external",
"summary": "SUSE Bug 1226781 for CVE-2024-38557",
"url": "https://bugzilla.suse.com/1226781"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38557"
},
{
"cve": "CVE-2024-38558",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38558"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: fix overwriting ct original tuple for ICMPv6\n\nOVS_PACKET_CMD_EXECUTE has 3 main attributes:\n - OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format.\n - OVS_PACKET_ATTR_PACKET - Binary packet content.\n - OVS_PACKET_ATTR_ACTIONS - Actions to execute on the packet.\n\nOVS_PACKET_ATTR_KEY is parsed first to populate sw_flow_key structure\nwith the metadata like conntrack state, input port, recirculation id,\netc. Then the packet itself gets parsed to populate the rest of the\nkeys from the packet headers.\n\nWhenever the packet parsing code starts parsing the ICMPv6 header, it\nfirst zeroes out fields in the key corresponding to Neighbor Discovery\ninformation even if it is not an ND packet.\n\nIt is an \u0027ipv6.nd\u0027 field. However, the \u0027ipv6\u0027 is a union that shares\nthe space between \u0027nd\u0027 and \u0027ct_orig\u0027 that holds the original tuple\nconntrack metadata parsed from the OVS_PACKET_ATTR_KEY.\n\nND packets should not normally have conntrack state, so it\u0027s fine to\nshare the space, but normal ICMPv6 Echo packets or maybe other types of\nICMPv6 can have the state attached and it should not be overwritten.\n\nThe issue results in all but the last 4 bytes of the destination\naddress being wiped from the original conntrack tuple leading to\nincorrect packet matching and potentially executing wrong actions\nin case this packet recirculates within the datapath or goes back\nto userspace.\n\nND fields should not be accessed in non-ND packets, so not clearing\nthem should be fine. Executing memset() only for actual ND packets to\navoid the issue.\n\nInitializing the whole thing before parsing is needed because ND packet\nmay not contain all the options.\n\nThe issue only affects the OVS_PACKET_CMD_EXECUTE path and doesn\u0027t\naffect packets entering OVS datapath from network interfaces, because\nin this case CT metadata is populated from skb after the packet is\nalready parsed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38558",
"url": "https://www.suse.com/security/cve/CVE-2024-38558"
},
{
"category": "external",
"summary": "SUSE Bug 1226783 for CVE-2024-38558",
"url": "https://bugzilla.suse.com/1226783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38558"
},
{
"cve": "CVE-2024-38559",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38559"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qedf: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a count-sized kernel buffer and copy count from\nuserspace to that buffer. Later, we use kstrtouint on this buffer but we\ndon\u0027t ensure that the string is terminated inside the buffer, this can\nlead to OOB read when using kstrtouint. Fix this issue by using\nmemdup_user_nul instead of memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38559",
"url": "https://www.suse.com/security/cve/CVE-2024-38559"
},
{
"category": "external",
"summary": "SUSE Bug 1226785 for CVE-2024-38559",
"url": "https://bugzilla.suse.com/1226785"
},
{
"category": "external",
"summary": "SUSE Bug 1227495 for CVE-2024-38559",
"url": "https://bugzilla.suse.com/1227495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38559"
},
{
"cve": "CVE-2024-38560",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38560"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: bfa: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a nbytes-sized kernel buffer and copy nbytes from\nuserspace to that buffer. Later, we use sscanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using sscanf. Fix this issue by using memdup_user_nul instead\nof memdup_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38560",
"url": "https://www.suse.com/security/cve/CVE-2024-38560"
},
{
"category": "external",
"summary": "SUSE Bug 1226786 for CVE-2024-38560",
"url": "https://bugzilla.suse.com/1226786"
},
{
"category": "external",
"summary": "SUSE Bug 1227319 for CVE-2024-38560",
"url": "https://bugzilla.suse.com/1227319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38560"
},
{
"cve": "CVE-2024-38562",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38562"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: Avoid address calculations via out of bounds array indexing\n\nBefore request-\u003echannels[] can be used, request-\u003en_channels must be set.\nAdditionally, address calculations for memory after the \"channels\" array\nneed to be calculated from the allocation base (\"request\") rather than\nvia the first \"out of bounds\" index of \"channels\", otherwise run-time\nbounds checking will throw a warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38562",
"url": "https://www.suse.com/security/cve/CVE-2024-38562"
},
{
"category": "external",
"summary": "SUSE Bug 1226788 for CVE-2024-38562",
"url": "https://bugzilla.suse.com/1226788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38562"
},
{
"cve": "CVE-2024-38564",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38564"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE\n\nbpf_prog_attach uses attach_type_to_prog_type to enforce proper\nattach type for BPF_PROG_TYPE_CGROUP_SKB. link_create uses\nbpf_prog_get and relies on bpf_prog_attach_check_attach_type\nto properly verify prog_type \u003c\u003e attach_type association.\n\nAdd missing attach_type enforcement for the link_create case.\nOtherwise, it\u0027s currently possible to attach cgroup_skb prog\ntypes to other cgroup hooks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38564",
"url": "https://www.suse.com/security/cve/CVE-2024-38564"
},
{
"category": "external",
"summary": "SUSE Bug 1226789 for CVE-2024-38564",
"url": "https://bugzilla.suse.com/1226789"
},
{
"category": "external",
"summary": "SUSE Bug 1228730 for CVE-2024-38564",
"url": "https://bugzilla.suse.com/1228730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-38564"
},
{
"cve": "CVE-2024-38565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38565"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ar5523: enable proper endpoint verification\n\nSyzkaller reports [1] hitting a warning about an endpoint in use\nnot having an expected type to it.\n\nFix the issue by checking for the existence of all proper\nendpoints with their according types intact.\n\nSadly, this patch has not been tested on real hardware.\n\n[1] Syzkaller report:\n------------[ cut here ]------------\nusb 1-1: BOGUS urb xfer, pipe 3 != type 1\nWARNING: CPU: 0 PID: 3643 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n ar5523_cmd+0x41b/0x780 drivers/net/wireless/ath/ar5523/ar5523.c:275\n ar5523_cmd_read drivers/net/wireless/ath/ar5523/ar5523.c:302 [inline]\n ar5523_host_available drivers/net/wireless/ath/ar5523/ar5523.c:1376 [inline]\n ar5523_probe+0x14b0/0x1d10 drivers/net/wireless/ath/ar5523/ar5523.c:1655\n usb_probe_interface+0x30f/0x7f0 drivers/usb/core/driver.c:396\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_set_configuration+0x101d/0x1900 drivers/usb/core/message.c:2170\n usb_generic_driver_probe+0xbe/0x100 drivers/usb/core/generic.c:238\n usb_probe_device+0xd8/0x2c0 drivers/usb/core/driver.c:293\n call_driver_probe drivers/base/dd.c:560 [inline]\n really_probe+0x249/0xb90 drivers/base/dd.c:639\n __driver_probe_device+0x1df/0x4d0 drivers/base/dd.c:778\n driver_probe_device+0x4c/0x1a0 drivers/base/dd.c:808\n __device_attach_driver+0x1d4/0x2e0 drivers/base/dd.c:936\n bus_for_each_drv+0x163/0x1e0 drivers/base/bus.c:427\n __device_attach+0x1e4/0x530 drivers/base/dd.c:1008\n bus_probe_device+0x1e8/0x2a0 drivers/base/bus.c:487\n device_add+0xbd9/0x1e90 drivers/base/core.c:3517\n usb_new_device.cold+0x685/0x10ad drivers/usb/core/hub.c:2573\n hub_port_connect drivers/usb/core/hub.c:5353 [inline]\n hub_port_connect_change drivers/usb/core/hub.c:5497 [inline]\n port_event drivers/usb/core/hub.c:5653 [inline]\n hub_event+0x26cb/0x45d0 drivers/usb/core/hub.c:5735\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:306\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38565",
"url": "https://www.suse.com/security/cve/CVE-2024-38565"
},
{
"category": "external",
"summary": "SUSE Bug 1226747 for CVE-2024-38565",
"url": "https://bugzilla.suse.com/1226747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38565"
},
{
"cve": "CVE-2024-38566",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38566"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix verifier assumptions about socket-\u003esk\n\nThe verifier assumes that \u0027sk\u0027 field in \u0027struct socket\u0027 is valid\nand non-NULL when \u0027socket\u0027 pointer itself is trusted and non-NULL.\nThat may not be the case when socket was just created and\npassed to LSM socket_accept hook.\nFix this verifier assumption and adjust tests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38566",
"url": "https://www.suse.com/security/cve/CVE-2024-38566"
},
{
"category": "external",
"summary": "SUSE Bug 1226790 for CVE-2024-38566",
"url": "https://bugzilla.suse.com/1226790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38566"
},
{
"cve": "CVE-2024-38567",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38567"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: add a proper sanity check for endpoints\n\nSyzkaller reports [1] hitting a warning which is caused by presence\nof a wrong endpoint type at the URB sumbitting stage. While there\nwas a check for a specific 4th endpoint, since it can switch types\nbetween bulk and interrupt, other endpoints are trusted implicitly.\nSimilar warning is triggered in a couple of other syzbot issues [2].\n\nFix the issue by doing a comprehensive check of all endpoints\ntaking into account difference between high- and full-speed\nconfiguration.\n\n[1] Syzkaller report:\n...\nWARNING: CPU: 0 PID: 4721 at drivers/usb/core/urb.c:504 usb_submit_urb+0xed6/0x1880 drivers/usb/core/urb.c:504\n...\nCall Trace:\n \u003cTASK\u003e\n carl9170_usb_send_rx_irq_urb+0x273/0x340 drivers/net/wireless/ath/carl9170/usb.c:504\n carl9170_usb_init_device drivers/net/wireless/ath/carl9170/usb.c:939 [inline]\n carl9170_usb_firmware_finish drivers/net/wireless/ath/carl9170/usb.c:999 [inline]\n carl9170_usb_firmware_step2+0x175/0x240 drivers/net/wireless/ath/carl9170/usb.c:1028\n request_firmware_work_func+0x130/0x240 drivers/base/firmware_loader/main.c:1107\n process_one_work+0x9bf/0x1710 kernel/workqueue.c:2289\n worker_thread+0x669/0x1090 kernel/workqueue.c:2436\n kthread+0x2e8/0x3a0 kernel/kthread.c:376\n ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:308\n \u003c/TASK\u003e\n\n[2] Related syzkaller crashes:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38567",
"url": "https://www.suse.com/security/cve/CVE-2024-38567"
},
{
"category": "external",
"summary": "SUSE Bug 1226769 for CVE-2024-38567",
"url": "https://bugzilla.suse.com/1226769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38567"
},
{
"cve": "CVE-2024-38568",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38568"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: hns3: Fix out-of-bound access when valid event group\n\nThe perf tool allows users to create event groups through following\ncmd [1], but the driver does not check whether the array index is out\nof bounds when writing data to the event_group array. If the number of\nevents in an event_group is greater than HNS3_PMU_MAX_HW_EVENTS, the\nmemory write overflow of event_group array occurs.\n\nAdd array index check to fix the possible array out of bounds violation,\nand return directly when write new events are written to array bounds.\n\nThere are 9 different events in an event_group.\n[1] perf stat -e \u0027{pmu/event1/, ... ,pmu/event9/}",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38568",
"url": "https://www.suse.com/security/cve/CVE-2024-38568"
},
{
"category": "external",
"summary": "SUSE Bug 1226771 for CVE-2024-38568",
"url": "https://bugzilla.suse.com/1226771"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38568"
},
{
"cve": "CVE-2024-38569",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38569"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi_pcie: Fix out-of-bound access when valid event group\n\nThe perf tool allows users to create event groups through following\ncmd [1], but the driver does not check whether the array index is out of\nbounds when writing data to the event_group array. If the number of events\nin an event_group is greater than HISI_PCIE_MAX_COUNTERS, the memory write\noverflow of event_group array occurs.\n\nAdd array index check to fix the possible array out of bounds violation,\nand return directly when write new events are written to array bounds.\n\nThere are 9 different events in an event_group.\n[1] perf stat -e \u0027{pmu/event1/, ... ,pmu/event9/}\u0027",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38569",
"url": "https://www.suse.com/security/cve/CVE-2024-38569"
},
{
"category": "external",
"summary": "SUSE Bug 1226772 for CVE-2024-38569",
"url": "https://bugzilla.suse.com/1226772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38569"
},
{
"cve": "CVE-2024-38570",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38570"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix potential glock use-after-free on unmount\n\nWhen a DLM lockspace is released and there ares still locks in that\nlockspace, DLM will unlock those locks automatically. Commit\nfb6791d100d1b started exploiting this behavior to speed up filesystem\nunmount: gfs2 would simply free glocks it didn\u0027t want to unlock and then\nrelease the lockspace. This didn\u0027t take the bast callbacks for\nasynchronous lock contention notifications into account, which remain\nactive until until a lock is unlocked or its lockspace is released.\n\nTo prevent those callbacks from accessing deallocated objects, put the\nglocks that should not be unlocked on the sd_dead_glocks list, release\nthe lockspace, and only then free those glocks.\n\nAs an additional measure, ignore unexpected ast and bast callbacks if\nthe receiving glock is dead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38570",
"url": "https://www.suse.com/security/cve/CVE-2024-38570"
},
{
"category": "external",
"summary": "SUSE Bug 1226775 for CVE-2024-38570",
"url": "https://bugzilla.suse.com/1226775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38570"
},
{
"cve": "CVE-2024-38571",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38571"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/tsens: Fix null pointer dereference\n\ncompute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c)\nas compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to null\npointer dereference (if DEBUG or DYNAMIC_DEBUG set).\nFix this bug by adding null pointer check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38571",
"url": "https://www.suse.com/security/cve/CVE-2024-38571"
},
{
"category": "external",
"summary": "SUSE Bug 1226737 for CVE-2024-38571",
"url": "https://bugzilla.suse.com/1226737"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38571"
},
{
"cve": "CVE-2024-38572",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38572"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix out-of-bound access of qmi_invoke_handler()\n\nCurrently, there is no terminator entry for ath12k_qmi_msg_handlers hence\nfacing below KASAN warning,\n\n ==================================================================\n BUG: KASAN: global-out-of-bounds in qmi_invoke_handler+0xa4/0x148\n Read of size 8 at addr ffffffd00a6428d8 by task kworker/u8:2/1273\n\n CPU: 0 PID: 1273 Comm: kworker/u8:2 Not tainted 5.4.213 #0\n Workqueue: qmi_msg_handler qmi_data_ready_work\n Call trace:\n dump_backtrace+0x0/0x20c\n show_stack+0x14/0x1c\n dump_stack+0xe0/0x138\n print_address_description.isra.5+0x30/0x330\n __kasan_report+0x16c/0x1bc\n kasan_report+0xc/0x14\n __asan_load8+0xa8/0xb0\n qmi_invoke_handler+0xa4/0x148\n qmi_handle_message+0x18c/0x1bc\n qmi_data_ready_work+0x4ec/0x528\n process_one_work+0x2c0/0x440\n worker_thread+0x324/0x4b8\n kthread+0x210/0x228\n ret_from_fork+0x10/0x18\n\n The address belongs to the variable:\n ath12k_mac_mon_status_filter_default+0x4bd8/0xfffffffffffe2300 [ath12k]\n [...]\n ==================================================================\n\nAdd a dummy terminator entry at the end to assist the qmi_invoke_handler()\nin traversing up to the terminator entry without accessing an\nout-of-boundary index.\n\nTested-on: QCN9274 hw2.0 PCI WLAN.WBE.1.0.1-00029-QCAHKSWPL_SILICONZ-1",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38572",
"url": "https://www.suse.com/security/cve/CVE-2024-38572"
},
{
"category": "external",
"summary": "SUSE Bug 1226776 for CVE-2024-38572",
"url": "https://bugzilla.suse.com/1226776"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38572"
},
{
"cve": "CVE-2024-38573",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38573"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncppc_cpufreq: Fix possible null pointer dereference\n\ncppc_cpufreq_get_rate() and hisi_cppc_cpufreq_get_rate() can be called from\ndifferent places with various parameters. So cpufreq_cpu_get() can return\nnull as \u0027policy\u0027 in some circumstances.\nFix this bug by adding null return check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38573",
"url": "https://www.suse.com/security/cve/CVE-2024-38573"
},
{
"category": "external",
"summary": "SUSE Bug 1226739 for CVE-2024-38573",
"url": "https://bugzilla.suse.com/1226739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38573"
},
{
"cve": "CVE-2024-38575",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38575"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: pcie: handle randbuf allocation failure\n\nThe kzalloc() in brcmf_pcie_download_fw_nvram() will return null\nif the physical memory has run out. As a result, if we use\nget_random_bytes() to generate random bytes in the randbuf, the\nnull pointer dereference bug will happen.\n\nIn order to prevent allocation failure, this patch adds a separate\nfunction using buffer on kernel stack to generate random bytes in\nthe randbuf, which could prevent the kernel stack from overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38575",
"url": "https://www.suse.com/security/cve/CVE-2024-38575"
},
{
"category": "external",
"summary": "SUSE Bug 1226612 for CVE-2024-38575",
"url": "https://bugzilla.suse.com/1226612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38575"
},
{
"cve": "CVE-2024-38578",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38578"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\necryptfs: Fix buffer size for tag 66 packet\n\nThe \u0027TAG 66 Packet Format\u0027 description is missing the cipher code and\nchecksum fields that are packed into the message packet. As a result,\nthe buffer allocated for the packet is 3 bytes too small and\nwrite_tag_66_packet() will write up to 3 bytes past the end of the\nbuffer.\n\nFix this by increasing the size of the allocation so the whole packet\nwill always fit in the buffer.\n\nThis fixes the below kasan slab-out-of-bounds bug:\n\n BUG: KASAN: slab-out-of-bounds in ecryptfs_generate_key_packet_set+0x7d6/0xde0\n Write of size 1 at addr ffff88800afbb2a5 by task touch/181\n\n CPU: 0 PID: 181 Comm: touch Not tainted 6.6.13-gnu #1 4c9534092be820851bb687b82d1f92a426598dc6\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2/GNU Guix 04/01/2014\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x4c/0x70\n print_report+0xc5/0x610\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? kasan_complete_mode_report_info+0x44/0x210\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n kasan_report+0xc2/0x110\n ? ecryptfs_generate_key_packet_set+0x7d6/0xde0\n __asan_store1+0x62/0x80\n ecryptfs_generate_key_packet_set+0x7d6/0xde0\n ? __pfx_ecryptfs_generate_key_packet_set+0x10/0x10\n ? __alloc_pages+0x2e2/0x540\n ? __pfx_ovl_open+0x10/0x10 [overlay 30837f11141636a8e1793533a02e6e2e885dad1d]\n ? dentry_open+0x8f/0xd0\n ecryptfs_write_metadata+0x30a/0x550\n ? __pfx_ecryptfs_write_metadata+0x10/0x10\n ? ecryptfs_get_lower_file+0x6b/0x190\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n ? __pfx_path_openat+0x10/0x10\n do_filp_open+0x15e/0x290\n ? __pfx_do_filp_open+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? _raw_spin_lock+0x86/0xf0\n ? __pfx__raw_spin_lock+0x10/0x10\n ? __kasan_check_write+0x18/0x30\n ? alloc_fd+0xf4/0x330\n do_sys_openat2+0x122/0x160\n ? __pfx_do_sys_openat2+0x10/0x10\n __x64_sys_openat+0xef/0x170\n ? __pfx___x64_sys_openat+0x10/0x10\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n RIP: 0033:0x7f00a703fd67\n Code: 25 00 00 41 00 3d 00 00 41 00 74 37 64 8b 04 25 18 00 00 00 85 c0 75 5b 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 0f 87 85 00 00 00 48 83 c4 68 5d 41 5c c3 0f 1f\n RSP: 002b:00007ffc088e30b0 EFLAGS: 00000246 ORIG_RAX: 0000000000000101\n RAX: ffffffffffffffda RBX: 00007ffc088e3368 RCX: 00007f00a703fd67\n RDX: 0000000000000941 RSI: 00007ffc088e48d7 RDI: 00000000ffffff9c\n RBP: 00007ffc088e48d7 R08: 0000000000000001 R09: 0000000000000000\n R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000941\n R13: 0000000000000000 R14: 00007ffc088e48d7 R15: 00007f00a7180040\n \u003c/TASK\u003e\n\n Allocated by task 181:\n kasan_save_stack+0x2f/0x60\n kasan_set_track+0x29/0x40\n kasan_save_alloc_info+0x25/0x40\n __kasan_kmalloc+0xc5/0xd0\n __kmalloc+0x66/0x160\n ecryptfs_generate_key_packet_set+0x6d2/0xde0\n ecryptfs_write_metadata+0x30a/0x550\n ecryptfs_initialize_file+0x77/0x150\n ecryptfs_create+0x1c2/0x2f0\n path_openat+0x17cf/0x1ba0\n do_filp_open+0x15e/0x290\n do_sys_openat2+0x122/0x160\n __x64_sys_openat+0xef/0x170\n do_syscall_64+0x60/0xd0\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38578",
"url": "https://www.suse.com/security/cve/CVE-2024-38578"
},
{
"category": "external",
"summary": "SUSE Bug 1226634 for CVE-2024-38578",
"url": "https://bugzilla.suse.com/1226634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38578"
},
{
"cve": "CVE-2024-38579",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38579"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: bcm - Fix pointer arithmetic\n\nIn spu2_dump_omd() value of ptr is increased by ciph_key_len\ninstead of hash_iv_len which could lead to going beyond the\nbuffer boundaries.\nFix this bug by changing ciph_key_len to hash_iv_len.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38579",
"url": "https://www.suse.com/security/cve/CVE-2024-38579"
},
{
"category": "external",
"summary": "SUSE Bug 1226637 for CVE-2024-38579",
"url": "https://bugzilla.suse.com/1226637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38579"
},
{
"cve": "CVE-2024-38580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nepoll: be better about file lifetimes\n\nepoll can call out to vfs_poll() with a file pointer that may race with\nthe last \u0027fput()\u0027. That would make f_count go down to zero, and while\nthe ep-\u003emtx locking means that the resulting file pointer tear-down will\nbe blocked until the poll returns, it means that f_count is already\ndead, and any use of it won\u0027t actually get a reference to the file any\nmore: it\u0027s dead regardless.\n\nMake sure we have a valid ref on the file pointer before we call down to\nvfs_poll() from the epoll routines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38580",
"url": "https://www.suse.com/security/cve/CVE-2024-38580"
},
{
"category": "external",
"summary": "SUSE Bug 1226610 for CVE-2024-38580",
"url": "https://bugzilla.suse.com/1226610"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38580"
},
{
"cve": "CVE-2024-38581",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38581"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/mes: fix use-after-free issue\n\nDelete fence fallback timer to fix the ramdom\nuse-after-free issue.\n\nv2: move to amdgpu_mes.c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38581",
"url": "https://www.suse.com/security/cve/CVE-2024-38581"
},
{
"category": "external",
"summary": "SUSE Bug 1226657 for CVE-2024-38581",
"url": "https://bugzilla.suse.com/1226657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38581"
},
{
"cve": "CVE-2024-38582",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38582"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential hang in nilfs_detach_log_writer()\n\nSyzbot has reported a potential hang in nilfs_detach_log_writer() called\nduring nilfs2 unmount.\n\nAnalysis revealed that this is because nilfs_segctor_sync(), which\nsynchronizes with the log writer thread, can be called after\nnilfs_segctor_destroy() terminates that thread, as shown in the call trace\nbelow:\n\nnilfs_detach_log_writer\n nilfs_segctor_destroy\n nilfs_segctor_kill_thread --\u003e Shut down log writer thread\n flush_work\n nilfs_iput_work_func\n nilfs_dispose_list\n iput\n nilfs_evict_inode\n nilfs_transaction_commit\n nilfs_construct_segment (if inode needs sync)\n nilfs_segctor_sync --\u003e Attempt to synchronize with\n log writer thread\n *** DEADLOCK ***\n\nFix this issue by changing nilfs_segctor_sync() so that the log writer\nthread returns normally without synchronizing after it terminates, and by\nforcing tasks that are already waiting to complete once after the thread\nterminates.\n\nThe skipped inode metadata flushout will then be processed together in the\nsubsequent cleanup work in nilfs_segctor_destroy().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38582",
"url": "https://www.suse.com/security/cve/CVE-2024-38582"
},
{
"category": "external",
"summary": "SUSE Bug 1226658 for CVE-2024-38582",
"url": "https://bugzilla.suse.com/1226658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38582"
},
{
"cve": "CVE-2024-38583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38583"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix use-after-free of timer for log writer thread\n\nPatch series \"nilfs2: fix log writer related issues\".\n\nThis bug fix series covers three nilfs2 log writer-related issues,\nincluding a timer use-after-free issue and potential deadlock issue on\nunmount, and a potential freeze issue in event synchronization found\nduring their analysis. Details are described in each commit log.\n\n\nThis patch (of 3):\n\nA use-after-free issue has been reported regarding the timer sc_timer on\nthe nilfs_sc_info structure.\n\nThe problem is that even though it is used to wake up a sleeping log\nwriter thread, sc_timer is not shut down until the nilfs_sc_info structure\nis about to be freed, and is used regardless of the thread\u0027s lifetime.\n\nFix this issue by limiting the use of sc_timer only while the log writer\nthread is alive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38583",
"url": "https://www.suse.com/security/cve/CVE-2024-38583"
},
{
"category": "external",
"summary": "SUSE Bug 1226777 for CVE-2024-38583",
"url": "https://bugzilla.suse.com/1226777"
},
{
"category": "external",
"summary": "SUSE Bug 1227286 for CVE-2024-38583",
"url": "https://bugzilla.suse.com/1227286"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-38583"
},
{
"cve": "CVE-2024-38586",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38586"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nr8169: Fix possible ring buffer corruption on fragmented Tx packets.\n\nAn issue was found on the RTL8125b when transmitting small fragmented\npackets, whereby invalid entries were inserted into the transmit ring\nbuffer, subsequently leading to calls to dma_unmap_single() with a null\naddress.\n\nThis was caused by rtl8169_start_xmit() not noticing changes to nr_frags\nwhich may occur when small packets are padded (to work around hardware\nquirks) in rtl8169_tso_csum_v2().\n\nTo fix this, postpone inspecting nr_frags until after any padding has been\napplied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38586",
"url": "https://www.suse.com/security/cve/CVE-2024-38586"
},
{
"category": "external",
"summary": "SUSE Bug 1226750 for CVE-2024-38586",
"url": "https://bugzilla.suse.com/1226750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38586"
},
{
"cve": "CVE-2024-38587",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38587"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspeakup: Fix sizeof() vs ARRAY_SIZE() bug\n\nThe \"buf\" pointer is an array of u16 values. This code should be\nusing ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),\notherwise it can the still got out of bounds.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38587",
"url": "https://www.suse.com/security/cve/CVE-2024-38587"
},
{
"category": "external",
"summary": "SUSE Bug 1226780 for CVE-2024-38587",
"url": "https://bugzilla.suse.com/1226780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38587"
},
{
"cve": "CVE-2024-38588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38588"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nftrace: Fix possible use-after-free issue in ftrace_location()\n\nKASAN reports a bug:\n\n BUG: KASAN: use-after-free in ftrace_location+0x90/0x120\n Read of size 8 at addr ffff888141d40010 by task insmod/424\n CPU: 8 PID: 424 Comm: insmod Tainted: G W 6.9.0-rc2+\n [...]\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x68/0xa0\n print_report+0xcf/0x610\n kasan_report+0xb5/0xe0\n ftrace_location+0x90/0x120\n register_kprobe+0x14b/0xa40\n kprobe_init+0x2d/0xff0 [kprobe_example]\n do_one_initcall+0x8f/0x2d0\n do_init_module+0x13a/0x3c0\n load_module+0x3082/0x33d0\n init_module_from_file+0xd2/0x130\n __x64_sys_finit_module+0x306/0x440\n do_syscall_64+0x68/0x140\n entry_SYSCALL_64_after_hwframe+0x71/0x79\n\nThe root cause is that, in lookup_rec(), ftrace record of some address\nis being searched in ftrace pages of some module, but those ftrace pages\nat the same time is being freed in ftrace_release_mod() as the\ncorresponding module is being deleted:\n\n CPU1 | CPU2\n register_kprobes() { | delete_module() {\n check_kprobe_address_safe() { |\n arch_check_ftrace_location() { |\n ftrace_location() { |\n lookup_rec() // USE! | ftrace_release_mod() // Free!\n\nTo fix this issue:\n 1. Hold rcu lock as accessing ftrace pages in ftrace_location_range();\n 2. Use ftrace_location_range() instead of lookup_rec() in\n ftrace_location();\n 3. Call synchronize_rcu() before freeing any ftrace pages both in\n ftrace_process_locs()/ftrace_release_mod()/ftrace_free_mem().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38588",
"url": "https://www.suse.com/security/cve/CVE-2024-38588"
},
{
"category": "external",
"summary": "SUSE Bug 1226837 for CVE-2024-38588",
"url": "https://bugzilla.suse.com/1226837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38588"
},
{
"cve": "CVE-2024-38590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Modify the print level of CQE error\n\nToo much print may lead to a panic in kernel. Change ibdev_err() to\nibdev_err_ratelimited(), and change the printing level of cqe dump\nto debug level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38590",
"url": "https://www.suse.com/security/cve/CVE-2024-38590"
},
{
"category": "external",
"summary": "SUSE Bug 1226839 for CVE-2024-38590",
"url": "https://bugzilla.suse.com/1226839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38590"
},
{
"cve": "CVE-2024-38591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/hns: Fix deadlock on SRQ async events.\n\nxa_lock for SRQ table may be required in AEQ. Use xa_store_irq()/\nxa_erase_irq() to avoid deadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38591",
"url": "https://www.suse.com/security/cve/CVE-2024-38591"
},
{
"category": "external",
"summary": "SUSE Bug 1226738 for CVE-2024-38591",
"url": "https://bugzilla.suse.com/1226738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38591"
},
{
"cve": "CVE-2024-38592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mediatek: Init `ddp_comp` with devm_kcalloc()\n\nIn the case where `conn_routes` is true we allocate an extra slot in\nthe `ddp_comp` array but mtk_drm_crtc_create() never seemed to\ninitialize it in the test case I ran. For me, this caused a later\ncrash when we looped through the array in mtk_drm_crtc_mode_valid().\nThis showed up for me when I booted with `slub_debug=FZPUA` which\npoisons the memory initially. Without `slub_debug` I couldn\u0027t\nreproduce, presumably because the later code handles the value being\nNULL and in most cases (not guaranteed in all cases) the memory the\nallocator returned started out as 0.\n\nIt really doesn\u0027t hurt to initialize the array with devm_kcalloc()\nsince the array is small and the overhead of initting a handful of\nelements to 0 is small. In general initting memory to zero is a safer\npractice and usually it\u0027s suggested to only use the non-initting alloc\nfunctions if you really need to.\n\nLet\u0027s switch the function to use an allocation function that zeros the\nmemory. For me, this avoids the crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38592",
"url": "https://www.suse.com/security/cve/CVE-2024-38592"
},
{
"category": "external",
"summary": "SUSE Bug 1226844 for CVE-2024-38592",
"url": "https://bugzilla.suse.com/1226844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38592"
},
{
"cve": "CVE-2024-38594",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38594"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: move the EST lock to struct stmmac_priv\n\nReinitialize the whole EST structure would also reset the mutex\nlock which is embedded in the EST structure, and then trigger\nthe following warning. To address this, move the lock to struct\nstmmac_priv. We also need to reacquire the mutex lock when doing\nthis initialization.\n\nDEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\nWARNING: CPU: 3 PID: 505 at kernel/locking/mutex.c:587 __mutex_lock+0xd84/0x1068\n Modules linked in:\n CPU: 3 PID: 505 Comm: tc Not tainted 6.9.0-rc6-00053-g0106679839f7-dirty #29\n Hardware name: NXP i.MX8MPlus EVK board (DT)\n pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __mutex_lock+0xd84/0x1068\n lr : __mutex_lock+0xd84/0x1068\n sp : ffffffc0864e3570\n x29: ffffffc0864e3570 x28: ffffffc0817bdc78 x27: 0000000000000003\n x26: ffffff80c54f1808 x25: ffffff80c9164080 x24: ffffffc080d723ac\n x23: 0000000000000000 x22: 0000000000000002 x21: 0000000000000000\n x20: 0000000000000000 x19: ffffffc083bc3000 x18: ffffffffffffffff\n x17: ffffffc08117b080 x16: 0000000000000002 x15: ffffff80d2d40000\n x14: 00000000000002da x13: ffffff80d2d404b8 x12: ffffffc082b5a5c8\n x11: ffffffc082bca680 x10: ffffffc082bb2640 x9 : ffffffc082bb2698\n x8 : 0000000000017fe8 x7 : c0000000ffffefff x6 : 0000000000000001\n x5 : ffffff8178fe0d48 x4 : 0000000000000000 x3 : 0000000000000027\n x2 : ffffff8178fe0d50 x1 : 0000000000000000 x0 : 0000000000000000\n Call trace:\n __mutex_lock+0xd84/0x1068\n mutex_lock_nested+0x28/0x34\n tc_setup_taprio+0x118/0x68c\n stmmac_setup_tc+0x50/0xf0\n taprio_change+0x868/0xc9c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38594",
"url": "https://www.suse.com/security/cve/CVE-2024-38594"
},
{
"category": "external",
"summary": "SUSE Bug 1226734 for CVE-2024-38594",
"url": "https://bugzilla.suse.com/1226734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38594"
},
{
"cve": "CVE-2024-38595",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38595"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix peer devlink set for SF representor devlink port\n\nThe cited patch change register devlink flow, and neglect to reflect\nthe changes for peer devlink set logic. Peer devlink set is\ntriggering a call trace if done after devl_register.[1]\n\nHence, align peer devlink set logic with register devlink flow.\n\n[1]\nWARNING: CPU: 4 PID: 3394 at net/devlink/core.c:155 devlink_rel_nested_in_add+0x177/0x180\nCPU: 4 PID: 3394 Comm: kworker/u40:1 Not tainted 6.9.0-rc4_for_linust_min_debug_2024_04_16_14_08 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nWorkqueue: mlx5_vhca_event0 mlx5_vhca_state_work_handler [mlx5_core]\nRIP: 0010:devlink_rel_nested_in_add+0x177/0x180\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x78/0x120\n ? devlink_rel_nested_in_add+0x177/0x180\n ? report_bug+0x16d/0x180\n ? handle_bug+0x3c/0x60\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? devlink_port_init+0x30/0x30\n ? devlink_port_type_clear+0x50/0x50\n ? devlink_rel_nested_in_add+0x177/0x180\n ? devlink_rel_nested_in_add+0xdd/0x180\n mlx5_sf_mdev_event+0x74/0xb0 [mlx5_core]\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_sf_dev_probe+0x185/0x3e0 [mlx5_core]\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc5/0x3a0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x64f/0x860\n __auxiliary_device_add+0x3b/0xa0\n mlx5_sf_dev_add+0x139/0x330 [mlx5_core]\n mlx5_sf_dev_state_change_handler+0x1e4/0x250 [mlx5_core]\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_vhca_state_work_handler+0x151/0x200 [mlx5_core]\n process_one_work+0x13f/0x2e0\n worker_thread+0x2bd/0x3c0\n ? rescuer_thread+0x410/0x410\n kthread+0xc4/0xf0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x2d/0x50\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork_asm+0x11/0x20\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38595",
"url": "https://www.suse.com/security/cve/CVE-2024-38595"
},
{
"category": "external",
"summary": "SUSE Bug 1226741 for CVE-2024-38595",
"url": "https://bugzilla.suse.com/1226741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-38595"
},
{
"cve": "CVE-2024-38597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38597"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neth: sungem: remove .ndo_poll_controller to avoid deadlocks\n\nErhard reports netpoll warnings from sungem:\n\n netpoll_send_skb_on_dev(): eth0 enabled interrupts in poll (gem_start_xmit+0x0/0x398)\n WARNING: CPU: 1 PID: 1 at net/core/netpoll.c:370 netpoll_send_skb+0x1fc/0x20c\n\ngem_poll_controller() disables interrupts, which may sleep.\nWe can\u0027t sleep in netpoll, it has interrupts disabled completely.\nStrangely, gem_poll_controller() doesn\u0027t even poll the completions,\nand instead acts as if an interrupt has fired so it just schedules\nNAPI and exits. None of this has been necessary for years, since\nnetpoll invokes NAPI directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38597",
"url": "https://www.suse.com/security/cve/CVE-2024-38597"
},
{
"category": "external",
"summary": "SUSE Bug 1226749 for CVE-2024-38597",
"url": "https://bugzilla.suse.com/1226749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38597"
},
{
"cve": "CVE-2024-38598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix resync softlockup when bitmap size is less than array size\n\nIs is reported that for dm-raid10, lvextend + lvchange --syncaction will\ntrigger following softlockup:\n\nkernel:watchdog: BUG: soft lockup - CPU#3 stuck for 26s! [mdX_resync:6976]\nCPU: 7 PID: 3588 Comm: mdX_resync Kdump: loaded Not tainted 6.9.0-rc4-next-20240419 #1\nRIP: 0010:_raw_spin_unlock_irq+0x13/0x30\nCall Trace:\n \u003cTASK\u003e\n md_bitmap_start_sync+0x6b/0xf0\n raid10_sync_request+0x25c/0x1b40 [raid10]\n md_do_sync+0x64b/0x1020\n md_thread+0xa7/0x170\n kthread+0xcf/0x100\n ret_from_fork+0x30/0x50\n ret_from_fork_asm+0x1a/0x30\n\nAnd the detailed process is as follows:\n\nmd_do_sync\n j = mddev-\u003eresync_min\n while (j \u003c max_sectors)\n sectors = raid10_sync_request(mddev, j, \u0026skipped)\n if (!md_bitmap_start_sync(..., \u0026sync_blocks))\n // md_bitmap_start_sync set sync_blocks to 0\n return sync_blocks + sectors_skippe;\n // sectors = 0;\n j += sectors;\n // j never change\n\nRoot cause is that commit 301867b1c168 (\"md/raid10: check\nslab-out-of-bounds in md_bitmap_get_counter\") return early from\nmd_bitmap_get_counter(), without setting returned blocks.\n\nFix this problem by always set returned blocks from\nmd_bitmap_get_counter\"(), as it used to be.\n\nNoted that this patch just fix the softlockup problem in kernel, the\ncase that bitmap size doesn\u0027t match array size still need to be fixed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38598",
"url": "https://www.suse.com/security/cve/CVE-2024-38598"
},
{
"category": "external",
"summary": "SUSE Bug 1226757 for CVE-2024-38598",
"url": "https://bugzilla.suse.com/1226757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38598"
},
{
"cve": "CVE-2024-38599",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38599"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njffs2: prevent xattr node from overflowing the eraseblock\n\nAdd a check to make sure that the requested xattr node size is no larger\nthan the eraseblock minus the cleanmarker.\n\nUnlike the usual inode nodes, the xattr nodes aren\u0027t split into parts\nand spread across multiple eraseblocks, which means that a xattr node\nmust not occupy more than one eraseblock. If the requested xattr value is\ntoo large, the xattr node can spill onto the next eraseblock, overwriting\nthe nodes and causing errors such as:\n\njffs2: argh. node added in wrong place at 0x0000b050(2)\njffs2: nextblock 0x0000a000, expected at 0000b00c\njffs2: error: (823) do_verify_xattr_datum: node CRC failed at 0x01e050,\nread=0xfc892c93, calc=0x000000\njffs2: notice: (823) jffs2_get_inode_nodes: Node header CRC failed\nat 0x01e00c. {848f,2fc4,0fef511f,59a3d171}\njffs2: Node at 0x0000000c with length 0x00001044 would run over the\nend of the erase block\njffs2: Perhaps the file system was created with the wrong erase size?\njffs2: jffs2_scan_eraseblock(): Magic bitmask 0x1985 not found\nat 0x00000010: 0x1044 instead\n\nThis breaks the filesystem and can lead to KASAN crashes such as:\n\nBUG: KASAN: slab-out-of-bounds in jffs2_sum_add_kvec+0x125e/0x15d0\nRead of size 4 at addr ffff88802c31e914 by task repro/830\nCPU: 0 PID: 830 Comm: repro Not tainted 6.9.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\nBIOS Arch Linux 1.16.3-1-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc6/0x120\n print_report+0xc4/0x620\n ? __virt_addr_valid+0x308/0x5b0\n kasan_report+0xc1/0xf0\n ? jffs2_sum_add_kvec+0x125e/0x15d0\n ? jffs2_sum_add_kvec+0x125e/0x15d0\n jffs2_sum_add_kvec+0x125e/0x15d0\n jffs2_flash_direct_writev+0xa8/0xd0\n jffs2_flash_writev+0x9c9/0xef0\n ? __x64_sys_setxattr+0xc4/0x160\n ? do_syscall_64+0x69/0x140\n ? entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [...]\n\nFound by Linux Verification Center (linuxtesting.org) with Syzkaller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38599",
"url": "https://www.suse.com/security/cve/CVE-2024-38599"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1226848 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1226848"
},
{
"category": "external",
"summary": "SUSE Bug 1227283 for CVE-2024-38599",
"url": "https://bugzilla.suse.com/1227283"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-38599"
},
{
"cve": "CVE-2024-38600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38600"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: Fix deadlocks with kctl removals at disconnection\n\nIn snd_card_disconnect(), we set card-\u003eshutdown flag at the beginning,\ncall callbacks and do sync for card-\u003epower_ref_sleep waiters at the\nend. The callback may delete a kctl element, and this can lead to a\ndeadlock when the device was in the suspended state. Namely:\n\n* A process waits for the power up at snd_power_ref_and_wait() in\n snd_ctl_info() or read/write() inside card-\u003econtrols_rwsem.\n\n* The system gets disconnected meanwhile, and the driver tries to\n delete a kctl via snd_ctl_remove*(); it tries to take\n card-\u003econtrols_rwsem again, but this is already locked by the\n above. Since the sleeper isn\u0027t woken up, this deadlocks.\n\nAn easy fix is to wake up sleepers before processing the driver\ndisconnect callbacks but right after setting the card-\u003eshutdown flag.\nThen all sleepers will abort immediately, and the code flows again.\n\nSo, basically this patch moves the wait_event() call at the right\ntiming. While we\u0027re at it, just to be sure, call wait_event_all()\ninstead of wait_event(), although we don\u0027t use exclusive events on\nthis queue for now.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38600",
"url": "https://www.suse.com/security/cve/CVE-2024-38600"
},
{
"category": "external",
"summary": "SUSE Bug 1226864 for CVE-2024-38600",
"url": "https://bugzilla.suse.com/1226864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38600"
},
{
"cve": "CVE-2024-38601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nring-buffer: Fix a race between readers and resize checks\n\nThe reader code in rb_get_reader_page() swaps a new reader page into the\nring buffer by doing cmpxchg on old-\u003elist.prev-\u003enext to point it to the\nnew page. Following that, if the operation is successful,\nold-\u003elist.next-\u003eprev gets updated too. This means the underlying\ndoubly-linked list is temporarily inconsistent, page-\u003eprev-\u003enext or\npage-\u003enext-\u003eprev might not be equal back to page for some page in the\nring buffer.\n\nThe resize operation in ring_buffer_resize() can be invoked in parallel.\nIt calls rb_check_pages() which can detect the described inconsistency\nand stop further tracing:\n\n[ 190.271762] ------------[ cut here ]------------\n[ 190.271771] WARNING: CPU: 1 PID: 6186 at kernel/trace/ring_buffer.c:1467 rb_check_pages.isra.0+0x6a/0xa0\n[ 190.271789] Modules linked in: [...]\n[ 190.271991] Unloaded tainted modules: intel_uncore_frequency(E):1 skx_edac(E):1\n[ 190.272002] CPU: 1 PID: 6186 Comm: cmd.sh Kdump: loaded Tainted: G E 6.9.0-rc6-default #5 158d3e1e6d0b091c34c3b96bfd99a1c58306d79f\n[ 190.272011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.0-0-gd239552c-rebuilt.opensuse.org 04/01/2014\n[ 190.272015] RIP: 0010:rb_check_pages.isra.0+0x6a/0xa0\n[ 190.272023] Code: [...]\n[ 190.272028] RSP: 0018:ffff9c37463abb70 EFLAGS: 00010206\n[ 190.272034] RAX: ffff8eba04b6cb80 RBX: 0000000000000007 RCX: ffff8eba01f13d80\n[ 190.272038] RDX: ffff8eba01f130c0 RSI: ffff8eba04b6cd00 RDI: ffff8eba0004c700\n[ 190.272042] RBP: ffff8eba0004c700 R08: 0000000000010002 R09: 0000000000000000\n[ 190.272045] R10: 00000000ffff7f52 R11: ffff8eba7f600000 R12: ffff8eba0004c720\n[ 190.272049] R13: ffff8eba00223a00 R14: 0000000000000008 R15: ffff8eba067a8000\n[ 190.272053] FS: 00007f1bd64752c0(0000) GS:ffff8eba7f680000(0000) knlGS:0000000000000000\n[ 190.272057] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 190.272061] CR2: 00007f1bd6662590 CR3: 000000010291e001 CR4: 0000000000370ef0\n[ 190.272070] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 190.272073] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 190.272077] Call Trace:\n[ 190.272098] \u003cTASK\u003e\n[ 190.272189] ring_buffer_resize+0x2ab/0x460\n[ 190.272199] __tracing_resize_ring_buffer.part.0+0x23/0xa0\n[ 190.272206] tracing_resize_ring_buffer+0x65/0x90\n[ 190.272216] tracing_entries_write+0x74/0xc0\n[ 190.272225] vfs_write+0xf5/0x420\n[ 190.272248] ksys_write+0x67/0xe0\n[ 190.272256] do_syscall_64+0x82/0x170\n[ 190.272363] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 190.272373] RIP: 0033:0x7f1bd657d263\n[ 190.272381] Code: [...]\n[ 190.272385] RSP: 002b:00007ffe72b643f8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 190.272391] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f1bd657d263\n[ 190.272395] RDX: 0000000000000002 RSI: 0000555a6eb538e0 RDI: 0000000000000001\n[ 190.272398] RBP: 0000555a6eb538e0 R08: 000000000000000a R09: 0000000000000000\n[ 190.272401] R10: 0000555a6eb55190 R11: 0000000000000246 R12: 00007f1bd6662500\n[ 190.272404] R13: 0000000000000002 R14: 00007f1bd6667c00 R15: 0000000000000002\n[ 190.272412] \u003c/TASK\u003e\n[ 190.272414] ---[ end trace 0000000000000000 ]---\n\nNote that ring_buffer_resize() calls rb_check_pages() only if the parent\ntrace_buffer has recording disabled. Recent commit d78ab792705c\n(\"tracing: Stop current tracer when resizing buffer\") causes that it is\nnow always the case which makes it more likely to experience this issue.\n\nThe window to hit this race is nonetheless very small. To help\nreproducing it, one can add a delay loop in rb_get_reader_page():\n\n ret = rb_head_page_replace(reader, cpu_buffer-\u003ereader_page);\n if (!ret)\n \tgoto spin;\n for (unsigned i = 0; i \u003c 1U \u003c\u003c 26; i++) /* inserted delay loop */\n \t__asm__ __volatile__ (\"\" : : : \"memory\");\n rb_list_head(reader-\u003elist.next)-\u003eprev = \u0026cpu_buffer-\u003ereader_page-\u003elist;\n\n.. \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38601",
"url": "https://www.suse.com/security/cve/CVE-2024-38601"
},
{
"category": "external",
"summary": "SUSE Bug 1226876 for CVE-2024-38601",
"url": "https://bugzilla.suse.com/1226876"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38601"
},
{
"cve": "CVE-2024-38602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38602"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix reference count leak issues of ax25_dev\n\nThe ax25_addr_ax25dev() and ax25_dev_device_down() exist a reference\ncount leak issue of the object \"ax25_dev\".\n\nMemory leak issue in ax25_addr_ax25dev():\n\nThe reference count of the object \"ax25_dev\" can be increased multiple\ntimes in ax25_addr_ax25dev(). This will cause a memory leak.\n\nMemory leak issues in ax25_dev_device_down():\n\nThe reference count of ax25_dev is set to 1 in ax25_dev_device_up() and\nthen increase the reference count when ax25_dev is added to ax25_dev_list.\nAs a result, the reference count of ax25_dev is 2. But when the device is\nshutting down. The ax25_dev_device_down() drops the reference count once\nor twice depending on if we goto unlock_put or not, which will cause\nmemory leak.\n\nAs for the issue of ax25_addr_ax25dev(), it is impossible for one pointer\nto be on a list twice. So add a break in ax25_addr_ax25dev(). As for the\nissue of ax25_dev_device_down(), increase the reference count of ax25_dev\nonce in ax25_dev_device_up() and decrease the reference count of ax25_dev\nafter it is removed from the ax25_dev_list.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38602",
"url": "https://www.suse.com/security/cve/CVE-2024-38602"
},
{
"category": "external",
"summary": "SUSE Bug 1226613 for CVE-2024-38602",
"url": "https://bugzilla.suse.com/1226613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38602"
},
{
"cve": "CVE-2024-38603",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38603"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: hns3: Actually use devm_add_action_or_reset()\n\npci_alloc_irq_vectors() allocates an irq vector. When devm_add_action()\nfails, the irq vector is not freed, which leads to a memory leak.\n\nReplace the devm_add_action with devm_add_action_or_reset to ensure\nthe irq vector can be destroyed when it fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38603",
"url": "https://www.suse.com/security/cve/CVE-2024-38603"
},
{
"category": "external",
"summary": "SUSE Bug 1226842 for CVE-2024-38603",
"url": "https://bugzilla.suse.com/1226842"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38603"
},
{
"cve": "CVE-2024-38604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: refine the EOF check in blkdev_iomap_begin\n\nblkdev_iomap_begin rounds down the offset to the logical block size\nbefore stashing it in iomap-\u003eoffset and checking that it still is\ninside the inode size.\n\nCheck the i_size check to the raw pos value so that we don\u0027t try a\nzero size write if iter-\u003epos is unaligned.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38604",
"url": "https://www.suse.com/security/cve/CVE-2024-38604"
},
{
"category": "external",
"summary": "SUSE Bug 1226866 for CVE-2024-38604",
"url": "https://bugzilla.suse.com/1226866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38604"
},
{
"cve": "CVE-2024-38605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: core: Fix NULL module pointer assignment at card init\n\nThe commit 81033c6b584b (\"ALSA: core: Warn on empty module\")\nintroduced a WARN_ON() for a NULL module pointer passed at snd_card\nobject creation, and it also wraps the code around it with \u0027#ifdef\nMODULE\u0027. This works in most cases, but the devils are always in\ndetails. \"MODULE\" is defined when the target code (i.e. the sound\ncore) is built as a module; but this doesn\u0027t mean that the caller is\nalso built-in or not. Namely, when only the sound core is built-in\n(CONFIG_SND=y) while the driver is a module (CONFIG_SND_USB_AUDIO=m),\nthe passed module pointer is ignored even if it\u0027s non-NULL, and\ncard-\u003emodule remains as NULL. This would result in the missing module\nreference up/down at the device open/close, leading to a race with the\ncode execution after the module removal.\n\nFor addressing the bug, move the assignment of card-\u003emodule again out\nof ifdef. The WARN_ON() is still wrapped with ifdef because the\nmodule can be really NULL when all sound drivers are built-in.\n\nNote that we keep \u0027ifdef MODULE\u0027 for WARN_ON(), otherwise it would\nlead to a false-positive NULL module check. Admittedly it won\u0027t catch\nperfectly, i.e. no check is performed when CONFIG_SND=y. But, it\u0027s no\nreal problem as it\u0027s only for debugging, and the condition is pretty\nrare.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38605",
"url": "https://www.suse.com/security/cve/CVE-2024-38605"
},
{
"category": "external",
"summary": "SUSE Bug 1226740 for CVE-2024-38605",
"url": "https://bugzilla.suse.com/1226740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38605"
},
{
"cve": "CVE-2024-38608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix netif state handling\n\nmlx5e_suspend cleans resources only if netif_device_present() returns\ntrue. However, mlx5e_resume changes the state of netif, via\nmlx5e_nic_enable, only if reg_state == NETREG_REGISTERED.\nIn the below case, the above leads to NULL-ptr Oops[1] and memory\nleaks:\n\nmlx5e_probe\n _mlx5e_resume\n mlx5e_attach_netdev\n mlx5e_nic_enable \u003c-- netdev not reg, not calling netif_device_attach()\n register_netdev \u003c-- failed for some reason.\nERROR_FLOW:\n _mlx5e_suspend \u003c-- netif_device_present return false, resources aren\u0027t freed :(\n\nHence, clean resources in this case as well.\n\n[1]\nBUG: kernel NULL pointer dereference, address: 0000000000000000\nPGD 0 P4D 0\nOops: 0010 [#1] SMP\nCPU: 2 PID: 9345 Comm: test-ovs-ct-gen Not tainted 6.5.0_for_upstream_min_debug_2023_09_05_16_01 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nRIP: 0010:0x0\nCode: Unable to access opcode bytes at0xffffffffffffffd6.\nRSP: 0018:ffff888178aaf758 EFLAGS: 00010246\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x20/0x60\n ? page_fault_oops+0x14c/0x3c0\n ? exc_page_fault+0x75/0x140\n ? asm_exc_page_fault+0x22/0x30\n notifier_call_chain+0x35/0xb0\n blocking_notifier_call_chain+0x3d/0x60\n mlx5_blocking_notifier_call_chain+0x22/0x30 [mlx5_core]\n mlx5_core_uplink_netdev_event_replay+0x3e/0x60 [mlx5_core]\n mlx5_mdev_netdev_track+0x53/0x60 [mlx5_ib]\n mlx5_ib_roce_init+0xc3/0x340 [mlx5_ib]\n __mlx5_ib_add+0x34/0xd0 [mlx5_ib]\n mlx5r_probe+0xe1/0x210 [mlx5_ib]\n ? auxiliary_match_id+0x6a/0x90\n auxiliary_bus_probe+0x38/0x80\n ? driver_sysfs_add+0x51/0x80\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n bus_probe_device+0x86/0xa0\n device_add+0x637/0x840\n __auxiliary_device_add+0x3b/0xa0\n add_adev+0xc9/0x140 [mlx5_core]\n mlx5_rescan_drivers_locked+0x22a/0x310 [mlx5_core]\n mlx5_register_device+0x53/0xa0 [mlx5_core]\n mlx5_init_one_devl_locked+0x5c4/0x9c0 [mlx5_core]\n mlx5_init_one+0x3b/0x60 [mlx5_core]\n probe_one+0x44c/0x730 [mlx5_core]\n local_pci_probe+0x3e/0x90\n pci_device_probe+0xbf/0x210\n ? kernfs_create_link+0x5d/0xa0\n ? sysfs_do_create_link_sd+0x60/0xc0\n really_probe+0xc9/0x3e0\n ? driver_probe_device+0x90/0x90\n __driver_probe_device+0x80/0x160\n driver_probe_device+0x1e/0x90\n __device_attach_driver+0x7d/0x100\n bus_for_each_drv+0x80/0xd0\n __device_attach+0xbc/0x1f0\n pci_bus_add_device+0x54/0x80\n pci_iov_add_virtfn+0x2e6/0x320\n sriov_enable+0x208/0x420\n mlx5_core_sriov_configure+0x9e/0x200 [mlx5_core]\n sriov_numvfs_store+0xae/0x1a0\n kernfs_fop_write_iter+0x10c/0x1a0\n vfs_write+0x291/0x3c0\n ksys_write+0x5f/0xe0\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n CR2: 0000000000000000\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38608",
"url": "https://www.suse.com/security/cve/CVE-2024-38608"
},
{
"category": "external",
"summary": "SUSE Bug 1226746 for CVE-2024-38608",
"url": "https://bugzilla.suse.com/1226746"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38608"
},
{
"cve": "CVE-2024-38610",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38610"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map()\n\nPatch series \"mm: follow_pte() improvements and acrn follow_pte() fixes\".\n\nPatch #1 fixes a bunch of issues I spotted in the acrn driver. It\ncompiles, that\u0027s all I know. I\u0027ll appreciate some review and testing from\nacrn folks.\n\nPatch #2+#3 improve follow_pte(), passing a VMA instead of the MM, adding\nmore sanity checks, and improving the documentation. Gave it a quick test\non x86-64 using VM_PAT that ends up using follow_pte().\n\n\nThis patch (of 3):\n\nWe currently miss handling various cases, resulting in a dangerous\nfollow_pte() (previously follow_pfn()) usage.\n\n(1) We\u0027re not checking PTE write permissions.\n\nMaybe we should simply always require pte_write() like we do for\npin_user_pages_fast(FOLL_WRITE)? Hard to tell, so let\u0027s check for\nACRN_MEM_ACCESS_WRITE for now.\n\n(2) We\u0027re not rejecting refcounted pages.\n\nAs we are not using MMU notifiers, messing with refcounted pages is\ndangerous and can result in use-after-free. Let\u0027s make sure to reject them.\n\n(3) We are only looking at the first PTE of a bigger range.\n\nWe only lookup a single PTE, but memmap-\u003elen may span a larger area.\nLet\u0027s loop over all involved PTEs and make sure the PFN range is\nactually contiguous. Reject everything else: it couldn\u0027t have worked\neither way, and rather made use access PFNs we shouldn\u0027t be accessing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38610",
"url": "https://www.suse.com/security/cve/CVE-2024-38610"
},
{
"category": "external",
"summary": "SUSE Bug 1226758 for CVE-2024-38610",
"url": "https://bugzilla.suse.com/1226758"
},
{
"category": "external",
"summary": "SUSE Bug 1227284 for CVE-2024-38610",
"url": "https://bugzilla.suse.com/1227284"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-38610"
},
{
"cve": "CVE-2024-38611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38611"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: i2c: et8ek8: Don\u0027t strip remove function when driver is builtin\n\nUsing __exit for the remove function results in the remove callback\nbeing discarded with CONFIG_VIDEO_ET8EK8=y. When such a device gets\nunbound (e.g. using sysfs or hotplug), the driver is just removed\nwithout the cleanup being performed. This results in resource leaks. Fix\nit by compiling in the remove callback unconditionally.\n\nThis also fixes a W=1 modpost warning:\n\n\tWARNING: modpost: drivers/media/i2c/et8ek8/et8ek8: section mismatch in reference: et8ek8_i2c_driver+0x10 (section: .data) -\u003e et8ek8_remove (section: .exit.text)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38611",
"url": "https://www.suse.com/security/cve/CVE-2024-38611"
},
{
"category": "external",
"summary": "SUSE Bug 1226760 for CVE-2024-38611",
"url": "https://bugzilla.suse.com/1226760"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38611"
},
{
"cve": "CVE-2024-38615",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38615"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: exit() callback is optional\n\nThe exit() callback is optional and shouldn\u0027t be called without checking\na valid pointer first.\n\nAlso, we must clear freq_table pointer even if the exit() callback isn\u0027t\npresent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38615",
"url": "https://www.suse.com/security/cve/CVE-2024-38615"
},
{
"category": "external",
"summary": "SUSE Bug 1226592 for CVE-2024-38615",
"url": "https://bugzilla.suse.com/1226592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38615"
},
{
"cve": "CVE-2024-38616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: carl9170: re-fix fortified-memset warning\n\nThe carl9170_tx_release() function sometimes triggers a fortified-memset\nwarning in my randconfig builds:\n\nIn file included from include/linux/string.h:254,\n from drivers/net/wireless/ath/carl9170/tx.c:40:\nIn function \u0027fortify_memset_chk\u0027,\n inlined from \u0027carl9170_tx_release\u0027 at drivers/net/wireless/ath/carl9170/tx.c:283:2,\n inlined from \u0027kref_put\u0027 at include/linux/kref.h:65:3,\n inlined from \u0027carl9170_tx_put_skb\u0027 at drivers/net/wireless/ath/carl9170/tx.c:342:9:\ninclude/linux/fortify-string.h:493:25: error: call to \u0027__write_overflow_field\u0027 declared with attribute warning: detected write beyond size of field (1st parameter); maybe use struct_group()? [-Werror=attribute-warning]\n 493 | __write_overflow_field(p_size_field, size);\n\nKees previously tried to avoid this by using memset_after(), but it seems\nthis does not fully address the problem. I noticed that the memset_after()\nhere is done on a different part of the union (status) than the original\ncast was from (rate_driver_data), which may confuse the compiler.\n\nUnfortunately, the memset_after() trick does not work on driver_rates[]\nbecause that is part of an anonymous struct, and I could not get\nstruct_group() to do this either. Using two separate memset() calls\non the two members does address the warning though.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38616",
"url": "https://www.suse.com/security/cve/CVE-2024-38616"
},
{
"category": "external",
"summary": "SUSE Bug 1226852 for CVE-2024-38616",
"url": "https://bugzilla.suse.com/1226852"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38616"
},
{
"cve": "CVE-2024-38617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38617"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkunit/fortify: Fix mismatched kvalloc()/vfree() usage\n\nThe kv*() family of tests were accidentally freeing with vfree() instead\nof kvfree(). Use kvfree() instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38617",
"url": "https://www.suse.com/security/cve/CVE-2024-38617"
},
{
"category": "external",
"summary": "SUSE Bug 1226859 for CVE-2024-38617",
"url": "https://bugzilla.suse.com/1226859"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38617"
},
{
"cve": "CVE-2024-38618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: timer: Set lower bound of start tick time\n\nCurrently ALSA timer doesn\u0027t have the lower limit of the start tick\ntime, and it allows a very small size, e.g. 1 tick with 1ns resolution\nfor hrtimer. Such a situation may lead to an unexpected RCU stall,\nwhere the callback repeatedly queuing the expire update, as reported\nby fuzzer.\n\nThis patch introduces a sanity check of the timer start tick time, so\nthat the system returns an error when a too small start size is set.\nAs of this patch, the lower limit is hard-coded to 100us, which is\nsmall enough but can still work somehow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38618",
"url": "https://www.suse.com/security/cve/CVE-2024-38618"
},
{
"category": "external",
"summary": "SUSE Bug 1226754 for CVE-2024-38618",
"url": "https://bugzilla.suse.com/1226754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38618"
},
{
"cve": "CVE-2024-38619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38619"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb-storage: alauda: Check whether the media is initialized\n\nThe member \"uzonesize\" of struct alauda_info will remain 0\nif alauda_init_media() fails, potentially causing divide errors\nin alauda_read_data() and alauda_write_lba().\n- Add a member \"media_initialized\" to struct alauda_info.\n- Change a condition in alauda_check_media() to ensure the\n first initialization.\n- Add an error check for the return value of alauda_init_media().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38619",
"url": "https://www.suse.com/security/cve/CVE-2024-38619"
},
{
"category": "external",
"summary": "SUSE Bug 1226861 for CVE-2024-38619",
"url": "https://bugzilla.suse.com/1226861"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38619"
},
{
"cve": "CVE-2024-38621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38621"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: stk1160: fix bounds checking in stk1160_copy_video()\n\nThe subtract in this condition is reversed. The -\u003elength is the length\nof the buffer. The -\u003ebytesused is how many bytes we have copied thus\nfar. When the condition is reversed that means the result of the\nsubtraction is always negative but since it\u0027s unsigned then the result\nis a very high positive value. That means the overflow check is never\ntrue.\n\nAdditionally, the -\u003ebytesused doesn\u0027t actually work for this purpose\nbecause we\u0027re not writing to \"buf-\u003emem + buf-\u003ebytesused\". Instead, the\nmath to calculate the destination where we are writing is a bit\ninvolved. You calculate the number of full lines already written,\nmultiply by two, skip a line if necessary so that we start on an odd\nnumbered line, and add the offset into the line.\n\nTo fix this buffer overflow, just take the actual destination where we\nare writing, if the offset is already out of bounds print an error and\nreturn. Otherwise, write up to buf-\u003elength bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38621",
"url": "https://www.suse.com/security/cve/CVE-2024-38621"
},
{
"category": "external",
"summary": "SUSE Bug 1226895 for CVE-2024-38621",
"url": "https://bugzilla.suse.com/1226895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38621"
},
{
"cve": "CVE-2024-38622",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38622"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/dpu: Add callback function pointer check before its call\n\nIn dpu_core_irq_callback_handler() callback function pointer is compared to NULL,\nbut then callback function is unconditionally called by this pointer.\nFix this bug by adding conditional return.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\nPatchwork: https://patchwork.freedesktop.org/patch/588237/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38622",
"url": "https://www.suse.com/security/cve/CVE-2024-38622"
},
{
"category": "external",
"summary": "SUSE Bug 1226856 for CVE-2024-38622",
"url": "https://bugzilla.suse.com/1226856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38622"
},
{
"cve": "CVE-2024-38627",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38627"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstm class: Fix a double free in stm_register_device()\n\nThe put_device(\u0026stm-\u003edev) call will trigger stm_device_release() which\nfrees \"stm\" so the vfree(stm) on the next line is a double free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38627",
"url": "https://www.suse.com/security/cve/CVE-2024-38627"
},
{
"category": "external",
"summary": "SUSE Bug 1226857 for CVE-2024-38627",
"url": "https://bugzilla.suse.com/1226857"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38627"
},
{
"cve": "CVE-2024-38628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38628"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind.\n\nHang on to the control IDs instead of pointers since those are correctly\nhandled with locks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38628",
"url": "https://www.suse.com/security/cve/CVE-2024-38628"
},
{
"category": "external",
"summary": "SUSE Bug 1226911 for CVE-2024-38628",
"url": "https://bugzilla.suse.com/1226911"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38628"
},
{
"cve": "CVE-2024-38629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Avoid unnecessary destruction of file_ida\n\nfile_ida is allocated during cdev open and is freed accordingly\nduring cdev release. This sequence is guaranteed by driver file\noperations. Therefore, there is no need to destroy an already empty\nfile_ida when the WQ cdev is removed.\n\nWorse, ida_free() in cdev release may happen after destruction of\nfile_ida per WQ cdev. This can lead to accessing an id in file_ida\nafter it has been destroyed, resulting in a kernel panic.\n\nRemove ida_destroy(\u0026file_ida) to address these issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38629",
"url": "https://www.suse.com/security/cve/CVE-2024-38629"
},
{
"category": "external",
"summary": "SUSE Bug 1226905 for CVE-2024-38629",
"url": "https://bugzilla.suse.com/1226905"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38629"
},
{
"cve": "CVE-2024-38630",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38630"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwatchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger\n\nWhen the cpu5wdt module is removing, the origin code uses del_timer() to\nde-activate the timer. If the timer handler is running, del_timer() could\nnot stop it and will return directly. If the port region is released by\nrelease_region() and then the timer handler cpu5wdt_trigger() calls outb()\nto write into the region that is released, the use-after-free bug will\nhappen.\n\nChange del_timer() to timer_shutdown_sync() in order that the timer handler\ncould be finished before the port region is released.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38630",
"url": "https://www.suse.com/security/cve/CVE-2024-38630"
},
{
"category": "external",
"summary": "SUSE Bug 1226908 for CVE-2024-38630",
"url": "https://bugzilla.suse.com/1226908"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38630"
},
{
"cve": "CVE-2024-38633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38633"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Update uart_driver_registered on driver removal\n\nThe removal of the last MAX3100 device triggers the removal of\nthe driver. However, code doesn\u0027t update the respective global\nvariable and after insmod \u2014 rmmod \u2014 insmod cycle the kernel\noopses:\n\n max3100 spi-PRP0001:01: max3100_probe: adding port 0\n BUG: kernel NULL pointer dereference, address: 0000000000000408\n ...\n RIP: 0010:serial_core_register_port+0xa0/0x840\n ...\n max3100_probe+0x1b6/0x280 [max3100]\n spi_probe+0x8d/0xb0\n\nUpdate the actual state so next time UART driver will be registered\nagain.\n\nHugo also noticed, that the error path in the probe also affected\nby having the variable set, and not cleared. Instead of clearing it\nmove the assignment after the successfull uart_register_driver() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38633",
"url": "https://www.suse.com/security/cve/CVE-2024-38633"
},
{
"category": "external",
"summary": "SUSE Bug 1226867 for CVE-2024-38633",
"url": "https://bugzilla.suse.com/1226867"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38633"
},
{
"cve": "CVE-2024-38634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38634"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max3100: Lock port-\u003elock when calling uart_handle_cts_change()\n\nuart_handle_cts_change() has to be called with port lock taken,\nSince we run it in a separate work, the lock may not be taken at\nthe time of running. Make sure that it\u0027s taken by explicitly doing\nthat. Without it we got a splat:\n\n WARNING: CPU: 0 PID: 10 at drivers/tty/serial/serial_core.c:3491 uart_handle_cts_change+0xa6/0xb0\n ...\n Workqueue: max3100-0 max3100_work [max3100]\n RIP: 0010:uart_handle_cts_change+0xa6/0xb0\n ...\n max3100_handlerx+0xc5/0x110 [max3100]\n max3100_work+0x12a/0x340 [max3100]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38634",
"url": "https://www.suse.com/security/cve/CVE-2024-38634"
},
{
"category": "external",
"summary": "SUSE Bug 1226868 for CVE-2024-38634",
"url": "https://bugzilla.suse.com/1226868"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38634"
},
{
"cve": "CVE-2024-38635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoundwire: cadence: fix invalid PDI offset\n\nFor some reason, we add an offset to the PDI, presumably to skip the\nPDI0 and PDI1 which are reserved for BPT.\n\nThis code is however completely wrong and leads to an out-of-bounds\naccess. We were just lucky so far since we used only a couple of PDIs\nand remained within the PDI array bounds.\n\nA Fixes: tag is not provided since there are no known platforms where\nthe out-of-bounds would be accessed, and the initial code had problems\nas well.\n\nA follow-up patch completely removes this useless offset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38635",
"url": "https://www.suse.com/security/cve/CVE-2024-38635"
},
{
"category": "external",
"summary": "SUSE Bug 1226863 for CVE-2024-38635",
"url": "https://bugzilla.suse.com/1226863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38635"
},
{
"cve": "CVE-2024-38636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38636"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nf2fs: multidev: fix to recognize valid zero block address\n\nAs reported by Yi Zhang in mailing list [1], kernel warning was catched\nduring zbd/010 test as below:\n\n./check zbd/010\nzbd/010 (test gap zone support with F2FS) [failed]\n runtime ... 3.752s\n something found in dmesg:\n [ 4378.146781] run blktests zbd/010 at 2024-02-18 11:31:13\n [ 4378.192349] null_blk: module loaded\n [ 4378.209860] null_blk: disk nullb0 created\n [ 4378.413285] scsi_debug:sdebug_driver_probe: scsi_debug: trim\npoll_queues to 0. poll_q/nr_hw = (0/1)\n [ 4378.422334] scsi host15: scsi_debug: version 0191 [20210520]\n dev_size_mb=1024, opts=0x0, submit_queues=1, statistics=0\n [ 4378.434922] scsi 15:0:0:0: Direct-Access-ZBC Linux\nscsi_debug 0191 PQ: 0 ANSI: 7\n [ 4378.443343] scsi 15:0:0:0: Power-on or device reset occurred\n [ 4378.449371] sd 15:0:0:0: Attached scsi generic sg5 type 20\n [ 4378.449418] sd 15:0:0:0: [sdf] Host-managed zoned block device\n ...\n (See \u0027/mnt/tests/gitlab.com/api/v4/projects/19168116/repository/archive.zip/storage/blktests/blk/blktests/results/nodev/zbd/010.dmesg\u0027\n\nWARNING: CPU: 22 PID: 44011 at fs/iomap/iter.c:51\nCPU: 22 PID: 44011 Comm: fio Not tainted 6.8.0-rc3+ #1\nRIP: 0010:iomap_iter+0x32b/0x350\nCall Trace:\n \u003cTASK\u003e\n __iomap_dio_rw+0x1df/0x830\n f2fs_file_read_iter+0x156/0x3d0 [f2fs]\n aio_read+0x138/0x210\n io_submit_one+0x188/0x8c0\n __x64_sys_io_submit+0x8c/0x1a0\n do_syscall_64+0x86/0x170\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nShinichiro Kawasaki helps to analyse this issue and proposes a potential\nfixing patch in [2].\n\nQuoted from reply of Shinichiro Kawasaki:\n\n\"I confirmed that the trigger commit is dbf8e63f48af as Yi reported. I took a\nlook in the commit, but it looks fine to me. So I thought the cause is not\nin the commit diff.\n\nI found the WARN is printed when the f2fs is set up with multiple devices,\nand read requests are mapped to the very first block of the second device in the\ndirect read path. In this case, f2fs_map_blocks() and f2fs_map_blocks_cached()\nmodify map-\u003em_pblk as the physical block address from each block device. It\nbecomes zero when it is mapped to the first block of the device. However,\nf2fs_iomap_begin() assumes that map-\u003em_pblk is the physical block address of the\nwhole f2fs, across the all block devices. It compares map-\u003em_pblk against\nNULL_ADDR == 0, then go into the unexpected branch and sets the invalid\niomap-\u003elength. The WARN catches the invalid iomap-\u003elength.\n\nThis WARN is printed even for non-zoned block devices, by following steps.\n\n - Create two (non-zoned) null_blk devices memory backed with 128MB size each:\n nullb0 and nullb1.\n # mkfs.f2fs /dev/nullb0 -c /dev/nullb1\n # mount -t f2fs /dev/nullb0 \"${mount_dir}\"\n # dd if=/dev/zero of=\"${mount_dir}/test.dat\" bs=1M count=192\n # dd if=\"${mount_dir}/test.dat\" of=/dev/null bs=1M count=192 iflag=direct\n\n...\"\n\nSo, the root cause of this issue is: when multi-devices feature is on,\nf2fs_map_blocks() may return zero blkaddr in non-primary device, which is\na verified valid block address, however, f2fs_iomap_begin() treats it as\nan invalid block address, and then it triggers the warning in iomap\nframework code.\n\nFinally, as discussed, we decide to use a more simple and direct way that\nchecking (map.m_flags \u0026 F2FS_MAP_MAPPED) condition instead of\n(map.m_pblk != NULL_ADDR) to fix this issue.\n\nThanks a lot for the effort of Yi Zhang and Shinichiro Kawasaki on this\nissue.\n\n[1] https://lore.kernel.org/linux-f2fs-devel/CAHj4cs-kfojYC9i0G73PRkYzcxCTex=-vugRFeP40g_URGvnfQ@mail.gmail.com/\n[2] https://lore.kernel.org/linux-f2fs-devel/gngdj77k4picagsfdtiaa7gpgnup6fsgwzsltx6milmhegmjff@iax2n4wvrqye/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38636",
"url": "https://www.suse.com/security/cve/CVE-2024-38636"
},
{
"category": "external",
"summary": "SUSE Bug 1226879 for CVE-2024-38636",
"url": "https://bugzilla.suse.com/1226879"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38636"
},
{
"cve": "CVE-2024-38659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nenic: Validate length of nl attributes in enic_set_vf_port\n\nenic_set_vf_port assumes that the nl attribute IFLA_PORT_PROFILE\nis of length PORT_PROFILE_MAX and that the nl attributes\nIFLA_PORT_INSTANCE_UUID, IFLA_PORT_HOST_UUID are of length PORT_UUID_MAX.\nThese attributes are validated (in the function do_setlink in rtnetlink.c)\nusing the nla_policy ifla_port_policy. The policy defines IFLA_PORT_PROFILE\nas NLA_STRING, IFLA_PORT_INSTANCE_UUID as NLA_BINARY and\nIFLA_PORT_HOST_UUID as NLA_STRING. That means that the length validation\nusing the policy is for the max size of the attributes and not on exact\nsize so the length of these attributes might be less than the sizes that\nenic_set_vf_port expects. This might cause an out of bands\nread access in the memcpys of the data of these\nattributes in enic_set_vf_port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38659",
"url": "https://www.suse.com/security/cve/CVE-2024-38659"
},
{
"category": "external",
"summary": "SUSE Bug 1226883 for CVE-2024-38659",
"url": "https://bugzilla.suse.com/1226883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38659"
},
{
"cve": "CVE-2024-38661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/ap: Fix crash in AP internal function modify_bitmap()\n\nA system crash like this\n\n Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403\n Fault in home space mode while using kernel ASCE.\n AS:00000002d71bc007 R3:00000003fe5b8007 S:000000011a446000 P:000000015660c13d\n Oops: 0038 ilc:3 [#1] PREEMPT SMP\n Modules linked in: mlx5_ib ...\n CPU: 8 PID: 7556 Comm: bash Not tainted 6.9.0-rc7 #8\n Hardware name: IBM 3931 A01 704 (LPAR)\n Krnl PSW : 0704e00180000000 0000014b75e7b606 (ap_parse_bitmap_str+0x10e/0x1f8)\n R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:2 PM:0 RI:0 EA:3\n Krnl GPRS: 0000000000000001 ffffffffffffffc0 0000000000000001 00000048f96b75d3\n 000000cb00000100 ffffffffffffffff ffffffffffffffff 000000cb7df6fce0\n 000000cb7df6fce0 00000000ffffffff 000000000000002b 00000048ffffffff\n 000003ff9b2dbc80 200000cb7df6fcd8 0000014bffffffc0 000000cb7df6fbc8\n Krnl Code: 0000014b75e7b5fc: a7840047 brc 8,0000014b75e7b68a\n 0000014b75e7b600: 18b2 lr %r11,%r2\n #0000014b75e7b602: a7f4000a brc 15,0000014b75e7b616\n \u003e0000014b75e7b606: eb22d00000e6 laog %r2,%r2,0(%r13)\n 0000014b75e7b60c: a7680001 lhi %r6,1\n 0000014b75e7b610: 187b lr %r7,%r11\n 0000014b75e7b612: 84960021 brxh %r9,%r6,0000014b75e7b654\n 0000014b75e7b616: 18e9 lr %r14,%r9\n Call Trace:\n [\u003c0000014b75e7b606\u003e] ap_parse_bitmap_str+0x10e/0x1f8\n ([\u003c0000014b75e7b5dc\u003e] ap_parse_bitmap_str+0xe4/0x1f8)\n [\u003c0000014b75e7b758\u003e] apmask_store+0x68/0x140\n [\u003c0000014b75679196\u003e] kernfs_fop_write_iter+0x14e/0x1e8\n [\u003c0000014b75598524\u003e] vfs_write+0x1b4/0x448\n [\u003c0000014b7559894c\u003e] ksys_write+0x74/0x100\n [\u003c0000014b7618a440\u003e] __do_syscall+0x268/0x328\n [\u003c0000014b761a3558\u003e] system_call+0x70/0x98\n INFO: lockdep is turned off.\n Last Breaking-Event-Address:\n [\u003c0000014b75e7b636\u003e] ap_parse_bitmap_str+0x13e/0x1f8\n Kernel panic - not syncing: Fatal exception: panic_on_oops\n\noccured when /sys/bus/ap/a[pq]mask was updated with a relative mask value\n(like +0x10-0x12,+60,-90) with one of the numeric values exceeding INT_MAX.\n\nThe fix is simple: use unsigned long values for the internal variables. The\ncorrect checks are already in place in the function but a simple int for\nthe internal variables was used with the possibility to overflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38661",
"url": "https://www.suse.com/security/cve/CVE-2024-38661"
},
{
"category": "external",
"summary": "SUSE Bug 1226996 for CVE-2024-38661",
"url": "https://bugzilla.suse.com/1226996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38661"
},
{
"cve": "CVE-2024-38663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: fix list corruption from resetting io stat\n\nSince commit 3b8cc6298724 (\"blk-cgroup: Optimize blkcg_rstat_flush()\"),\neach iostat instance is added to blkcg percpu list, so blkcg_reset_stats()\ncan\u0027t reset the stat instance by memset(), otherwise the llist may be\ncorrupted.\n\nFix the issue by only resetting the counter part.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38663",
"url": "https://www.suse.com/security/cve/CVE-2024-38663"
},
{
"category": "external",
"summary": "SUSE Bug 1226939 for CVE-2024-38663",
"url": "https://bugzilla.suse.com/1226939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38663"
},
{
"cve": "CVE-2024-38664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: zynqmp_dpsub: Always register bridge\n\nWe must always register the DRM bridge, since zynqmp_dp_hpd_work_func\ncalls drm_bridge_hpd_notify, which in turn expects hpd_mutex to be\ninitialized. We do this before zynqmp_dpsub_drm_init since that calls\ndrm_bridge_attach. This fixes the following lockdep warning:\n\n[ 19.217084] ------------[ cut here ]------------\n[ 19.227530] DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n[ 19.227768] WARNING: CPU: 0 PID: 140 at kernel/locking/mutex.c:582 __mutex_lock+0x4bc/0x550\n[ 19.241696] Modules linked in:\n[ 19.244937] CPU: 0 PID: 140 Comm: kworker/0:4 Not tainted 6.6.20+ #96\n[ 19.252046] Hardware name: xlnx,zynqmp (DT)\n[ 19.256421] Workqueue: events zynqmp_dp_hpd_work_func\n[ 19.261795] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 19.269104] pc : __mutex_lock+0x4bc/0x550\n[ 19.273364] lr : __mutex_lock+0x4bc/0x550\n[ 19.277592] sp : ffffffc085c5bbe0\n[ 19.281066] x29: ffffffc085c5bbe0 x28: 0000000000000000 x27: ffffff88009417f8\n[ 19.288624] x26: ffffff8800941788 x25: ffffff8800020008 x24: ffffffc082aa3000\n[ 19.296227] x23: ffffffc080d90e3c x22: 0000000000000002 x21: 0000000000000000\n[ 19.303744] x20: 0000000000000000 x19: ffffff88002f5210 x18: 0000000000000000\n[ 19.311295] x17: 6c707369642e3030 x16: 3030613464662072 x15: 0720072007200720\n[ 19.318922] x14: 0000000000000000 x13: 284e4f5f4e524157 x12: 0000000000000001\n[ 19.326442] x11: 0001ffc085c5b940 x10: 0001ff88003f388b x9 : 0001ff88003f3888\n[ 19.334003] x8 : 0001ff88003f3888 x7 : 0000000000000000 x6 : 0000000000000000\n[ 19.341537] x5 : 0000000000000000 x4 : 0000000000001668 x3 : 0000000000000000\n[ 19.349054] x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffffff88003f3880\n[ 19.356581] Call trace:\n[ 19.359160] __mutex_lock+0x4bc/0x550\n[ 19.363032] mutex_lock_nested+0x24/0x30\n[ 19.367187] drm_bridge_hpd_notify+0x2c/0x6c\n[ 19.371698] zynqmp_dp_hpd_work_func+0x44/0x54\n[ 19.376364] process_one_work+0x3ac/0x988\n[ 19.380660] worker_thread+0x398/0x694\n[ 19.384736] kthread+0x1bc/0x1c0\n[ 19.388241] ret_from_fork+0x10/0x20\n[ 19.392031] irq event stamp: 183\n[ 19.395450] hardirqs last enabled at (183): [\u003cffffffc0800b9278\u003e] finish_task_switch.isra.0+0xa8/0x2d4\n[ 19.405140] hardirqs last disabled at (182): [\u003cffffffc081ad3754\u003e] __schedule+0x714/0xd04\n[ 19.413612] softirqs last enabled at (114): [\u003cffffffc080133de8\u003e] srcu_invoke_callbacks+0x158/0x23c\n[ 19.423128] softirqs last disabled at (110): [\u003cffffffc080133de8\u003e] srcu_invoke_callbacks+0x158/0x23c\n[ 19.432614] ---[ end trace 0000000000000000 ]---\n\n(cherry picked from commit 61ba791c4a7a09a370c45b70a81b8c7d4cf6b2ae)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38664",
"url": "https://www.suse.com/security/cve/CVE-2024-38664"
},
{
"category": "external",
"summary": "SUSE Bug 1226941 for CVE-2024-38664",
"url": "https://bugzilla.suse.com/1226941"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38664"
},
{
"cve": "CVE-2024-38780",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-38780"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf/sw-sync: don\u0027t enable IRQ from sync_print_obj()\n\nSince commit a6aa8fca4d79 (\"dma-buf/sw-sync: Reduce irqsave/irqrestore from\nknown context\") by error replaced spin_unlock_irqrestore() with\nspin_unlock_irq() for both sync_debugfs_show() and sync_print_obj() despite\nsync_print_obj() is called from sync_debugfs_show(), lockdep complains\ninconsistent lock state warning.\n\nUse plain spin_{lock,unlock}() for sync_print_obj(), for\nsync_debugfs_show() is already using spin_{lock,unlock}_irq().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-38780",
"url": "https://www.suse.com/security/cve/CVE-2024-38780"
},
{
"category": "external",
"summary": "SUSE Bug 1226886 for CVE-2024-38780",
"url": "https://bugzilla.suse.com/1226886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-38780"
},
{
"cve": "CVE-2024-39276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39276"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix mb_cache_entry\u0027s e_refcnt leak in ext4_xattr_block_cache_find()\n\nSyzbot reports a warning as follows:\n\n============================================\nWARNING: CPU: 0 PID: 5075 at fs/mbcache.c:419 mb_cache_destroy+0x224/0x290\nModules linked in:\nCPU: 0 PID: 5075 Comm: syz-executor199 Not tainted 6.9.0-rc6-gb947cc5bf6d7\nRIP: 0010:mb_cache_destroy+0x224/0x290 fs/mbcache.c:419\nCall Trace:\n \u003cTASK\u003e\n ext4_put_super+0x6d4/0xcd0 fs/ext4/super.c:1375\n generic_shutdown_super+0x136/0x2d0 fs/super.c:641\n kill_block_super+0x44/0x90 fs/super.c:1675\n ext4_kill_sb+0x68/0xa0 fs/ext4/super.c:7327\n[...]\n============================================\n\nThis is because when finding an entry in ext4_xattr_block_cache_find(), if\next4_sb_bread() returns -ENOMEM, the ce\u0027s e_refcnt, which has already grown\nin the __entry_find(), won\u0027t be put away, and eventually trigger the above\nissue in mb_cache_destroy() due to reference count leakage.\n\nSo call mb_cache_entry_put() on the -ENOMEM error branch as a quick fix.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39276",
"url": "https://www.suse.com/security/cve/CVE-2024-39276"
},
{
"category": "external",
"summary": "SUSE Bug 1226993 for CVE-2024-39276",
"url": "https://bugzilla.suse.com/1226993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39276"
},
{
"cve": "CVE-2024-39277",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39277"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-mapping: benchmark: handle NUMA_NO_NODE correctly\n\ncpumask_of_node() can be called for NUMA_NO_NODE inside do_map_benchmark()\nresulting in the following sanitizer report:\n\nUBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28\nindex -1 is out of range for type \u0027cpumask [64][1]\u0027\nCPU: 1 PID: 990 Comm: dma_map_benchma Not tainted 6.9.0-rc6 #29\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996)\nCall Trace:\n \u003cTASK\u003e\ndump_stack_lvl (lib/dump_stack.c:117)\nubsan_epilogue (lib/ubsan.c:232)\n__ubsan_handle_out_of_bounds (lib/ubsan.c:429)\ncpumask_of_node (arch/x86/include/asm/topology.h:72) [inline]\ndo_map_benchmark (kernel/dma/map_benchmark.c:104)\nmap_benchmark_ioctl (kernel/dma/map_benchmark.c:246)\nfull_proxy_unlocked_ioctl (fs/debugfs/file.c:333)\n__x64_sys_ioctl (fs/ioctl.c:890)\ndo_syscall_64 (arch/x86/entry/common.c:83)\nentry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nUse cpumask_of_node() in place when binding a kernel thread to a cpuset\nof a particular node.\n\nNote that the provided node id is checked inside map_benchmark_ioctl().\nIt\u0027s just a NUMA_NO_NODE case which is not handled properly later.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39277",
"url": "https://www.suse.com/security/cve/CVE-2024-39277"
},
{
"category": "external",
"summary": "SUSE Bug 1226909 for CVE-2024-39277",
"url": "https://bugzilla.suse.com/1226909"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39277"
},
{
"cve": "CVE-2024-39291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39291"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode()\n\nThe function gfx_v9_4_3_init_microcode in gfx_v9_4_3.c was generating\nabout potential truncation of output when using the snprintf function.\nThe issue was due to the size of the buffer \u0027ucode_prefix\u0027 being too\nsmall to accommodate the maximum possible length of the string being\nwritten into it.\n\nThe string being written is \"amdgpu/%s_mec.bin\" or \"amdgpu/%s_rlc.bin\",\nwhere %s is replaced by the value of \u0027chip_name\u0027. The length of this\nstring without the %s is 16 characters. The warning message indicated\nthat \u0027chip_name\u0027 could be up to 29 characters long, resulting in a total\nof 45 characters, which exceeds the buffer size of 30 characters.\n\nTo resolve this issue, the size of the \u0027ucode_prefix\u0027 buffer has been\nreduced from 30 to 15. This ensures that the maximum possible length of\nthe string being written into the buffer will not exceed its size, thus\npreventing potential buffer overflow and truncation issues.\n\nFixes the below with gcc W=1:\ndrivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c: In function \u0027gfx_v9_4_3_early_init\u0027:\ndrivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:379:52: warning: \u0027%s\u0027 directive output may be truncated writing up to 29 bytes into a region of size 23 [-Wformat-truncation=]\n 379 | snprintf(fw_name, sizeof(fw_name), \"amdgpu/%s_rlc.bin\", chip_name);\n | ^~\n......\n 439 | r = gfx_v9_4_3_init_rlc_microcode(adev, ucode_prefix);\n | ~~~~~~~~~~~~\ndrivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:379:9: note: \u0027snprintf\u0027 output between 16 and 45 bytes into a destination of size 30\n 379 | snprintf(fw_name, sizeof(fw_name), \"amdgpu/%s_rlc.bin\", chip_name);\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\ndrivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:413:52: warning: \u0027%s\u0027 directive output may be truncated writing up to 29 bytes into a region of size 23 [-Wformat-truncation=]\n 413 | snprintf(fw_name, sizeof(fw_name), \"amdgpu/%s_mec.bin\", chip_name);\n | ^~\n......\n 443 | r = gfx_v9_4_3_init_cp_compute_microcode(adev, ucode_prefix);\n | ~~~~~~~~~~~~\ndrivers/gpu/drm/amd/amdgpu/gfx_v9_4_3.c:413:9: note: \u0027snprintf\u0027 output between 16 and 45 bytes into a destination of size 30\n 413 | snprintf(fw_name, sizeof(fw_name), \"amdgpu/%s_mec.bin\", chip_name);\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39291",
"url": "https://www.suse.com/security/cve/CVE-2024-39291"
},
{
"category": "external",
"summary": "SUSE Bug 1226934 for CVE-2024-39291",
"url": "https://bugzilla.suse.com/1226934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39291"
},
{
"cve": "CVE-2024-39296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: fix oops during rmmod\n\n\"rmmod bonding\" causes an oops ever since commit cc317ea3d927 (\"bonding:\nremove redundant NULL check in debugfs function\"). Here are the relevant\nfunctions being called:\n\nbonding_exit()\n bond_destroy_debugfs()\n debugfs_remove_recursive(bonding_debug_root);\n bonding_debug_root = NULL; \u003c--------- SET TO NULL HERE\n bond_netlink_fini()\n rtnl_link_unregister()\n __rtnl_link_unregister()\n unregister_netdevice_many_notify()\n bond_uninit()\n bond_debug_unregister()\n (commit removed check for bonding_debug_root == NULL)\n debugfs_remove()\n simple_recursive_removal()\n down_write() -\u003e OOPS\n\nHowever, reverting the bad commit does not solve the problem completely\nbecause the original code contains a race that could cause the same\noops, although it was much less likely to be triggered unintentionally:\n\nCPU1\n rmmod bonding\n bonding_exit()\n bond_destroy_debugfs()\n debugfs_remove_recursive(bonding_debug_root);\n\nCPU2\n echo -bond0 \u003e /sys/class/net/bonding_masters\n bond_uninit()\n bond_debug_unregister()\n if (!bonding_debug_root)\n\nCPU1\n bonding_debug_root = NULL;\n\nSo do NOT revert the bad commit (since the removed checks were racy\nanyway), and instead change the order of actions taken during module\nremoval. The same oops can also happen if there is an error during\nmodule init, so apply the same fix there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39296",
"url": "https://www.suse.com/security/cve/CVE-2024-39296"
},
{
"category": "external",
"summary": "SUSE Bug 1226989 for CVE-2024-39296",
"url": "https://bugzilla.suse.com/1226989"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39296"
},
{
"cve": "CVE-2024-39301",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39301"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/9p: fix uninit-value in p9_client_rpc()\n\nSyzbot with the help of KMSAN reported the following error:\n\nBUG: KMSAN: uninit-value in trace_9p_client_res include/trace/events/9p.h:146 [inline]\nBUG: KMSAN: uninit-value in p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n trace_9p_client_res include/trace/events/9p.h:146 [inline]\n p9_client_rpc+0x1314/0x1340 net/9p/client.c:754\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n __alloc_pages+0x9d6/0xe70 mm/page_alloc.c:4598\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n alloc_slab_page mm/slub.c:2175 [inline]\n allocate_slab mm/slub.c:2338 [inline]\n new_slab+0x2de/0x1400 mm/slub.c:2391\n ___slab_alloc+0x1184/0x33d0 mm/slub.c:3525\n __slab_alloc mm/slub.c:3610 [inline]\n __slab_alloc_node mm/slub.c:3663 [inline]\n slab_alloc_node mm/slub.c:3835 [inline]\n kmem_cache_alloc+0x6d3/0xbe0 mm/slub.c:3852\n p9_tag_alloc net/9p/client.c:278 [inline]\n p9_client_prepare_req+0x20a/0x1770 net/9p/client.c:641\n p9_client_rpc+0x27e/0x1340 net/9p/client.c:688\n p9_client_create+0x1551/0x1ff0 net/9p/client.c:1031\n v9fs_session_init+0x1b9/0x28e0 fs/9p/v9fs.c:410\n v9fs_mount+0xe2/0x12b0 fs/9p/vfs_super.c:122\n legacy_get_tree+0x114/0x290 fs/fs_context.c:662\n vfs_get_tree+0xa7/0x570 fs/super.c:1797\n do_new_mount+0x71f/0x15e0 fs/namespace.c:3352\n path_mount+0x742/0x1f20 fs/namespace.c:3679\n do_mount fs/namespace.c:3692 [inline]\n __do_sys_mount fs/namespace.c:3898 [inline]\n __se_sys_mount+0x725/0x810 fs/namespace.c:3875\n __x64_sys_mount+0xe4/0x150 fs/namespace.c:3875\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nIf p9_check_errors() fails early in p9_client_rpc(), req-\u003erc.tag\nwill not be properly initialized. However, trace_9p_client_res()\nends up trying to print it out anyway before p9_client_rpc()\nfinishes.\n\nFix this issue by assigning default values to p9_fcall fields\nsuch as \u0027tag\u0027 and (just in case KMSAN unearths something new) \u0027id\u0027\nduring the tag allocation stage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39301",
"url": "https://www.suse.com/security/cve/CVE-2024-39301"
},
{
"category": "external",
"summary": "SUSE Bug 1226994 for CVE-2024-39301",
"url": "https://bugzilla.suse.com/1226994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39301"
},
{
"cve": "CVE-2024-39362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39362"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39362",
"url": "https://www.suse.com/security/cve/CVE-2024-39362"
},
{
"category": "external",
"summary": "SUSE Bug 1226995 for CVE-2024-39362",
"url": "https://bugzilla.suse.com/1226995"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39362"
},
{
"cve": "CVE-2024-39371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39371"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: check for non-NULL file pointer in io_file_can_poll()\n\nIn earlier kernels, it was possible to trigger a NULL pointer\ndereference off the forced async preparation path, if no file had\nbeen assigned. The trace leading to that looks as follows:\n\nBUG: kernel NULL pointer dereference, address: 00000000000000b0\nPGD 0 P4D 0\nOops: 0000 [#1] PREEMPT SMP\nCPU: 67 PID: 1633 Comm: buf-ring-invali Not tainted 6.8.0-rc3+ #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS unknown 2/2/2022\nRIP: 0010:io_buffer_select+0xc3/0x210\nCode: 00 00 48 39 d1 0f 82 ae 00 00 00 48 81 4b 48 00 00 01 00 48 89 73 70 0f b7 50 0c 66 89 53 42 85 ed 0f 85 d2 00 00 00 48 8b 13 \u003c48\u003e 8b 92 b0 00 00 00 48 83 7a 40 00 0f 84 21 01 00 00 4c 8b 20 5b\nRSP: 0018:ffffb7bec38c7d88 EFLAGS: 00010246\nRAX: ffff97af2be61000 RBX: ffff97af234f1700 RCX: 0000000000000040\nRDX: 0000000000000000 RSI: ffff97aecfb04820 RDI: ffff97af234f1700\nRBP: 0000000000000000 R08: 0000000000200030 R09: 0000000000000020\nR10: ffffb7bec38c7dc8 R11: 000000000000c000 R12: ffffb7bec38c7db8\nR13: ffff97aecfb05800 R14: ffff97aecfb05800 R15: ffff97af2be5e000\nFS: 00007f852f74b740(0000) GS:ffff97b1eeec0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00000000000000b0 CR3: 000000016deab005 CR4: 0000000000370ef0\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x1f/0x60\n ? page_fault_oops+0x14d/0x420\n ? do_user_addr_fault+0x61/0x6a0\n ? exc_page_fault+0x6c/0x150\n ? asm_exc_page_fault+0x22/0x30\n ? io_buffer_select+0xc3/0x210\n __io_import_iovec+0xb5/0x120\n io_readv_prep_async+0x36/0x70\n io_queue_sqe_fallback+0x20/0x260\n io_submit_sqes+0x314/0x630\n __do_sys_io_uring_enter+0x339/0xbc0\n ? __do_sys_io_uring_register+0x11b/0xc50\n ? vm_mmap_pgoff+0xce/0x160\n do_syscall_64+0x5f/0x180\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\nRIP: 0033:0x55e0a110a67e\nCode: ba cc 00 00 00 45 31 c0 44 0f b6 92 d0 00 00 00 31 d2 41 b9 08 00 00 00 41 83 e2 01 41 c1 e2 04 41 09 c2 b8 aa 01 00 00 0f 05 \u003cc3\u003e 90 89 30 eb a9 0f 1f 40 00 48 8b 42 20 8b 00 a8 06 75 af 85 f6\n\nbecause the request is marked forced ASYNC and has a bad file fd, and\nhence takes the forced async prep path.\n\nCurrent kernels with the request async prep cleaned up can no longer hit\nthis issue, but for ease of backporting, let\u0027s add this safety check in\nhere too as it really doesn\u0027t hurt. For both cases, this will inevitably\nend with a CQE posted with -EBADF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39371",
"url": "https://www.suse.com/security/cve/CVE-2024-39371"
},
{
"category": "external",
"summary": "SUSE Bug 1226990 for CVE-2024-39371",
"url": "https://bugzilla.suse.com/1226990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39371"
},
{
"cve": "CVE-2024-39463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39463"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p: add missing locking around taking dentry fid list\n\nFix a use-after-free on dentry\u0027s d_fsdata fid list when a thread\nlooks up a fid through dentry while another thread unlinks it:\n\nUAF thread:\nrefcount_t: addition on 0; use-after-free.\n p9_fid_get linux/./include/net/9p/client.h:262\n v9fs_fid_find+0x236/0x280 linux/fs/9p/fid.c:129\n v9fs_fid_lookup_with_uid linux/fs/9p/fid.c:181\n v9fs_fid_lookup+0xbf/0xc20 linux/fs/9p/fid.c:314\n v9fs_vfs_getattr_dotl+0xf9/0x360 linux/fs/9p/vfs_inode_dotl.c:400\n vfs_statx+0xdd/0x4d0 linux/fs/stat.c:248\n\nFreed by:\n p9_fid_destroy (inlined)\n p9_client_clunk+0xb0/0xe0 linux/net/9p/client.c:1456\n p9_fid_put linux/./include/net/9p/client.h:278\n v9fs_dentry_release+0xb5/0x140 linux/fs/9p/vfs_dentry.c:55\n v9fs_remove+0x38f/0x620 linux/fs/9p/vfs_inode.c:518\n vfs_unlink+0x29a/0x810 linux/fs/namei.c:4335\n\nThe problem is that d_fsdata was not accessed under d_lock, because\nd_release() normally is only called once the dentry is otherwise no\nlonger accessible but since we also call it explicitly in v9fs_remove\nthat lock is required:\nmove the hlist out of the dentry under lock then unref its fids once\nthey are no longer accessible.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39463",
"url": "https://www.suse.com/security/cve/CVE-2024-39463"
},
{
"category": "external",
"summary": "SUSE Bug 1227090 for CVE-2024-39463",
"url": "https://bugzilla.suse.com/1227090"
},
{
"category": "external",
"summary": "SUSE Bug 1227091 for CVE-2024-39463",
"url": "https://bugzilla.suse.com/1227091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-39463"
},
{
"cve": "CVE-2024-39466",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39466"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal/drivers/qcom/lmh: Check for SCM availability at probe\n\nUp until now, the necessary scm availability check has not been\nperformed, leading to possible null pointer dereferences (which did\nhappen for me on RB1).\n\nFix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39466",
"url": "https://www.suse.com/security/cve/CVE-2024-39466"
},
{
"category": "external",
"summary": "SUSE Bug 1227089 for CVE-2024-39466",
"url": "https://bugzilla.suse.com/1227089"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39466"
},
{
"cve": "CVE-2024-39468",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39468"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix deadlock in smb2_find_smb_tcon()\n\nUnlock cifs_tcp_ses_lock before calling cifs_put_smb_ses() to avoid such\ndeadlock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39468",
"url": "https://www.suse.com/security/cve/CVE-2024-39468"
},
{
"category": "external",
"summary": "SUSE Bug 1227103 for CVE-2024-39468",
"url": "https://bugzilla.suse.com/1227103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39468"
},
{
"cve": "CVE-2024-39469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors\n\nThe error handling in nilfs_empty_dir() when a directory folio/page read\nfails is incorrect, as in the old ext2 implementation, and if the\nfolio/page cannot be read or nilfs_check_folio() fails, it will falsely\ndetermine the directory as empty and corrupt the file system.\n\nIn addition, since nilfs_empty_dir() does not immediately return on a\nfailed folio/page read, but continues to loop, this can cause a long loop\nwith I/O if i_size of the directory\u0027s inode is also corrupted, causing the\nlog writer thread to wait and hang, as reported by syzbot.\n\nFix these issues by making nilfs_empty_dir() immediately return a false\nvalue (0) if it fails to get a directory folio/page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39469",
"url": "https://www.suse.com/security/cve/CVE-2024-39469"
},
{
"category": "external",
"summary": "SUSE Bug 1226992 for CVE-2024-39469",
"url": "https://bugzilla.suse.com/1226992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39469"
},
{
"cve": "CVE-2024-39471",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39471"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: add error handle to avoid out-of-bounds\n\nif the sdma_v4_0_irq_id_to_seq return -EINVAL, the process should\nbe stop to avoid out-of-bounds read, so directly return -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39471",
"url": "https://www.suse.com/security/cve/CVE-2024-39471"
},
{
"category": "external",
"summary": "SUSE Bug 1227096 for CVE-2024-39471",
"url": "https://bugzilla.suse.com/1227096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39471"
},
{
"cve": "CVE-2024-39472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix log recovery buffer allocation for the legacy h_size fixup\n\nCommit a70f9fe52daa (\"xfs: detect and handle invalid iclog size set by\nmkfs\") added a fixup for incorrect h_size values used for the initial\numount record in old xfsprogs versions. Later commit 0c771b99d6c9\n(\"xfs: clean up calculation of LR header blocks\") cleaned up the log\nreover buffer calculation, but stoped using the fixed up h_size value\nto size the log recovery buffer, which can lead to an out of bounds\naccess when the incorrect h_size does not come from the old mkfs\ntool, but a fuzzer.\n\nFix this by open coding xlog_logrec_hblks and taking the fixed h_size\ninto account for this calculation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39472",
"url": "https://www.suse.com/security/cve/CVE-2024-39472"
},
{
"category": "external",
"summary": "SUSE Bug 1227432 for CVE-2024-39472",
"url": "https://bugzilla.suse.com/1227432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39472"
},
{
"cve": "CVE-2024-39473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension\n\nIf a process module does not have base config extension then the same\nformat applies to all of it\u0027s inputs and the process-\u003ebase_config_ext is\nNULL, causing NULL dereference when specifically crafted topology and\nsequences used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39473",
"url": "https://www.suse.com/security/cve/CVE-2024-39473"
},
{
"category": "external",
"summary": "SUSE Bug 1227433 for CVE-2024-39473",
"url": "https://bugzilla.suse.com/1227433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39473"
},
{
"cve": "CVE-2024-39474",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39474"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL\n\ncommit a421ef303008 (\"mm: allow !GFP_KERNEL allocations for kvmalloc\")\nincludes support for __GFP_NOFAIL, but it presents a conflict with commit\ndd544141b9eb (\"vmalloc: back off when the current task is OOM-killed\"). A\npossible scenario is as follows:\n\nprocess-a\n__vmalloc_node_range(GFP_KERNEL | __GFP_NOFAIL)\n __vmalloc_area_node()\n vm_area_alloc_pages()\n\t\t--\u003e oom-killer send SIGKILL to process-a\n if (fatal_signal_pending(current)) break;\n--\u003e return NULL;\n\nTo fix this, do not check fatal_signal_pending() in vm_area_alloc_pages()\nif __GFP_NOFAIL set.\n\nThis issue occurred during OPLUS KASAN TEST. Below is part of the log\n-\u003e oom-killer sends signal to process\n[65731.222840] [ T1308] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/apps/uid_10198,task=gs.intelligence,pid=32454,uid=10198\n\n[65731.259685] [T32454] Call trace:\n[65731.259698] [T32454] dump_backtrace+0xf4/0x118\n[65731.259734] [T32454] show_stack+0x18/0x24\n[65731.259756] [T32454] dump_stack_lvl+0x60/0x7c\n[65731.259781] [T32454] dump_stack+0x18/0x38\n[65731.259800] [T32454] mrdump_common_die+0x250/0x39c [mrdump]\n[65731.259936] [T32454] ipanic_die+0x20/0x34 [mrdump]\n[65731.260019] [T32454] atomic_notifier_call_chain+0xb4/0xfc\n[65731.260047] [T32454] notify_die+0x114/0x198\n[65731.260073] [T32454] die+0xf4/0x5b4\n[65731.260098] [T32454] die_kernel_fault+0x80/0x98\n[65731.260124] [T32454] __do_kernel_fault+0x160/0x2a8\n[65731.260146] [T32454] do_bad_area+0x68/0x148\n[65731.260174] [T32454] do_mem_abort+0x151c/0x1b34\n[65731.260204] [T32454] el1_abort+0x3c/0x5c\n[65731.260227] [T32454] el1h_64_sync_handler+0x54/0x90\n[65731.260248] [T32454] el1h_64_sync+0x68/0x6c\n\n[65731.260269] [T32454] z_erofs_decompress_queue+0x7f0/0x2258\n--\u003e be-\u003edecompressed_pages = kvcalloc(be-\u003enr_pages, sizeof(struct page *), GFP_KERNEL | __GFP_NOFAIL);\n\tkernel panic by NULL pointer dereference.\n\terofs assume kvmalloc with __GFP_NOFAIL never return NULL.\n[65731.260293] [T32454] z_erofs_runqueue+0xf30/0x104c\n[65731.260314] [T32454] z_erofs_readahead+0x4f0/0x968\n[65731.260339] [T32454] read_pages+0x170/0xadc\n[65731.260364] [T32454] page_cache_ra_unbounded+0x874/0xf30\n[65731.260388] [T32454] page_cache_ra_order+0x24c/0x714\n[65731.260411] [T32454] filemap_fault+0xbf0/0x1a74\n[65731.260437] [T32454] __do_fault+0xd0/0x33c\n[65731.260462] [T32454] handle_mm_fault+0xf74/0x3fe0\n[65731.260486] [T32454] do_mem_abort+0x54c/0x1b34\n[65731.260509] [T32454] el0_da+0x44/0x94\n[65731.260531] [T32454] el0t_64_sync_handler+0x98/0xb4\n[65731.260553] [T32454] el0t_64_sync+0x198/0x19c",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39474",
"url": "https://www.suse.com/security/cve/CVE-2024-39474"
},
{
"category": "external",
"summary": "SUSE Bug 1227434 for CVE-2024-39474",
"url": "https://bugzilla.suse.com/1227434"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39474"
},
{
"cve": "CVE-2024-39475",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39475"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbdev: savage: Handle err return when savagefb_check_var failed\n\nThe commit 04e5eac8f3ab(\"fbdev: savage: Error out if pixclock equals zero\")\nchecks the value of pixclock to avoid divide-by-zero error. However\nthe function savagefb_probe doesn\u0027t handle the error return of\nsavagefb_check_var. When pixclock is 0, it will cause divide-by-zero error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39475",
"url": "https://www.suse.com/security/cve/CVE-2024-39475"
},
{
"category": "external",
"summary": "SUSE Bug 1227435 for CVE-2024-39475",
"url": "https://bugzilla.suse.com/1227435"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39475"
},
{
"cve": "CVE-2024-39479",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39479"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/hwmon: Get rid of devm\n\nWhen both hwmon and hwmon drvdata (on which hwmon depends) are device\nmanaged resources, the expectation, on device unbind, is that hwmon will be\nreleased before drvdata. However, in i915 there are two separate code\npaths, which both release either drvdata or hwmon and either can be\nreleased before the other. These code paths (for device unbind) are as\nfollows (see also the bug referenced below):\n\nCall Trace:\nrelease_nodes+0x11/0x70\ndevres_release_group+0xb2/0x110\ncomponent_unbind_all+0x8d/0xa0\ncomponent_del+0xa5/0x140\nintel_pxp_tee_component_fini+0x29/0x40 [i915]\nintel_pxp_fini+0x33/0x80 [i915]\ni915_driver_remove+0x4c/0x120 [i915]\ni915_pci_remove+0x19/0x30 [i915]\npci_device_remove+0x32/0xa0\ndevice_release_driver_internal+0x19c/0x200\nunbind_store+0x9c/0xb0\n\nand\n\nCall Trace:\nrelease_nodes+0x11/0x70\ndevres_release_all+0x8a/0xc0\ndevice_unbind_cleanup+0x9/0x70\ndevice_release_driver_internal+0x1c1/0x200\nunbind_store+0x9c/0xb0\n\nThis means that in i915, if use devm, we cannot gurantee that hwmon will\nalways be released before drvdata. Which means that we have a uaf if hwmon\nsysfs is accessed when drvdata has been released but hwmon hasn\u0027t.\n\nThe only way out of this seems to be do get rid of devm_ and release/free\neverything explicitly during device unbind.\n\nv2: Change commit message and other minor code changes\nv3: Cleanup from i915_hwmon_register on error (Armin Wolf)\nv4: Eliminate potential static analyzer warning (Rodrigo)\n Eliminate fetch_and_zero (Jani)\nv5: Restore previous logic for ddat_gt-\u003ehwmon_dev error return (Andi)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39479",
"url": "https://www.suse.com/security/cve/CVE-2024-39479"
},
{
"category": "external",
"summary": "SUSE Bug 1227443 for CVE-2024-39479",
"url": "https://bugzilla.suse.com/1227443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39479"
},
{
"cve": "CVE-2024-39481",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39481"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mc: Fix graph walk in media_pipeline_start\n\nThe graph walk tries to follow all links, even if they are not between\npads. This causes a crash with, e.g. a MEDIA_LNK_FL_ANCILLARY_LINK link.\n\nFix this by allowing the walk to proceed only for MEDIA_LNK_FL_DATA_LINK\nlinks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39481",
"url": "https://www.suse.com/security/cve/CVE-2024-39481"
},
{
"category": "external",
"summary": "SUSE Bug 1227446 for CVE-2024-39481",
"url": "https://bugzilla.suse.com/1227446"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39481"
},
{
"cve": "CVE-2024-39482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39482"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: fix variable length array abuse in btree_iter\n\nbtree_iter is used in two ways: either allocated on the stack with a\nfixed size MAX_BSETS, or from a mempool with a dynamic size based on the\nspecific cache set. Previously, the struct had a fixed-length array of\nsize MAX_BSETS which was indexed out-of-bounds for the dynamically-sized\niterators, which causes UBSAN to complain.\n\nThis patch uses the same approach as in bcachefs\u0027s sort_iter and splits\nthe iterator into a btree_iter with a flexible array member and a\nbtree_iter_stack which embeds a btree_iter as well as a fixed-length\ndata array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39482",
"url": "https://www.suse.com/security/cve/CVE-2024-39482"
},
{
"category": "external",
"summary": "SUSE Bug 1227447 for CVE-2024-39482",
"url": "https://bugzilla.suse.com/1227447"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39482"
},
{
"cve": "CVE-2024-39487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39487"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: Fix out-of-bounds read in bond_option_arp_ip_targets_set()\n\nIn function bond_option_arp_ip_targets_set(), if newval-\u003estring is an\nempty string, newval-\u003estring+1 will point to the byte after the\nstring, causing an out-of-bound read.\n\nBUG: KASAN: slab-out-of-bounds in strlen+0x7d/0xa0 lib/string.c:418\nRead of size 1 at addr ffff8881119c4781 by task syz-executor665/8107\nCPU: 1 PID: 8107 Comm: syz-executor665 Not tainted 6.7.0-rc7 #1\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xd9/0x150 lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:364 [inline]\n print_report+0xc1/0x5e0 mm/kasan/report.c:475\n kasan_report+0xbe/0xf0 mm/kasan/report.c:588\n strlen+0x7d/0xa0 lib/string.c:418\n __fortify_strlen include/linux/fortify-string.h:210 [inline]\n in4_pton+0xa3/0x3f0 net/core/utils.c:130\n bond_option_arp_ip_targets_set+0xc2/0x910\ndrivers/net/bonding/bond_options.c:1201\n __bond_opt_set+0x2a4/0x1030 drivers/net/bonding/bond_options.c:767\n __bond_opt_set_notify+0x48/0x150 drivers/net/bonding/bond_options.c:792\n bond_opt_tryset_rtnl+0xda/0x160 drivers/net/bonding/bond_options.c:817\n bonding_sysfs_store_option+0xa1/0x120 drivers/net/bonding/bond_sysfs.c:156\n dev_attr_store+0x54/0x80 drivers/base/core.c:2366\n sysfs_kf_write+0x114/0x170 fs/sysfs/file.c:136\n kernfs_fop_write_iter+0x337/0x500 fs/kernfs/file.c:334\n call_write_iter include/linux/fs.h:2020 [inline]\n new_sync_write fs/read_write.c:491 [inline]\n vfs_write+0x96a/0xd80 fs/read_write.c:584\n ksys_write+0x122/0x250 fs/read_write.c:637\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x40/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n---[ end trace ]---\n\nFix it by adding a check of string length before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39487",
"url": "https://www.suse.com/security/cve/CVE-2024-39487"
},
{
"category": "external",
"summary": "SUSE Bug 1227573 for CVE-2024-39487",
"url": "https://bugzilla.suse.com/1227573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39487"
},
{
"cve": "CVE-2024-39490",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39490"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: sr: fix missing sk_buff release in seg6_input_core\n\nThe seg6_input() function is responsible for adding the SRH into a\npacket, delegating the operation to the seg6_input_core(). This function\nuses the skb_cow_head() to ensure that there is sufficient headroom in\nthe sk_buff for accommodating the link-layer header.\nIn the event that the skb_cow_header() function fails, the\nseg6_input_core() catches the error but it does not release the sk_buff,\nwhich will result in a memory leak.\n\nThis issue was introduced in commit af3b5158b89d (\"ipv6: sr: fix BUG due\nto headroom too small after SRH push\") and persists even after commit\n7a3f5b0de364 (\"netfilter: add netfilter hooks to SRv6 data plane\"),\nwhere the entire seg6_input() code was refactored to deal with netfilter\nhooks.\n\nThe proposed patch addresses the identified memory leak by requiring the\nseg6_input_core() function to release the sk_buff in the event that\nskb_cow_head() fails.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39490",
"url": "https://www.suse.com/security/cve/CVE-2024-39490"
},
{
"category": "external",
"summary": "SUSE Bug 1227626 for CVE-2024-39490",
"url": "https://bugzilla.suse.com/1227626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39490"
},
{
"cve": "CVE-2024-39494",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39494"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Fix use-after-free on a dentry\u0027s dname.name\n\n-\u003ed_name.name can change on rename and the earlier value can be freed;\nthere are conditions sufficient to stabilize it (-\u003ed_lock on dentry,\n-\u003ed_lock on its parent, -\u003ei_rwsem exclusive on the parent\u0027s inode,\nrename_lock), but none of those are met at any of the sites. Take a stable\nsnapshot of the name instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39494",
"url": "https://www.suse.com/security/cve/CVE-2024-39494"
},
{
"category": "external",
"summary": "SUSE Bug 1227716 for CVE-2024-39494",
"url": "https://bugzilla.suse.com/1227716"
},
{
"category": "external",
"summary": "SUSE Bug 1227901 for CVE-2024-39494",
"url": "https://bugzilla.suse.com/1227901"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-39494"
},
{
"cve": "CVE-2024-39496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39496"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: zoned: fix use-after-free due to race with dev replace\n\nWhile loading a zone\u0027s info during creation of a block group, we can race\nwith a device replace operation and then trigger a use-after-free on the\ndevice that was just replaced (source device of the replace operation).\n\nThis happens because at btrfs_load_zone_info() we extract a device from\nthe chunk map into a local variable and then use the device while not\nunder the protection of the device replace rwsem. So if there\u0027s a device\nreplace operation happening when we extract the device and that device\nis the source of the replace operation, we will trigger a use-after-free\nif before we finish using the device the replace operation finishes and\nfrees the device.\n\nFix this by enlarging the critical section under the protection of the\ndevice replace rwsem so that all uses of the device are done inside the\ncritical section.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39496",
"url": "https://www.suse.com/security/cve/CVE-2024-39496"
},
{
"category": "external",
"summary": "SUSE Bug 1227719 for CVE-2024-39496",
"url": "https://bugzilla.suse.com/1227719"
},
{
"category": "external",
"summary": "SUSE Bug 1227904 for CVE-2024-39496",
"url": "https://bugzilla.suse.com/1227904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-39496"
},
{
"cve": "CVE-2024-39498",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39498"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/mst: Fix NULL pointer dereference at drm_dp_add_payload_part2\n\n[Why]\nCommit:\n- commit 5aa1dfcdf0a4 (\"drm/mst: Refactor the flow for payload allocation/removement\")\naccidently overwrite the commit\n- commit 54d217406afe (\"drm: use mgr-\u003edev in drm_dbg_kms in drm_dp_add_payload_part2\")\nwhich cause regression.\n\n[How]\nRecover the original NULL fix and remove the unnecessary input parameter \u0027state\u0027 for\ndrm_dp_add_payload_part2().\n\n(cherry picked from commit 4545614c1d8da603e57b60dd66224d81b6ffc305)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39498",
"url": "https://www.suse.com/security/cve/CVE-2024-39498"
},
{
"category": "external",
"summary": "SUSE Bug 1227723 for CVE-2024-39498",
"url": "https://bugzilla.suse.com/1227723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39498"
},
{
"cve": "CVE-2024-39502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39502"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nionic: fix use after netif_napi_del()\n\nWhen queues are started, netif_napi_add() and napi_enable() are called.\nIf there are 4 queues and only 3 queues are used for the current\nconfiguration, only 3 queues\u0027 napi should be registered and enabled.\nThe ionic_qcq_enable() checks whether the .poll pointer is not NULL for\nenabling only the using queue\u0027 napi. Unused queues\u0027 napi will not be\nregistered by netif_napi_add(), so the .poll pointer indicates NULL.\nBut it couldn\u0027t distinguish whether the napi was unregistered or not\nbecause netif_napi_del() doesn\u0027t reset the .poll pointer to NULL.\nSo, ionic_qcq_enable() calls napi_enable() for the queue, which was\nunregistered by netif_napi_del().\n\nReproducer:\n ethtool -L \u003cinterface name\u003e rx 1 tx 1 combined 0\n ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 1\n ethtool -L \u003cinterface name\u003e rx 0 tx 0 combined 4\n\nSplat looks like:\nkernel BUG at net/core/dev.c:6666!\nOops: invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 1057 Comm: kworker/3:3 Not tainted 6.10.0-rc2+ #16\nWorkqueue: events ionic_lif_deferred_work [ionic]\nRIP: 0010:napi_enable+0x3b/0x40\nCode: 48 89 c2 48 83 e2 f6 80 b9 61 09 00 00 00 74 0d 48 83 bf 60 01 00 00 00 74 03 80 ce 01 f0 4f\nRSP: 0018:ffffb6ed83227d48 EFLAGS: 00010246\nRAX: 0000000000000000 RBX: ffff97560cda0828 RCX: 0000000000000029\nRDX: 0000000000000001 RSI: 0000000000000000 RDI: ffff97560cda0a28\nRBP: ffffb6ed83227d50 R08: 0000000000000400 R09: 0000000000000001\nR10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000000\nR13: ffff97560ce3c1a0 R14: 0000000000000000 R15: ffff975613ba0a20\nFS: 0000000000000000(0000) GS:ffff975d5f780000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f8f734ee200 CR3: 0000000103e50000 CR4: 00000000007506f0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die+0x33/0x90\n ? do_trap+0xd9/0x100\n ? napi_enable+0x3b/0x40\n ? do_error_trap+0x83/0xb0\n ? napi_enable+0x3b/0x40\n ? napi_enable+0x3b/0x40\n ? exc_invalid_op+0x4e/0x70\n ? napi_enable+0x3b/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? napi_enable+0x3b/0x40\n ionic_qcq_enable+0xb7/0x180 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_start_queues+0xc4/0x290 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_link_status_check+0x11c/0x170 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n ionic_lif_deferred_work+0x129/0x280 [ionic 59bdfc8a035436e1c4224ff7d10789e3f14643f8]\n process_one_work+0x145/0x360\n worker_thread+0x2bb/0x3d0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xcc/0x100\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x2d/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39502",
"url": "https://www.suse.com/security/cve/CVE-2024-39502"
},
{
"category": "external",
"summary": "SUSE Bug 1227755 for CVE-2024-39502",
"url": "https://bugzilla.suse.com/1227755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39502"
},
{
"cve": "CVE-2024-39504",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39504"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: validate mandatory meta and payload\n\nCheck for mandatory netlink attributes in payload and meta expression\nwhen used embedded from the inner expression, otherwise NULL pointer\ndereference is possible from userspace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39504",
"url": "https://www.suse.com/security/cve/CVE-2024-39504"
},
{
"category": "external",
"summary": "SUSE Bug 1227757 for CVE-2024-39504",
"url": "https://bugzilla.suse.com/1227757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39504"
},
{
"cve": "CVE-2024-39507",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-39507"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash problem in concurrent scenario\n\nWhen link status change, the nic driver need to notify the roce\ndriver to handle this event, but at this time, the roce driver\nmay uninit, then cause kernel crash.\n\nTo fix the problem, when link status change, need to check\nwhether the roce registered, and when uninit, need to wait link\nupdate finish.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-39507",
"url": "https://www.suse.com/security/cve/CVE-2024-39507"
},
{
"category": "external",
"summary": "SUSE Bug 1227730 for CVE-2024-39507",
"url": "https://bugzilla.suse.com/1227730"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-39507"
},
{
"cve": "CVE-2024-40901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory\n\nThere is a potential out-of-bounds access when using test_bit() on a single\nword. The test_bit() and set_bit() functions operate on long values, and\nwhen testing or setting a single word, they can exceed the word\nboundary. KASAN detects this issue and produces a dump:\n\n\t BUG: KASAN: slab-out-of-bounds in _scsih_add_device.constprop.0 (./arch/x86/include/asm/bitops.h:60 ./include/asm-generic/bitops/instrumented-atomic.h:29 drivers/scsi/mpt3sas/mpt3sas_scsih.c:7331) mpt3sas\n\n\t Write of size 8 at addr ffff8881d26e3c60 by task kworker/u1536:2/2965\n\nFor full log, please look at [1].\n\nMake the allocation at least the size of sizeof(unsigned long) so that\nset_bit() and test_bit() have sufficient room for read/write operations\nwithout overwriting unallocated memory.\n\n[1] Link: https://lore.kernel.org/all/ZkNcALr3W3KGYYJG@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40901",
"url": "https://www.suse.com/security/cve/CVE-2024-40901"
},
{
"category": "external",
"summary": "SUSE Bug 1227762 for CVE-2024-40901",
"url": "https://bugzilla.suse.com/1227762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40901"
},
{
"cve": "CVE-2024-40906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Always stop health timer during driver removal\n\nCurrently, if teardown_hca fails to execute during driver removal, mlx5\ndoes not stop the health timer. Afterwards, mlx5 continue with driver\nteardown. This may lead to a UAF bug, which results in page fault\nOops[1], since the health timer invokes after resources were freed.\n\nHence, stop the health monitor even if teardown_hca fails.\n\n[1]\nmlx5_core 0000:18:00.0: E-Switch: Unload vfs: mode(LEGACY), nvfs(0), necvfs(0), active vports(0)\nmlx5_core 0000:18:00.0: E-Switch: Disable: mode(LEGACY), nvfs(0), necvfs(0), active vports(0)\nmlx5_core 0000:18:00.0: E-Switch: Disable: mode(LEGACY), nvfs(0), necvfs(0), active vports(0)\nmlx5_core 0000:18:00.0: E-Switch: cleanup\nmlx5_core 0000:18:00.0: wait_func:1155:(pid 1967079): TEARDOWN_HCA(0x103) timeout. Will cause a leak of a command resource\nmlx5_core 0000:18:00.0: mlx5_function_close:1288:(pid 1967079): tear_down_hca failed, skip cleanup\nBUG: unable to handle page fault for address: ffffa26487064230\nPGD 100c00067 P4D 100c00067 PUD 100e5a067 PMD 105ed7067 PTE 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 0 PID: 0 Comm: swapper/0 Tainted: G OE ------- --- 6.7.0-68.fc38.x86_64 #1\nHardware name: Intel Corporation S2600WFT/S2600WFT, BIOS SE5C620.86B.02.01.0013.121520200651 12/15/2020\nRIP: 0010:ioread32be+0x34/0x60\nRSP: 0018:ffffa26480003e58 EFLAGS: 00010292\nRAX: ffffa26487064200 RBX: ffff9042d08161a0 RCX: ffff904c108222c0\nRDX: 000000010bbf1b80 RSI: ffffffffc055ddb0 RDI: ffffa26487064230\nRBP: ffff9042d08161a0 R08: 0000000000000022 R09: ffff904c108222e8\nR10: 0000000000000004 R11: 0000000000000441 R12: ffffffffc055ddb0\nR13: ffffa26487064200 R14: ffffa26480003f00 R15: ffff904c108222c0\nFS: 0000000000000000(0000) GS:ffff904c10800000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: ffffa26487064230 CR3: 00000002c4420006 CR4: 00000000007706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cIRQ\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x171/0x4e0\n ? exc_page_fault+0x175/0x180\n ? asm_exc_page_fault+0x26/0x30\n ? __pfx_poll_health+0x10/0x10 [mlx5_core]\n ? __pfx_poll_health+0x10/0x10 [mlx5_core]\n ? ioread32be+0x34/0x60\n mlx5_health_check_fatal_sensors+0x20/0x100 [mlx5_core]\n ? __pfx_poll_health+0x10/0x10 [mlx5_core]\n poll_health+0x42/0x230 [mlx5_core]\n ? __next_timer_interrupt+0xbc/0x110\n ? __pfx_poll_health+0x10/0x10 [mlx5_core]\n call_timer_fn+0x21/0x130\n ? __pfx_poll_health+0x10/0x10 [mlx5_core]\n __run_timers+0x222/0x2c0\n run_timer_softirq+0x1d/0x40\n __do_softirq+0xc9/0x2c8\n __irq_exit_rcu+0xa6/0xc0\n sysvec_apic_timer_interrupt+0x72/0x90\n \u003c/IRQ\u003e\n \u003cTASK\u003e\n asm_sysvec_apic_timer_interrupt+0x1a/0x20\nRIP: 0010:cpuidle_enter_state+0xcc/0x440\n ? cpuidle_enter_state+0xbd/0x440\n cpuidle_enter+0x2d/0x40\n do_idle+0x20d/0x270\n cpu_startup_entry+0x2a/0x30\n rest_init+0xd0/0xd0\n arch_call_rest_init+0xe/0x30\n start_kernel+0x709/0xa90\n x86_64_start_reservations+0x18/0x30\n x86_64_start_kernel+0x96/0xa0\n secondary_startup_64_no_verify+0x18f/0x19b\n---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40906",
"url": "https://www.suse.com/security/cve/CVE-2024-40906"
},
{
"category": "external",
"summary": "SUSE Bug 1227763 for CVE-2024-40906",
"url": "https://bugzilla.suse.com/1227763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40906"
},
{
"cve": "CVE-2024-40908",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40908"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Set run context for rawtp test_run callback\n\nsyzbot reported crash when rawtp program executed through the\ntest_run interface calls bpf_get_attach_cookie helper or any\nother helper that touches task-\u003ebpf_ctx pointer.\n\nSetting the run context (task-\u003ebpf_ctx pointer) for test_run\ncallback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40908",
"url": "https://www.suse.com/security/cve/CVE-2024-40908"
},
{
"category": "external",
"summary": "SUSE Bug 1227783 for CVE-2024-40908",
"url": "https://bugzilla.suse.com/1227783"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40908"
},
{
"cve": "CVE-2024-40919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40919"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Adjust logging of firmware messages in case of released token in __hwrm_send()\n\nIn case of token is released due to token-\u003estate == BNXT_HWRM_DEFERRED,\nreleased token (set to NULL) is used in log messages. This issue is\nexpected to be prevented by HWRM_ERR_CODE_PF_UNAVAILABLE error code. But\nthis error code is returned by recent firmware. So some firmware may not\nreturn it. This may lead to NULL pointer dereference.\nAdjust this issue by adding token pointer check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40919",
"url": "https://www.suse.com/security/cve/CVE-2024-40919"
},
{
"category": "external",
"summary": "SUSE Bug 1227779 for CVE-2024-40919",
"url": "https://bugzilla.suse.com/1227779"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40919"
},
{
"cve": "CVE-2024-40923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvmxnet3: disable rx data ring on dma allocation failure\n\nWhen vmxnet3_rq_create() fails to allocate memory for rq-\u003edata_ring.base,\nthe subsequent call to vmxnet3_rq_destroy_all_rxdataring does not reset\nrq-\u003edata_ring.desc_size for the data ring that failed, which presumably\ncauses the hypervisor to reference it on packet reception.\n\nTo fix this bug, rq-\u003edata_ring.desc_size needs to be set to 0 to tell\nthe hypervisor to disable this feature.\n\n[ 95.436876] kernel BUG at net/core/skbuff.c:207!\n[ 95.439074] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n[ 95.440411] CPU: 7 PID: 0 Comm: swapper/7 Not tainted 6.9.3-dirty #1\n[ 95.441558] Hardware name: VMware, Inc. VMware Virtual\nPlatform/440BX Desktop Reference Platform, BIOS 6.00 12/12/2018\n[ 95.443481] RIP: 0010:skb_panic+0x4d/0x4f\n[ 95.444404] Code: 4f 70 50 8b 87 c0 00 00 00 50 8b 87 bc 00 00 00 50\nff b7 d0 00 00 00 4c 8b 8f c8 00 00 00 48 c7 c7 68 e8 be 9f e8 63 58 f9\nff \u003c0f\u003e 0b 48 8b 14 24 48 c7 c1 d0 73 65 9f e8 a1 ff ff ff 48 8b 14 24\n[ 95.447684] RSP: 0018:ffffa13340274dd0 EFLAGS: 00010246\n[ 95.448762] RAX: 0000000000000089 RBX: ffff8fbbc72b02d0 RCX: 000000000000083f\n[ 95.450148] RDX: 0000000000000000 RSI: 00000000000000f6 RDI: 000000000000083f\n[ 95.451520] RBP: 000000000000002d R08: 0000000000000000 R09: ffffa13340274c60\n[ 95.452886] R10: ffffffffa04ed468 R11: 0000000000000002 R12: 0000000000000000\n[ 95.454293] R13: ffff8fbbdab3c2d0 R14: ffff8fbbdbd829e0 R15: ffff8fbbdbd809e0\n[ 95.455682] FS: 0000000000000000(0000) GS:ffff8fbeefd80000(0000) knlGS:0000000000000000\n[ 95.457178] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 95.458340] CR2: 00007fd0d1f650c8 CR3: 0000000115f28000 CR4: 00000000000406f0\n[ 95.459791] Call Trace:\n[ 95.460515] \u003cIRQ\u003e\n[ 95.461180] ? __die_body.cold+0x19/0x27\n[ 95.462150] ? die+0x2e/0x50\n[ 95.462976] ? do_trap+0xca/0x110\n[ 95.463973] ? do_error_trap+0x6a/0x90\n[ 95.464966] ? skb_panic+0x4d/0x4f\n[ 95.465901] ? exc_invalid_op+0x50/0x70\n[ 95.466849] ? skb_panic+0x4d/0x4f\n[ 95.467718] ? asm_exc_invalid_op+0x1a/0x20\n[ 95.468758] ? skb_panic+0x4d/0x4f\n[ 95.469655] skb_put.cold+0x10/0x10\n[ 95.470573] vmxnet3_rq_rx_complete+0x862/0x11e0 [vmxnet3]\n[ 95.471853] vmxnet3_poll_rx_only+0x36/0xb0 [vmxnet3]\n[ 95.473185] __napi_poll+0x2b/0x160\n[ 95.474145] net_rx_action+0x2c6/0x3b0\n[ 95.475115] handle_softirqs+0xe7/0x2a0\n[ 95.476122] __irq_exit_rcu+0x97/0xb0\n[ 95.477109] common_interrupt+0x85/0xa0\n[ 95.478102] \u003c/IRQ\u003e\n[ 95.478846] \u003cTASK\u003e\n[ 95.479603] asm_common_interrupt+0x26/0x40\n[ 95.480657] RIP: 0010:pv_native_safe_halt+0xf/0x20\n[ 95.481801] Code: 22 d7 e9 54 87 01 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 93 ba 3b 00 fb f4 \u003ce9\u003e 2c 87 01 00 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90\n[ 95.485563] RSP: 0018:ffffa133400ffe58 EFLAGS: 00000246\n[ 95.486882] RAX: 0000000000004000 RBX: ffff8fbbc1d14064 RCX: 0000000000000000\n[ 95.488477] RDX: ffff8fbeefd80000 RSI: ffff8fbbc1d14000 RDI: 0000000000000001\n[ 95.490067] RBP: ffff8fbbc1d14064 R08: ffffffffa0652260 R09: 00000000000010d3\n[ 95.491683] R10: 0000000000000018 R11: ffff8fbeefdb4764 R12: ffffffffa0652260\n[ 95.493389] R13: ffffffffa06522e0 R14: 0000000000000001 R15: 0000000000000000\n[ 95.495035] acpi_safe_halt+0x14/0x20\n[ 95.496127] acpi_idle_do_entry+0x2f/0x50\n[ 95.497221] acpi_idle_enter+0x7f/0xd0\n[ 95.498272] cpuidle_enter_state+0x81/0x420\n[ 95.499375] cpuidle_enter+0x2d/0x40\n[ 95.500400] do_idle+0x1e5/0x240\n[ 95.501385] cpu_startup_entry+0x29/0x30\n[ 95.502422] start_secondary+0x11c/0x140\n[ 95.503454] common_startup_64+0x13e/0x141\n[ 95.504466] \u003c/TASK\u003e\n[ 95.505197] Modules linked in: nft_fib_inet nft_fib_ipv4\nnft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6\nnft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ip\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40923",
"url": "https://www.suse.com/security/cve/CVE-2024-40923"
},
{
"category": "external",
"summary": "SUSE Bug 1227786 for CVE-2024-40923",
"url": "https://bugzilla.suse.com/1227786"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40923"
},
{
"cve": "CVE-2024-40925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix request.queuelist usage in flush\n\nFriedrich Weber reported a kernel crash problem and bisected to commit\n81ada09cc25e (\"blk-flush: reuse rq queuelist in flush state machine\").\n\nThe root cause is that we use \"list_move_tail(\u0026rq-\u003equeuelist, pending)\"\nin the PREFLUSH/POSTFLUSH sequences. But rq-\u003equeuelist.next == xxx since\nit\u0027s popped out from plug-\u003ecached_rq in __blk_mq_alloc_requests_batch().\nWe don\u0027t initialize its queuelist just for this first request, although\nthe queuelist of all later popped requests will be initialized.\n\nFix it by changing to use \"list_add_tail(\u0026rq-\u003equeuelist, pending)\" so\nrq-\u003equeuelist doesn\u0027t need to be initialized. It should be ok since rq\ncan\u0027t be on any list when PREFLUSH or POSTFLUSH, has no move actually.\n\nPlease note the commit 81ada09cc25e (\"blk-flush: reuse rq queuelist in\nflush state machine\") also has another requirement that no drivers would\ntouch rq-\u003equeuelist after blk_mq_end_request() since we will reuse it to\nadd rq to the post-flush pending list in POSTFLUSH. If this is not true,\nwe will have to revert that commit IMHO.\n\nThis updated version adds \"list_del_init(\u0026rq-\u003equeuelist)\" in flush rq\ncallback since the dm layer may submit request of a weird invalid format\n(REQ_FSEQ_PREFLUSH | REQ_FSEQ_POSTFLUSH), which causes double list_add\nif without this \"list_del_init(\u0026rq-\u003equeuelist)\". The weird invalid format\nproblem should be fixed in dm layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40925",
"url": "https://www.suse.com/security/cve/CVE-2024-40925"
},
{
"category": "external",
"summary": "SUSE Bug 1227789 for CVE-2024-40925",
"url": "https://bugzilla.suse.com/1227789"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40925"
},
{
"cve": "CVE-2024-40928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool()\n\nClang static checker (scan-build) warning:\nnet/ethtool/ioctl.c:line 2233, column 2\nCalled function pointer is null (null dereference).\n\nReturn \u0027-EOPNOTSUPP\u0027 when \u0027ops-\u003eget_ethtool_phy_stats\u0027 is NULL to fix\nthis typo error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40928",
"url": "https://www.suse.com/security/cve/CVE-2024-40928"
},
{
"category": "external",
"summary": "SUSE Bug 1227788 for CVE-2024-40928",
"url": "https://bugzilla.suse.com/1227788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-40928"
},
{
"cve": "CVE-2024-40931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: ensure snd_una is properly initialized on connect\n\nThis is strictly related to commit fb7a0d334894 (\"mptcp: ensure snd_nxt\nis properly initialized on connect\"). It turns out that syzkaller can\ntrigger the retransmit after fallback and before processing any other\nincoming packet - so that snd_una is still left uninitialized.\n\nAddress the issue explicitly initializing snd_una together with snd_nxt\nand write_seq.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40931",
"url": "https://www.suse.com/security/cve/CVE-2024-40931"
},
{
"category": "external",
"summary": "SUSE Bug 1227780 for CVE-2024-40931",
"url": "https://bugzilla.suse.com/1227780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40931"
},
{
"cve": "CVE-2024-40935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncachefiles: flush all requests after setting CACHEFILES_DEAD\n\nIn ondemand mode, when the daemon is processing an open request, if the\nkernel flags the cache as CACHEFILES_DEAD, the cachefiles_daemon_write()\nwill always return -EIO, so the daemon can\u0027t pass the copen to the kernel.\nThen the kernel process that is waiting for the copen triggers a hung_task.\n\nSince the DEAD state is irreversible, it can only be exited by closing\n/dev/cachefiles. Therefore, after calling cachefiles_io_error() to mark\nthe cache as CACHEFILES_DEAD, if in ondemand mode, flush all requests to\navoid the above hungtask. We may still be able to read some of the cached\ndata before closing the fd of /dev/cachefiles.\n\nNote that this relies on the patch that adds reference counting to the req,\notherwise it may UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40935",
"url": "https://www.suse.com/security/cve/CVE-2024-40935"
},
{
"category": "external",
"summary": "SUSE Bug 1227797 for CVE-2024-40935",
"url": "https://bugzilla.suse.com/1227797"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40935"
},
{
"cve": "CVE-2024-40937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngve: Clear napi-\u003eskb before dev_kfree_skb_any()\n\ngve_rx_free_skb incorrectly leaves napi-\u003eskb referencing an skb after it\nis freed with dev_kfree_skb_any(). This can result in a subsequent call\nto napi_get_frags returning a dangling pointer.\n\nFix this by clearing napi-\u003eskb before the skb is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40937",
"url": "https://www.suse.com/security/cve/CVE-2024-40937"
},
{
"category": "external",
"summary": "SUSE Bug 1227836 for CVE-2024-40937",
"url": "https://bugzilla.suse.com/1227836"
},
{
"category": "external",
"summary": "SUSE Bug 1227903 for CVE-2024-40937",
"url": "https://bugzilla.suse.com/1227903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-40937"
},
{
"cve": "CVE-2024-40940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Fix tainted pointer delete is case of flow rules creation fail\n\nIn case of flow rule creation fail in mlx5_lag_create_port_sel_table(),\ninstead of previously created rules, the tainted pointer is deleted\ndeveral times.\nFix this bug by using correct flow rules pointers.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40940",
"url": "https://www.suse.com/security/cve/CVE-2024-40940"
},
{
"category": "external",
"summary": "SUSE Bug 1227800 for CVE-2024-40940",
"url": "https://bugzilla.suse.com/1227800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40940"
},
{
"cve": "CVE-2024-40947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nima: Avoid blocking in RCU read-side critical section\n\nA panic happens in ima_match_policy:\n\nBUG: unable to handle kernel NULL pointer dereference at 0000000000000010\nPGD 42f873067 P4D 0\nOops: 0000 [#1] SMP NOPTI\nCPU: 5 PID: 1286325 Comm: kubeletmonit.sh\nKdump: loaded Tainted: P\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996),\n BIOS 0.0.0 02/06/2015\nRIP: 0010:ima_match_policy+0x84/0x450\nCode: 49 89 fc 41 89 cf 31 ed 89 44 24 14 eb 1c 44 39\n 7b 18 74 26 41 83 ff 05 74 20 48 8b 1b 48 3b 1d\n f2 b9 f4 00 0f 84 9c 01 00 00 \u003c44\u003e 85 73 10 74 ea\n 44 8b 6b 14 41 f6 c5 01 75 d4 41 f6 c5 02 74 0f\nRSP: 0018:ff71570009e07a80 EFLAGS: 00010207\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000200\nRDX: ffffffffad8dc7c0 RSI: 0000000024924925 RDI: ff3e27850dea2000\nRBP: 0000000000000000 R08: 0000000000000000 R09: ffffffffabfce739\nR10: ff3e27810cc42400 R11: 0000000000000000 R12: ff3e2781825ef970\nR13: 00000000ff3e2785 R14: 000000000000000c R15: 0000000000000001\nFS: 00007f5195b51740(0000)\nGS:ff3e278b12d40000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000010 CR3: 0000000626d24002 CR4: 0000000000361ee0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n ima_get_action+0x22/0x30\n process_measurement+0xb0/0x830\n ? page_add_file_rmap+0x15/0x170\n ? alloc_set_pte+0x269/0x4c0\n ? prep_new_page+0x81/0x140\n ? simple_xattr_get+0x75/0xa0\n ? selinux_file_open+0x9d/0xf0\n ima_file_check+0x64/0x90\n path_openat+0x571/0x1720\n do_filp_open+0x9b/0x110\n ? page_counter_try_charge+0x57/0xc0\n ? files_cgroup_alloc_fd+0x38/0x60\n ? __alloc_fd+0xd4/0x250\n ? do_sys_open+0x1bd/0x250\n do_sys_open+0x1bd/0x250\n do_syscall_64+0x5d/0x1d0\n entry_SYSCALL_64_after_hwframe+0x65/0xca\n\nCommit c7423dbdbc9e (\"ima: Handle -ESTALE returned by\nima_filter_rule_match()\") introduced call to ima_lsm_copy_rule within a\nRCU read-side critical section which contains kmalloc with GFP_KERNEL.\nThis implies a possible sleep and violates limitations of RCU read-side\ncritical sections on non-PREEMPT systems.\n\nSleeping within RCU read-side critical section might cause\nsynchronize_rcu() returning early and break RCU protection, allowing a\nUAF to happen.\n\nThe root cause of this issue could be described as follows:\n|\tThread A\t|\tThread B\t|\n|\t\t\t|ima_match_policy\t|\n|\t\t\t| rcu_read_lock\t|\n|ima_lsm_update_rule\t|\t\t\t|\n| synchronize_rcu\t|\t\t\t|\n|\t\t\t| kmalloc(GFP_KERNEL)|\n|\t\t\t| sleep\t\t|\n==\u003e synchronize_rcu returns early\n| kfree(entry)\t\t|\t\t\t|\n|\t\t\t| entry = entry-\u003enext|\n==\u003e UAF happens and entry now becomes NULL (or could be anything).\n|\t\t\t| entry-\u003eaction\t|\n==\u003e Accessing entry might cause panic.\n\nTo fix this issue, we are converting all kmalloc that is called within\nRCU read-side critical section to use GFP_ATOMIC.\n\n[PM: fixed missing comment, long lines, !CONFIG_IMA_LSM_RULES case]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40947",
"url": "https://www.suse.com/security/cve/CVE-2024-40947"
},
{
"category": "external",
"summary": "SUSE Bug 1227803 for CVE-2024-40947",
"url": "https://bugzilla.suse.com/1227803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40947"
},
{
"cve": "CVE-2024-40948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/page_table_check: fix crash on ZONE_DEVICE\n\nNot all pages may apply to pgtable check. One example is ZONE_DEVICE\npages: they map PFNs directly, and they don\u0027t allocate page_ext at all\neven if there\u0027s struct page around. One may reference\ndevm_memremap_pages().\n\nWhen both ZONE_DEVICE and page-table-check enabled, then try to map some\ndax memories, one can trigger kernel bug constantly now when the kernel\nwas trying to inject some pfn maps on the dax device:\n\n kernel BUG at mm/page_table_check.c:55!\n\nWhile it\u0027s pretty legal to use set_pxx_at() for ZONE_DEVICE pages for page\nfault resolutions, skip all the checks if page_ext doesn\u0027t even exist in\npgtable checker, which applies to ZONE_DEVICE but maybe more.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40948",
"url": "https://www.suse.com/security/cve/CVE-2024-40948"
},
{
"category": "external",
"summary": "SUSE Bug 1227801 for CVE-2024-40948",
"url": "https://bugzilla.suse.com/1227801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40948"
},
{
"cve": "CVE-2024-40953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin()\n\nUse {READ,WRITE}_ONCE() to access kvm-\u003elast_boosted_vcpu to ensure the\nloads and stores are atomic. In the extremely unlikely scenario the\ncompiler tears the stores, it\u0027s theoretically possible for KVM to attempt\nto get a vCPU using an out-of-bounds index, e.g. if the write is split\ninto multiple 8-bit stores, and is paired with a 32-bit load on a VM with\n257 vCPUs:\n\n CPU0 CPU1\n last_boosted_vcpu = 0xff;\n\n (last_boosted_vcpu = 0x100)\n last_boosted_vcpu[15:8] = 0x01;\n i = (last_boosted_vcpu = 0x1ff)\n last_boosted_vcpu[7:0] = 0x00;\n\n vcpu = kvm-\u003evcpu_array[0x1ff];\n\nAs detected by KCSAN:\n\n BUG: KCSAN: data-race in kvm_vcpu_on_spin [kvm] / kvm_vcpu_on_spin [kvm]\n\n write to 0xffffc90025a92344 of 4 bytes by task 4340 on cpu 16:\n kvm_vcpu_on_spin (arch/x86/kvm/../../../virt/kvm/kvm_main.c:4112) kvm\n handle_pause (arch/x86/kvm/vmx/vmx.c:5929) kvm_intel\n vmx_handle_exit (arch/x86/kvm/vmx/vmx.c:?\n\t\t arch/x86/kvm/vmx/vmx.c:6606) kvm_intel\n vcpu_run (arch/x86/kvm/x86.c:11107 arch/x86/kvm/x86.c:11211) kvm\n kvm_arch_vcpu_ioctl_run (arch/x86/kvm/x86.c:?) kvm\n kvm_vcpu_ioctl (arch/x86/kvm/../../../virt/kvm/kvm_main.c:?) kvm\n __se_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:904 fs/ioctl.c:890)\n __x64_sys_ioctl (fs/ioctl.c:890)\n x64_sys_call (arch/x86/entry/syscall_64.c:33)\n do_syscall_64 (arch/x86/entry/common.c:?)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\n read to 0xffffc90025a92344 of 4 bytes by task 4342 on cpu 4:\n kvm_vcpu_on_spin (arch/x86/kvm/../../../virt/kvm/kvm_main.c:4069) kvm\n handle_pause (arch/x86/kvm/vmx/vmx.c:5929) kvm_intel\n vmx_handle_exit (arch/x86/kvm/vmx/vmx.c:?\n\t\t\tarch/x86/kvm/vmx/vmx.c:6606) kvm_intel\n vcpu_run (arch/x86/kvm/x86.c:11107 arch/x86/kvm/x86.c:11211) kvm\n kvm_arch_vcpu_ioctl_run (arch/x86/kvm/x86.c:?) kvm\n kvm_vcpu_ioctl (arch/x86/kvm/../../../virt/kvm/kvm_main.c:?) kvm\n __se_sys_ioctl (fs/ioctl.c:52 fs/ioctl.c:904 fs/ioctl.c:890)\n __x64_sys_ioctl (fs/ioctl.c:890)\n x64_sys_call (arch/x86/entry/syscall_64.c:33)\n do_syscall_64 (arch/x86/entry/common.c:?)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\n value changed: 0x00000012 -\u003e 0x00000000",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40953",
"url": "https://www.suse.com/security/cve/CVE-2024-40953"
},
{
"category": "external",
"summary": "SUSE Bug 1227806 for CVE-2024-40953",
"url": "https://bugzilla.suse.com/1227806"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40953"
},
{
"cve": "CVE-2024-40960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible NULL dereference in rt6_probe()\n\nsyzbot caught a NULL dereference in rt6_probe() [1]\n\nBail out if __in6_dev_get() returns NULL.\n\n[1]\nOops: general protection fault, probably for non-canonical address 0xdffffc00000000cb: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x0000000000000658-0x000000000000065f]\nCPU: 1 PID: 22444 Comm: syz-executor.0 Not tainted 6.10.0-rc2-syzkaller-00383-gb8481381d4e2 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/02/2024\n RIP: 0010:rt6_probe net/ipv6/route.c:656 [inline]\n RIP: 0010:find_match+0x8c4/0xf50 net/ipv6/route.c:758\nCode: 14 fd f7 48 8b 85 38 ff ff ff 48 c7 45 b0 00 00 00 00 48 8d b8 5c 06 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6 14 02 48 89 f8 83 e0 07 83 c0 03 38 d0 7c 08 84 d2 0f 85 19\nRSP: 0018:ffffc900034af070 EFLAGS: 00010203\nRAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffffc90004521000\nRDX: 00000000000000cb RSI: ffffffff8990d0cd RDI: 000000000000065c\nRBP: ffffc900034af150 R08: 0000000000000005 R09: 0000000000000000\nR10: 0000000000000001 R11: 0000000000000002 R12: 000000000000000a\nR13: 1ffff92000695e18 R14: ffff8880244a1d20 R15: 0000000000000000\nFS: 00007f4844a5a6c0(0000) GS:ffff8880b9300000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000001b31b27000 CR3: 000000002d42c000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n rt6_nh_find_match+0xfa/0x1a0 net/ipv6/route.c:784\n nexthop_for_each_fib6_nh+0x26d/0x4a0 net/ipv4/nexthop.c:1496\n __find_rr_leaf+0x6e7/0xe00 net/ipv6/route.c:825\n find_rr_leaf net/ipv6/route.c:853 [inline]\n rt6_select net/ipv6/route.c:897 [inline]\n fib6_table_lookup+0x57e/0xa30 net/ipv6/route.c:2195\n ip6_pol_route+0x1cd/0x1150 net/ipv6/route.c:2231\n pol_lookup_func include/net/ip6_fib.h:616 [inline]\n fib6_rule_lookup+0x386/0x720 net/ipv6/fib6_rules.c:121\n ip6_route_output_flags_noref net/ipv6/route.c:2639 [inline]\n ip6_route_output_flags+0x1d0/0x640 net/ipv6/route.c:2651\n ip6_dst_lookup_tail.constprop.0+0x961/0x1760 net/ipv6/ip6_output.c:1147\n ip6_dst_lookup_flow+0x99/0x1d0 net/ipv6/ip6_output.c:1250\n rawv6_sendmsg+0xdab/0x4340 net/ipv6/raw.c:898\n inet_sendmsg+0x119/0x140 net/ipv4/af_inet.c:853\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n sock_write_iter+0x4b8/0x5c0 net/socket.c:1160\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0x6b6/0x1140 fs/read_write.c:590\n ksys_write+0x1f8/0x260 fs/read_write.c:643\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcd/0x250 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40960",
"url": "https://www.suse.com/security/cve/CVE-2024-40960"
},
{
"category": "external",
"summary": "SUSE Bug 1227813 for CVE-2024-40960",
"url": "https://bugzilla.suse.com/1227813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40960"
},
{
"cve": "CVE-2024-40961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible NULL deref in fib6_nh_init()\n\nsyzbot reminds us that in6_dev_get() can return NULL.\n\nfib6_nh_init()\n ip6_validate_gw( \u0026idev )\n ip6_route_check_nh( idev )\n *idev = in6_dev_get(dev); // can be NULL\n\nOops: general protection fault, probably for non-canonical address 0xdffffc00000000bc: 0000 [#1] PREEMPT SMP KASAN PTI\nKASAN: null-ptr-deref in range [0x00000000000005e0-0x00000000000005e7]\nCPU: 0 PID: 11237 Comm: syz-executor.3 Not tainted 6.10.0-rc2-syzkaller-00249-gbe27b8965297 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024\n RIP: 0010:fib6_nh_init+0x640/0x2160 net/ipv6/route.c:3606\nCode: 00 00 fc ff df 4c 8b 64 24 58 48 8b 44 24 28 4c 8b 74 24 30 48 89 c1 48 89 44 24 28 48 8d 98 e0 05 00 00 48 89 d8 48 c1 e8 03 \u003c42\u003e 0f b6 04 38 84 c0 0f 85 b3 17 00 00 8b 1b 31 ff 89 de e8 b8 8b\nRSP: 0018:ffffc900032775a0 EFLAGS: 00010202\nRAX: 00000000000000bc RBX: 00000000000005e0 RCX: 0000000000000000\nRDX: 0000000000000010 RSI: ffffc90003277a54 RDI: ffff88802b3a08d8\nRBP: ffffc900032778b0 R08: 00000000000002fc R09: 0000000000000000\nR10: 00000000000002fc R11: 0000000000000000 R12: ffff88802b3a08b8\nR13: 1ffff9200064eec8 R14: ffffc90003277a00 R15: dffffc0000000000\nFS: 00007f940feb06c0(0000) GS:ffff8880b9400000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000000 CR3: 00000000245e8000 CR4: 00000000003506f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n \u003cTASK\u003e\n ip6_route_info_create+0x99e/0x12b0 net/ipv6/route.c:3809\n ip6_route_add+0x28/0x160 net/ipv6/route.c:3853\n ipv6_route_ioctl+0x588/0x870 net/ipv6/route.c:4483\n inet6_ioctl+0x21a/0x280 net/ipv6/af_inet6.c:579\n sock_do_ioctl+0x158/0x460 net/socket.c:1222\n sock_ioctl+0x629/0x8e0 net/socket.c:1341\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:907 [inline]\n __se_sys_ioctl+0xfc/0x170 fs/ioctl.c:893\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7f940f07cea9",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40961",
"url": "https://www.suse.com/security/cve/CVE-2024-40961"
},
{
"category": "external",
"summary": "SUSE Bug 1227814 for CVE-2024-40961",
"url": "https://bugzilla.suse.com/1227814"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40961"
},
{
"cve": "CVE-2024-40966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: add the option to have a tty reject a new ldisc\n\n... and use it to limit the virtual terminals to just N_TTY. They are\nkind of special, and in particular, the \"con_write()\" routine violates\nthe \"writes cannot sleep\" rule that some ldiscs rely on.\n\nThis avoids the\n\n BUG: sleeping function called from invalid context at kernel/printk/printk.c:2659\n\nwhen N_GSM has been attached to a virtual console, and gsmld_write()\ncalls con_write() while holding a spinlock, and con_write() then tries\nto get the console lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40966",
"url": "https://www.suse.com/security/cve/CVE-2024-40966"
},
{
"category": "external",
"summary": "SUSE Bug 1227886 for CVE-2024-40966",
"url": "https://bugzilla.suse.com/1227886"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40966"
},
{
"cve": "CVE-2024-40970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nAvoid hw_desc array overrun in dw-axi-dmac\n\nI have a use case where nr_buffers = 3 and in which each descriptor is composed by 3\nsegments, resulting in the DMA channel descs_allocated to be 9. Since axi_desc_put()\nhandles the hw_desc considering the descs_allocated, this scenario would result in a\nkernel panic (hw_desc array will be overrun).\n\nTo fix this, the proposal is to add a new member to the axi_dma_desc structure,\nwhere we keep the number of allocated hw_descs (axi_desc_alloc()) and use it in\naxi_desc_put() to handle the hw_desc array correctly.\n\nAdditionally I propose to remove the axi_chan_start_first_queued() call after completing\nthe transfer, since it was identified that unbalance can occur (started descriptors can\nbe interrupted and transfer ignored due to DMA channel not being enabled).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40970",
"url": "https://www.suse.com/security/cve/CVE-2024-40970"
},
{
"category": "external",
"summary": "SUSE Bug 1227899 for CVE-2024-40970",
"url": "https://bugzilla.suse.com/1227899"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40970"
},
{
"cve": "CVE-2024-40972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: do not create EA inode under buffer lock\n\next4_xattr_set_entry() creates new EA inodes while holding buffer lock\non the external xattr block. This is problematic as it nests all the\nallocation locking (which acquires locks on other buffers) under the\nbuffer lock. This can even deadlock when the filesystem is corrupted and\ne.g. quota file is setup to contain xattr block as data block. Move the\nallocation of EA inode out of ext4_xattr_set_entry() into the callers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40972",
"url": "https://www.suse.com/security/cve/CVE-2024-40972"
},
{
"category": "external",
"summary": "SUSE Bug 1227910 for CVE-2024-40972",
"url": "https://bugzilla.suse.com/1227910"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40972"
},
{
"cve": "CVE-2024-40975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: x86-android-tablets: Unregister devices in reverse order\n\nNot all subsystems support a device getting removed while there are\nstill consumers of the device with a reference to the device.\n\nOne example of this is the regulator subsystem. If a regulator gets\nunregistered while there are still drivers holding a reference\na WARN() at drivers/regulator/core.c:5829 triggers, e.g.:\n\n WARNING: CPU: 1 PID: 1587 at drivers/regulator/core.c:5829 regulator_unregister\n Hardware name: Intel Corp. VALLEYVIEW C0 PLATFORM/BYT-T FFD8, BIOS BLADE_21.X64.0005.R00.1504101516 FFD8_X64_R_2015_04_10_1516 04/10/2015\n RIP: 0010:regulator_unregister\n Call Trace:\n \u003cTASK\u003e\n regulator_unregister\n devres_release_group\n i2c_device_remove\n device_release_driver_internal\n bus_remove_device\n device_del\n device_unregister\n x86_android_tablet_remove\n\nOn the Lenovo Yoga Tablet 2 series the bq24190 charger chip also provides\na 5V boost converter output for powering USB devices connected to the micro\nUSB port, the bq24190-charger driver exports this as a Vbus regulator.\n\nOn the 830 (8\") and 1050 (\"10\") models this regulator is controlled by\na platform_device and x86_android_tablet_remove() removes platform_device-s\nbefore i2c_clients so the consumer gets removed first.\n\nBut on the 1380 (13\") model there is a lc824206xa micro-USB switch\nconnected over I2C and the extcon driver for that controls the regulator.\nThe bq24190 i2c-client *must* be registered first, because that creates\nthe regulator with the lc824206xa listed as its consumer. If the regulator\nhas not been registered yet the lc824206xa driver will end up getting\na dummy regulator.\n\nSince in this case both the regulator provider and consumer are I2C\ndevices, the only way to ensure that the consumer is unregistered first\nis to unregister the I2C devices in reverse order of in which they were\ncreated.\n\nFor consistency and to avoid similar problems in the future change\nx86_android_tablet_remove() to unregister all device types in reverse\norder.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40975",
"url": "https://www.suse.com/security/cve/CVE-2024-40975"
},
{
"category": "external",
"summary": "SUSE Bug 1227926 for CVE-2024-40975",
"url": "https://bugzilla.suse.com/1227926"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40975"
},
{
"cve": "CVE-2024-40979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40979"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath12k: fix kernel crash during resume\n\nCurrently during resume, QMI target memory is not properly handled, resulting\nin kernel crash in case DMA remap is not supported:\n\nBUG: Bad page state in process kworker/u16:54 pfn:36e80\npage: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x36e80\npage dumped because: nonzero _refcount\nCall Trace:\n bad_page\n free_page_is_bad_report\n __free_pages_ok\n __free_pages\n dma_direct_free\n dma_free_attrs\n ath12k_qmi_free_target_mem_chunk\n ath12k_qmi_msg_mem_request_cb\n\nThe reason is:\nOnce ath12k module is loaded, firmware sends memory request to host. In case\nDMA remap not supported, ath12k refuses the first request due to failure in\nallocating with large segment size:\n\nath12k_pci 0000:04:00.0: qmi firmware request memory request\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 7077888\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 8454144\nath12k_pci 0000:04:00.0: qmi dma allocation failed (7077888 B type 1), will try later with small size\nath12k_pci 0000:04:00.0: qmi delays mem_request 2\nath12k_pci 0000:04:00.0: qmi firmware request memory request\n\nLater firmware comes back with more but small segments and allocation\nsucceeds:\n\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 262144\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 524288\nath12k_pci 0000:04:00.0: qmi mem seg type 4 size 65536\nath12k_pci 0000:04:00.0: qmi mem seg type 1 size 524288\n\nNow ath12k is working. If suspend is triggered, firmware will be reloaded\nduring resume. As same as before, firmware requests two large segments at\nfirst. In ath12k_qmi_msg_mem_request_cb() segment count and size are\nassigned:\n\n\tab-\u003eqmi.mem_seg_count == 2\n\tab-\u003eqmi.target_mem[0].size == 7077888\n\tab-\u003eqmi.target_mem[1].size == 8454144\n\nThen allocation failed like before and ath12k_qmi_free_target_mem_chunk()\nis called to free all allocated segments. Note the first segment is skipped\nbecause its v.addr is cleared due to allocation failure:\n\n\tchunk-\u003ev.addr = dma_alloc_coherent()\n\nAlso note that this leaks that segment because it has not been freed.\n\nWhile freeing the second segment, a size of 8454144 is passed to\ndma_free_coherent(). However remember that this segment is allocated at\nthe first time firmware is loaded, before suspend. So its real size is\n524288, much smaller than 8454144. As a result kernel found we are freeing\nsome memory which is in use and thus cras\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40979",
"url": "https://www.suse.com/security/cve/CVE-2024-40979"
},
{
"category": "external",
"summary": "SUSE Bug 1227855 for CVE-2024-40979",
"url": "https://bugzilla.suse.com/1227855"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40979"
},
{
"cve": "CVE-2024-40998",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40998"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix uninitialized ratelimit_state-\u003elock access in __ext4_fill_super()\n\nIn the following concurrency we will access the uninitialized rs-\u003elock:\n\next4_fill_super\n ext4_register_sysfs\n // sysfs registered msg_ratelimit_interval_ms\n // Other processes modify rs-\u003einterval to\n // non-zero via msg_ratelimit_interval_ms\n ext4_orphan_cleanup\n ext4_msg(sb, KERN_INFO, \"Errors on filesystem, \"\n __ext4_msg\n ___ratelimit(\u0026(EXT4_SB(sb)-\u003es_msg_ratelimit_state)\n if (!rs-\u003einterval) // do nothing if interval is 0\n return 1;\n raw_spin_trylock_irqsave(\u0026rs-\u003elock, flags)\n raw_spin_trylock(lock)\n _raw_spin_trylock\n __raw_spin_trylock\n spin_acquire(\u0026lock-\u003edep_map, 0, 1, _RET_IP_)\n lock_acquire\n __lock_acquire\n register_lock_class\n assign_lock_key\n dump_stack();\n ratelimit_state_init(\u0026sbi-\u003es_msg_ratelimit_state, 5 * HZ, 10);\n raw_spin_lock_init(\u0026rs-\u003elock);\n // init rs-\u003elock here\n\nand get the following dump_stack:\n\n=========================================================\nINFO: trying to register non-static key.\nThe code is fine but needs lockdep annotation, or maybe\nyou didn\u0027t initialize this object before use?\nturning off the locking correctness validator.\nCPU: 12 PID: 753 Comm: mount Tainted: G E 6.7.0-rc6-next-20231222 #504\n[...]\nCall Trace:\n dump_stack_lvl+0xc5/0x170\n dump_stack+0x18/0x30\n register_lock_class+0x740/0x7c0\n __lock_acquire+0x69/0x13a0\n lock_acquire+0x120/0x450\n _raw_spin_trylock+0x98/0xd0\n ___ratelimit+0xf6/0x220\n __ext4_msg+0x7f/0x160 [ext4]\n ext4_orphan_cleanup+0x665/0x740 [ext4]\n __ext4_fill_super+0x21ea/0x2b10 [ext4]\n ext4_fill_super+0x14d/0x360 [ext4]\n[...]\n=========================================================\n\nNormally interval is 0 until s_msg_ratelimit_state is initialized, so\n___ratelimit() does nothing. But registering sysfs precedes initializing\nrs-\u003elock, so it is possible to change rs-\u003einterval to a non-zero value\nvia the msg_ratelimit_interval_ms interface of sysfs while rs-\u003elock is\nuninitialized, and then a call to ext4_msg triggers the problem by\naccessing an uninitialized rs-\u003elock. Therefore register sysfs after all\ninitializations are complete to avoid such problems.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40998",
"url": "https://www.suse.com/security/cve/CVE-2024-40998"
},
{
"category": "external",
"summary": "SUSE Bug 1227866 for CVE-2024-40998",
"url": "https://bugzilla.suse.com/1227866"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-40998"
},
{
"cve": "CVE-2024-40999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-40999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Add validation for completion descriptors consistency\n\nValidate that `first` flag is set only for the first\ndescriptor in multi-buffer packets.\nIn case of an invalid descriptor, a reset will occur.\nA new reset reason for RX data corruption has been added.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-40999",
"url": "https://www.suse.com/security/cve/CVE-2024-40999"
},
{
"category": "external",
"summary": "SUSE Bug 1227913 for CVE-2024-40999",
"url": "https://bugzilla.suse.com/1227913"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "low"
}
],
"title": "CVE-2024-40999"
},
{
"cve": "CVE-2024-41006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetrom: Fix a memory leak in nr_heartbeat_expiry()\n\nsyzbot reported a memory leak in nr_create() [0].\n\nCommit 409db27e3a2e (\"netrom: Fix use-after-free of a listening socket.\")\nadded sock_hold() to the nr_heartbeat_expiry() function, where\na) a socket has a SOCK_DESTROY flag or\nb) a listening socket has a SOCK_DEAD flag.\n\nBut in the case \"a,\" when the SOCK_DESTROY flag is set, the file descriptor\nhas already been closed and the nr_release() function has been called.\nSo it makes no sense to hold the reference count because no one will\ncall another nr_destroy_socket() and put it as in the case \"b.\"\n\nnr_connect\n nr_establish_data_link\n nr_start_heartbeat\n\nnr_release\n switch (nr-\u003estate)\n case NR_STATE_3\n nr-\u003estate = NR_STATE_2\n sock_set_flag(sk, SOCK_DESTROY);\n\n nr_rx_frame\n nr_process_rx_frame\n switch (nr-\u003estate)\n case NR_STATE_2\n nr_state2_machine()\n nr_disconnect()\n nr_sk(sk)-\u003estate = NR_STATE_0\n sock_set_flag(sk, SOCK_DEAD)\n\n nr_heartbeat_expiry\n switch (nr-\u003estate)\n case NR_STATE_0\n if (sock_flag(sk, SOCK_DESTROY) ||\n (sk-\u003esk_state == TCP_LISTEN\n \u0026\u0026 sock_flag(sk, SOCK_DEAD)))\n sock_hold() // ( !!! )\n nr_destroy_socket()\n\nTo fix the memory leak, let\u0027s call sock_hold() only for a listening socket.\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller.\n\n[0]: https://syzkaller.appspot.com/bug?extid=d327a1f3b12e1e206c16",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41006",
"url": "https://www.suse.com/security/cve/CVE-2024-41006"
},
{
"category": "external",
"summary": "SUSE Bug 1227862 for CVE-2024-41006",
"url": "https://bugzilla.suse.com/1227862"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-41006"
},
{
"cve": "CVE-2024-41011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: don\u0027t allow mapping the MMIO HDP page with large pages\n\nWe don\u0027t get the right offset in that case. The GPU has\nan unused 4K area of the register BAR space into which you can\nremap registers. We remap the HDP flush registers into this\nspace to allow userspace (CPU or GPU) to flush the HDP when it\nupdates VRAM. However, on systems with \u003e4K pages, we end up\nexposing PAGE_SIZE of MMIO space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41011",
"url": "https://www.suse.com/security/cve/CVE-2024-41011"
},
{
"category": "external",
"summary": "SUSE Bug 1228114 for CVE-2024-41011",
"url": "https://bugzilla.suse.com/1228114"
},
{
"category": "external",
"summary": "SUSE Bug 1228115 for CVE-2024-41011",
"url": "https://bugzilla.suse.com/1228115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-41011"
},
{
"cve": "CVE-2024-41013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: don\u0027t walk off the end of a directory data block\n\nThis adds sanity checks for xfs_dir2_data_unused and xfs_dir2_data_entry\nto make sure don\u0027t stray beyond valid memory region. Before patching, the\nloop simply checks that the start offset of the dup and dep is within the\nrange. So in a crafted image, if last entry is xfs_dir2_data_unused, we\ncan change dup-\u003elength to dup-\u003elength-1 and leave 1 byte of space. In the\nnext traversal, this space will be considered as dup or dep. We may\nencounter an out of bound read when accessing the fixed members.\n\nIn the patch, we make sure that the remaining bytes large enough to hold\nan unused entry before accessing xfs_dir2_data_unused and\nxfs_dir2_data_unused is XFS_DIR2_DATA_ALIGN byte aligned. We also make\nsure that the remaining bytes large enough to hold a dirent with a\nsingle-byte name before accessing xfs_dir2_data_entry.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41013",
"url": "https://www.suse.com/security/cve/CVE-2024-41013"
},
{
"category": "external",
"summary": "SUSE Bug 1228405 for CVE-2024-41013",
"url": "https://bugzilla.suse.com/1228405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-41013"
},
{
"cve": "CVE-2024-41014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: add bounds checking to xlog_recover_process_data\n\nThere is a lack of verification of the space occupied by fixed members\nof xlog_op_header in the xlog_recover_process_data.\n\nWe can create a crafted image to trigger an out of bounds read by\nfollowing these steps:\n 1) Mount an image of xfs, and do some file operations to leave records\n 2) Before umounting, copy the image for subsequent steps to simulate\n abnormal exit. Because umount will ensure that tail_blk and\n head_blk are the same, which will result in the inability to enter\n xlog_recover_process_data\n 3) Write a tool to parse and modify the copied image in step 2\n 4) Make the end of the xlog_op_header entries only 1 byte away from\n xlog_rec_header-\u003eh_size\n 5) xlog_rec_header-\u003eh_num_logops++\n 6) Modify xlog_rec_header-\u003eh_crc\n\nFix:\nAdd a check to make sure there is sufficient space to access fixed members\nof xlog_op_header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41014",
"url": "https://www.suse.com/security/cve/CVE-2024-41014"
},
{
"category": "external",
"summary": "SUSE Bug 1228408 for CVE-2024-41014",
"url": "https://bugzilla.suse.com/1228408"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-41014"
},
{
"cve": "CVE-2024-41017",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41017"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: don\u0027t walk off the end of ealist\n\nAdd a check before visiting the members of ea to\nmake sure each ea stays within the ealist.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41017",
"url": "https://www.suse.com/security/cve/CVE-2024-41017"
},
{
"category": "external",
"summary": "SUSE Bug 1228403 for CVE-2024-41017",
"url": "https://bugzilla.suse.com/1228403"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-41017"
},
{
"cve": "CVE-2024-41090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntap: add missing verification for short frame\n\nThe cited commit missed to check against the validity of the frame length\nin the tap_get_user_xdp() path, which could cause a corrupted skb to be\nsent downstack. Even before the skb is transmitted, the\ntap_get_user_xdp()--\u003eskb_set_network_header() may assume the size is more\nthan ETH_HLEN. Once transmitted, this could either cause out-of-bound\naccess beyond the actual length, or confuse the underlayer with incorrect\nor inconsistent header length in the skb metadata.\n\nIn the alternative path, tap_get_user() already prohibits short frame which\nhas the length less than Ethernet header size from being transmitted.\n\nThis is to drop any frame shorter than the Ethernet header size just like\nhow tap_get_user() does.\n\nCVE: CVE-2024-41090",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41090",
"url": "https://www.suse.com/security/cve/CVE-2024-41090"
},
{
"category": "external",
"summary": "SUSE Bug 1228328 for CVE-2024-41090",
"url": "https://bugzilla.suse.com/1228328"
},
{
"category": "external",
"summary": "SUSE Bug 1228714 for CVE-2024-41090",
"url": "https://bugzilla.suse.com/1228714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "important"
}
],
"title": "CVE-2024-41090"
},
{
"cve": "CVE-2024-41091",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-41091"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: add missing verification for short frame\n\nThe cited commit missed to check against the validity of the frame length\nin the tun_xdp_one() path, which could cause a corrupted skb to be sent\ndownstack. Even before the skb is transmitted, the\ntun_xdp_one--\u003eeth_type_trans() may access the Ethernet header although it\ncan be less than ETH_HLEN. Once transmitted, this could either cause\nout-of-bound access beyond the actual length, or confuse the underlayer\nwith incorrect or inconsistent header length in the skb metadata.\n\nIn the alternative path, tun_get_user() already prohibits short frame which\nhas the length less than Ethernet header size from being transmitted for\nIFF_TAP.\n\nThis is to drop any frame shorter than the Ethernet header size just like\nhow tun_get_user() does.\n\nCVE: CVE-2024-41091",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-41091",
"url": "https://www.suse.com/security/cve/CVE-2024-41091"
},
{
"category": "external",
"summary": "SUSE Bug 1228327 for CVE-2024-41091",
"url": "https://bugzilla.suse.com/1228327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-17.1.1.51.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-18.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-18.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-18.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-03T08:47:04Z",
"details": "moderate"
}
],
"title": "CVE-2024-41091"
}
]
}
suse-su-2024:2135-1
Vulnerability from csaf_suse
Published
2024-06-21 11:03
Modified
2024-06-21 11:03
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
- CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).
- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).
- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).
- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2024-36030: Fix the double free in rvu_npc_freemem() (bsc#1225712)
- CVE-2023-52698: Fix memory leak in netlbl_calipso_add_pass() (bsc#1224621)
- CVE-2024-26860: Fix a memory leak when rechecking the data (bsc#1223077).
- CVE-2023-52772: Fix use-after-free in unix_stream_read_actor() (bsc#1224989).
- CVE-2024-27431: Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).
- CVE-2024-35860: Support deferring bpf_link dealloc to after RCU grace period BPF link for some program types (bsc#1224531).
- CVE-2024-35964: Fix not validating setsockopt user input Check user input length before copying data (bsc#1224581).
- CVE-2023-0160: Prevent lock inversion deadlock in map delete elem (bsc#1209657).
- CVE-2024-35903: Fix IP after emitting call depth accounting Adjust the IP passed to `emit_patch` so it calculates the correct offset for the CALL instruction if `x86_call_depth_emit_accounting` emits code (bsc#1224493).
- CVE-2024-35931: Skip do PCI error slot reset during RAS recovery (bsc#1224652).
- CVE-2024-35877: Fix VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35969: Fix race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580)
- CVE-2024-35852: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that the migration ended (bsc#1224502).
- CVE-2024-36006: Fix incorrect list API usage (bsc#1224541).
- CVE-2024-36007: Fix warning during rehash (bsc#1224543).
- CVE-2024-35872: Fix GUP-fast succeeding on secretmem folios (bsc#1224530).
- CVE-2024-35956: Fix qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2023-52771: Fix delete_endpoint() vs parent unregistration race (bsc#1225007).
- CVE-2024-27408: Add sync read before starting the DMA transfer in remote setup (bsc#1224430).
- CVE-2024-35943: Add a null pointer check to the omap_prm_domain_init devm_kasprintf()returns a pointer to dynamically allocated memory which can be NULL upon failure (bsc#1224649).
- CVE-2024-35921: Fix oops when HEVC init fails (bsc#1224477).
- CVE-2023-52860: Use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process (bsc#1224936).
- CVE-2024-35991: kABI workaround for struct idxd_evl (bsc#1224553).
- CVE-2024-35854: Fix possible use-after-free during rehash (bsc#1224636).
- CVE-2024-27418: Take ownership of skb in mctp_local_output (bsc#1224720)
- CVE-2024-27417: Fix potential 'struct net' leak in inet6_rtm_getaddr() (bsc#1224721).
- CVE-2024-35905: Protect against int overflow for stack access size (bsc#1224488).
- CVE-2024-35917: Fix bpf_plt pointer arithmetic (bsc#1224481).
- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() to nsure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_values[] (bsc#1224727).
- CVE-2023-52680: Add missing error checks to *_ctl_get() because the *_ctl_get() functions which call scarlett2_update_*() were not checking the return value (bsc#1224608).
- CVE-2023-52692: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result (bsc#1224628).
- CVE-2024-35944: Fix memcpy() run-time warning in dg_dispatch_as_host() Syzkaller hit 'WARNING in dg_dispatch_as_host' bug (bsc#1224648).
- CVE-2024-26923: Suppress false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2023-52659: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (bsc#1224442).
- CVE-2024-21823: Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may have allowed an authorized user to potentially enable denial of service via local access (bsc#1223625).
- CVE-2024-26828: Fix underflow in parse_server_interfaces() (bsc#1223084).
- CVE-2024-27395: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu (bsc#1224098).
- CVE-2023-52483: Perform route lookups under a RCU read-side lock (bsc#1220738).
- CVE-2024-27396: Fix Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-26632: Fix iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).
- CVE-2024-27401: Ensure that packet_buffer_get respects the user_length provided. (bsc#1224181).
- CVE-2024-26775: Avoid potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26958: Fix UAF in direct writes (bsc#1223653).
- CVE-2024-26643: Mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allowed it to collect elements from anonymous sets with timeouts while it is being released from the commit path. (bsc#1221829).
- CVE-2023-52618: Check for unlikely string overflow (bsc#1221615).
- CVE-2023-6238: Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption (bsc#1217384).
- CVE-2024-26946: Use copy_from_kernel_nofault() to read from unsafe address Read from an unsafe address with copy_from_kernel_nofault() in arch_adjust_kprobe_addr() because this function is used before checking the address is in text or not (bsc#1223669).
- CVE-2024-26945: Fix nr_cpus nr_iaa case If nr_cpus nr_iaa, the calculated cpus_per_iaa will be 0, which causes a divide-by-0 in rebalance_wq_table() (bsc#1223732).
- CVE-2024-26679: Read sk->sk_family once in inet_recv_error() inet_recv_error() is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6_ADDRFORM socket option and trigger a KCSAN warning (bsc#1222385).
- CVE-2024-26791: Properly validate device names (bsc#1222793)
- CVE-2023-52641: Add NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)
- CVE-2024-26726: Do not drop extent_map for free space inode on write error (bsc#1222532)
- CVE-2024-27022: Defer linking file vma until vma is fully initialized (bsc#1223774).
- CVE-2024-26899: Fix deadlock between bd_link_disk_holder and partition scan (bsc#1223045).
- CVE-2024-26638: Always initialize struct msghdr completely (bsc#1221649).
- CVE-2024-26909: Fix drm bridge use-after-free A recent DRM series purporting to simplify support (bsc#1223143).
- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).
- CVE-2024-26832: Fix missing folio cleanup in writeback race path (bsc#1223007).
- CVE-2024-26844: Fix WARNING in _copy_from_iter (bsc#1223015).
- CVE-2024-26774: Avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (bsc#1222622).
- CVE-2024-26815: Properly check TCA_TAPRIO_TC_ENTRY_INDEX (bsc#1222635).
- cve-2024-267600: Fix bio_put() for error case (bsc#1222596).
- CVE-2024-26731: Fix NULL pointer dereference in sk_psock_verdict_data_ready() (bsc#1222371).
- CVE-2024-26740: Use the backlog for mirred ingress (bsc#1222563).
- CVE-2023-52640: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea (bsc#1222301).
- CVE-2023-52631: Fix a NULL dereference bug (bsc#1222264).
- CVE-2023-52458: Add check that partition length needs to be aligned with block size (bsc#1220428).
- CVE-2023-6270: Fix the potential use-after-free problem in aoecmd_cfg_pkts (bsc#1218562).
- CVE-2024-26805: Fix kernel-infoleak-after-free in __skb_datagram_iter (bsc#1222630).
- CVE-2024-26991: Do not overflow lpage_info when checking attributes (bsc#1223695).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
- CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).
- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
- CVE-2024-35869: Guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
- CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).
- CVE-2024-27036: Fixed writeback data corruption (bsc#1223810).
The following non-security bugs were fixed:
- 9p: add missing locking around taking dentry fid list (git-fixes)
- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).
- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).
- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).
- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).
- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
- ALSA: core: Remove debugfs at disconnection (git-fixes).
- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).
- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).
- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).
- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).
- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).
- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).
- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).
- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).
- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).
- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).
- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).
- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).
- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).
- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).
- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).
- ALSA: hda: clarify Copyright information (stable-fixes).
- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).
- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).
- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).
- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).
- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).
- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).
- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).
- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).
- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).
- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).
- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ALSA: seq: Do not clear bank selection at event -> UMP MIDI2 conversion (git-fixes).
- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).
- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).
- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).
- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).
- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).
- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).
- ALSA: ump: Set default protocol when not given explicitly (git-fixes).
- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).
- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).
- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).
- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).
- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).
- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).
- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).
- ASoC: Intel: avs: Set name of control as in topology (git-fixes).
- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).
- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).
- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).
- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).
- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).
- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).
- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).
- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).
- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).
- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).
- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).
- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).
- ASoC: amd: yc: Revert 'Fix non-functional mic on Lenovo 21J2' (stable-fixes).
- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).
- ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config (git-fixes).
- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).
- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt715-sdca: volume step modification (git-fixes).
- ASoC: rt715: add vendor clear control register (git-fixes).
- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).
- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).
- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).
- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).
- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).
- Add alt-commit to a nouveau patch
- Add cherry-picked id to amdgpu patch
- Add cherry-picked id to amdgpu patch (git-fixes)
- Add cherry-picked patch references to amdgpu patches
- Add reference to L3 bsc#1225765 in BPF control flow graph and precision backtrack fixes (bsc#1225756) The L3 bsc#1225765 was created seperately since our customer requires PTF.
- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).
- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).
- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).
- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).
- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).
- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).
- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).
- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: qca: fix device-address endianness (git-fixes).
- Bluetooth: qca: fix firmware check error path (git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
- Delete patches.suse/btrfs-qgroup-fix-qgroup-prealloc-rsv-leak-in-subvolu.patch. Quoting bsc#1225945#c11: 'So the upstream 6.5 kernel commit (1b53e51a4a8f ('btrfs: do not commit transaction for every subvol create') ) was never backported to SLE, so that fix eb96e221937a ('btrfs: fix unwritten extent buffer after snapshotting a new subvolume') was never backported.'
- Docs/admin-guide/mm/damon/usage: fix wrong example of DAMOS filter matching sysfs file (git-fixes).
- Drop usb gadget patch that was taken mistakenly and reverted (git-fixes)
- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).
- Edit 'amdkfd: use calloc instead of kzalloc to avoid integer overflow' Reference CVE and bug numbers.
- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_ECDSA.
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_RSA.
- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).
- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).
- Fix patches.suse/coresight-etm4x-Add-ACPI-support-in-platform-driver.patch (bsc#1218779 bsc#1220587) Put back patch hunk which where missed because file rename drivers/acpi/acpi_amba.c -> drivers/acpi/arm64/amba.c
- HID: amd_sfh: Handle 'no sensors' in PM operations (git-fixes).
- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).
- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).
- Input: imagis - use FIELD_GET where applicable (stable-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).
- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (git-fixes).
- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).
- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).
- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).
- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).
- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).
- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).
- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).
- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).
- KVM: x86/pmu: Apply 'fast' RDPMC only to Intel PMUs (git-fixes).
- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).
- KVM: x86/pmu: Disallow 'fast' RDPMC for architectural Intel PMUs (git-fixes).
- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).
- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).
- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).
- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at 'RESET' (git-fixes).
- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).
- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).
- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).
- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).
- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).
- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).
- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).
- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).
- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).
- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).
- KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP (git-fixes).
- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).
- Move out-of-tree powerpc patch to the right section
- Move the upstreamed BT fix patch to sorted section
- Move the upstreamed BT patch into sorted section
- Move upstreamed ACPI patch into sorted section
- Move upstreamed HD-audio patch into sorted section
- Move upstreamed USB fix into sorted section
- Move upstreamed media patches into sorted section
- Move upstreamed mm patches into sorted section
- Move upstreamed patches into sorted section
- Move upstreamed patches into sorted section
- Move upstreamed patches into sorted section
- Move upstreamed patches into sorted section
- Move upstreamed powerpc patches into sorted section
- Move upstreamed powerpc patches into sorted section
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).
- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).
- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).
- PCI/AER: Block runtime suspend when handling errors (stable-fixes).
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).
- PCI/DPC: Use FIELD_GET() (stable-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).
- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).
- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).
- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).
- PCI: Fix typos in docs and comments (stable-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).
- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
- PCI: hv: Fix ring buffer size calculation (git-fixes).
- PCI: qcom: Add support for sa8775p SoC (git-fixes).
- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).
- PCI: switchtec: Use normal comment style (stable-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).
- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).
- Port 'certs: Add ECDSA signature verification self-test'.
- Port 'certs: Move RSA self-test data to separate file'.
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)
- RDMA/rxe: Allow good work requests to be executed (git-fixes)
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes)
- README.BRANCH: Remove copy of branch name
- Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes).
- Refresh patches.suse/0002-PKCS-7-Check-codeSigning-EKU-for-kernel-module-and-k.patch (bsc#1222771). In preparation of enabling CONFIG_FIPS_SIGNATURE_SELFTEST, amend the missing 'usage' argument in the pkcs7_validate_trust() invocation from the PKCS#7 selftest.
- Refresh patches.suse/ASoC-SOF-Intel-mtl-Implement-firmware-boot-state-che.patch.
- Remove NTFSv3 from configs (bsc#1224429) References: bsc#1224429 comment#3 We only support fuse version of the NTFS-3g driver. Disable NTFSv3 from all configs. This was enabled in d016c04d731 ('Bump to 6.4 kernel (jsc#PED-4593)')
- Rename patches.suse/Workaround-broken-chacha-crypto-fallback.patch to patches.suse/powerpc-crypto-chacha-p10-Fix-failure-on-non-Power10.patch.
- Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
- Revert 'ASoC: SOF: Intel: hda-dai-ops: only allocate/release streams for first CPU DAI' (stable-fixes).
- Revert 'ASoC: SOF: Intel: hda-dai-ops: reset device count for SoundWire DAIs' (stable-fixes).
- Revert 'PCI/MSI: Provide IMS (Interrupt Message Store) support' (git-fixes).
- Revert 'PCI/MSI: Provide pci_ims_alloc/free_irq()' (git-fixes).
- Revert 'PCI/MSI: Provide stubs for IMS functions' (git-fixes).
- Revert 'cifs: reconnect work should have reference on server struct' (git-fixes, bsc#1225172).
- Revert 'drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()' (stable-fixes).
- Revert 'drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP displays without PSR' (stable-fixes).
- Revert 'drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices' (stable-fixes).
- Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes).
- Revert 'drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()' (stable-fixes).
- Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes).
- Revert 'iommu/amd: Enable PCI/IMS' (git-fixes).
- Revert 'iommu/vt-d: Enable PCI/IMS' (git-fixes).
- Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (git-fixes).
- Revert 'net/mlx5e: Check the number of elements before walk TC rhashtable' (git-fixes).
- Revert 'selinux: introduce an initial SID for early boot processes' (bsc#1208593) It caused a regression on ALP-current branch, kernel-obs-qa build failed.
- Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
- Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
- SEV: disable SEV-ES DebugSwap by default (git-fixes).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
- USB: core: Add hub_get() and hub_put() routines (stable-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix deadlock in port 'disable' sysfs attribute (stable-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- Update patches.suse/Bluetooth-hci_sync-Don-t-double-print-name-in-add-re.patch (bsc#1216358). Added bugzilla reference
- Update patches.suse/nvme-ensure-disabling-pairs-with-unquiesce.patch (jsc#PED-6252 jsc#PED-5728 jsc#PED-5062 jsc#PED-3535 bsc#1224534).
- Update ath11k suspend patches from the latest subsystem tree (bsc#1207948).
- Update config files. Disable N_GSM (jsc#PED-8240).
- Update patches.suse/gpio-tegra186-Fix-tegra186_gpio_is_accessible-check.patch (git-fixes bsc#1223439)
- Update patches.suse/powerpc-pseries-vas-Hold-mmap_mutex-after-mmap-lock-.patch (bsc#1012628 jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
- Update patches.suse/scsi-qedf-Don-t-process-stag-work-during-unload.patch (bsc#1214852)
- Update patches.suse/scsi-qedf-Wait-for-stag-work-during-unload.patch (bsc#1214852)
- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
- Workaround broken chacha crypto fallback (bsc#1218205).
- accel/ivpu: Fix deadlock in context_xa (git-fixes).
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).
- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).
- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).
- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)
- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)
- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184). Please note that some adjustments were needed since the upstream commit is based on kernel 6.9 which has idreg-override.c moved under arch/arm64/kernel/pi/.
- arm64: bpf: fix 32bit unconditional bswap (git-fixes).
- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)
- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)
- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)
- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)
- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)
- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)
- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).
- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
- ax25: Fix netdev refcount issue (git-fixes).
- ax25: Fix reference count leak issue of net_device (git-fixes).
- ax25: Fix reference count leak issues of ax25_dev (git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
- bitops: add missing prototype check (git-fixes).
- blacklist.conf: workqueues: system-wide nr_active enforcement patchset; not worth the risk (bsc#1225580)
- blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (bsc#1225605).
- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).
- block: fix q->blkg_list corruption during disk rebind (bsc#1223591).
- bnx2x: Fix firmware version string character counts (git-fixes).
- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).
- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).
- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).
- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).
- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).
- bpf, arm64: Fix incorrect runtime stats (git-fixes)
- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)
- bpf, scripts: Correct GPL license name (git-fixes).
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
- bpf: fix precision backtracking instruction iteration (bsc#1225756).
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)
- btrfs: add and use helper to check if block group is used (bsc#1220120).
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).
- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).
- btrfs: always clear PERTRANS metadata during commit (git-fixes)
- btrfs: always print transaction aborted messages with an error level (git-fixes)
- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).
- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).
- btrfs: assert delayed node locked when removing delayed item (git-fixes)
- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).
- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).
- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).
- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).
- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)
- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)
- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)
- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)
- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)
- btrfs: do not arbitrarily slow down delalloc if we're committing (git-fixes)
- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).
- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).
- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)
- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).
- btrfs: do not warn if discard range is not aligned to sector (git-fixes)
- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).
- btrfs: error out when COWing block using a stale transaction (git-fixes)
- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).
- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)
- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)
- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)
- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).
- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).
- btrfs: fix race when refilling delayed refs block reserve (git-fixes)
- btrfs: fix start transaction qgroup rsv double free (git-fixes)
- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).
- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes) Dropped hunk in selftests (test_case_7), 92e1229b204d6.
- btrfs: free qgroup rsv on io failure (git-fixes)
- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)
- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)
- btrfs: initialize key where it's used when running delayed data ref (bsc#1220120).
- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).
- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).
- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).
- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).
- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).
- btrfs: make error messages more clear when getting a chunk map (git-fixes)
- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).
- btrfs: make find_free_dev_extent() static (bsc#1220120).
- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).
- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).
- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).
- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).
- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)
- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).
- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)
- btrfs: print available space across all block groups when dumping space info (bsc#1220120).
- btrfs: print available space for a block group when dumping a space info (bsc#1220120).
- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).
- btrfs: print target number of bytes when dumping free space (bsc#1220120).
- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).
- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)
- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)
- btrfs: remove pointless 'ref_root' variable from run_delayed_data_ref() (bsc#1220120).
- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).
- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).
- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).
- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).
- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).
- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).
- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).
- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).
- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)
- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)
- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).
- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).
- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)
- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).
- btrfs: store the error that turned the fs into error state (bsc#1220120).
- btrfs: sysfs: validate scrub_speed_max value (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).
- btrfs: update documentation for add_new_free_space() (bsc#1220120).
- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).
- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).
- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).
- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).
- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)
- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)
- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).
- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).
- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).
- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).
- certs: Add ECDSA signature verification self-test (bsc#1222777).
- certs: Move RSA self-test data to separate file (bsc#1222777).
- cifs: Do not use certain unnecessary folio_*() functions (bsc#1225172).
- cifs: account for primary channel in the interface list (bsc#1225172).
- cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1225172).
- cifs: distribute channels across interfaces based on speed (bsc#1225172).
- cifs: do not pass cifs_sb when trying to add channels (bsc#1225172).
- cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1225172).
- cifs: fix charset issue in reconnection (bsc#1225172).
- cifs: fix leak of iface for primary channel (git-fixes, bsc#1225172).
- cifs: handle cases where a channel is closed (bsc#1225172).
- cifs: handle cases where multiple sessions share connection (bsc#1225172).
- cifs: reconnect work should have reference on server struct (bsc#1225172).
- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Get runtime PM before walking tree for clk_summary (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
- clk: Show active consumers of clocks in debugfs (stable-fixes).
- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).
- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).
- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).
- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).
- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).
- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).
- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).
- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).
- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).
- clk: rs9: fix wrong default value for clock amplitude (git-fixes).
- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).
- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).
- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).
- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)
- coresight: trbe: Allocate platform data per device (bsc#1220587)
- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)
- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).
- cpufreq: exit() callback is optional (git-fixes).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).
- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).
- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).
- crypto: qat - improve error logging to be consistent across features (git-fixes).
- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).
- crypto: qat - specify firmware files for 402xx (git-fixes).
- crypto: rsa - add a check for allocation failure (bsc#1222775).
- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).
- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).
- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).
- cxl/trace: Properly initialize cxl_poison region name (git-fixes).
- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).
- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).
- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).
- device-dax: make dax_bus_type const (jsc#PED-5853).
- dlm: fix user space lkb refcounting (git-fixes).
- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).
- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).
- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).
- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
- dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape (bsc#1219596) Also update diff context in patches.suse/dm-raid-fix-false-positive-for-requeue-needed-during-b25b.patch
- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).
- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).
- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).
- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).
- dma-mapping: benchmark: fix node id validation (git-fixes).
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- docs: Restore 'smart quotes' for quotes (stable-fixes).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).
- driver core: Introduce device_link_wait_removal() (stable-fixes).
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).
- drm/amd/display: Add dml2 copy functions (stable-fixes).
- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).
- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).
- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).
- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).
- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).
- drm/amd/display: Prevent crash when disable stream (stable-fixes).
- drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4 (stable-fixes).
- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).
- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).
- drm/amd/display: Return the correct HDCP error code (stable-fixes).
- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).
- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).
- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).
- drm/amd/display: Update odm when ODM combine is changed on an otg master pipe with no plane (stable-fixes).
- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
- drm/amd/display: fix input states translation error for dcn35 & dcn351 (stable-fixes).
- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amdgpu/display: Address kdoc for 'is_psr_su' in 'fill_dc_dirty_rects' (git-fixes).
- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).
- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes).
- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).
- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).
- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).
- drm/amdgpu: fix doorbell regression (git-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).
- drm/amdgpu: fix use-after-free bug (stable-fixes).
- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).
- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).
- drm/amdgpu: make damage clips support configurable (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu: remove invalid resource->start check v2 (git-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).
- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).
- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).
- drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: anx7625: Update audio status while detecting (git-fixes).
- drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611uxc: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
- drm/buddy: check range allocation matches alignment (stable-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
- drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/exynos: do not return negative values from .get_modes() (stable-fixes).
- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).
- drm/gma500: Remove lid code (git-fixes).
- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (git-fixes).
- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).
- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).
- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).
- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).
- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).
- drm/i915/gt: Fix CCS id's calculation for CCS mode setting (git-fixes).
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).
- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).
- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).
- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).
- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).
- drm/i915/mtl: Update workaround 14018575942 (git-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915/vrr: Generate VRR 'safe window' for DSB (git-fixes).
- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).
- drm/i915: Fix audio component initialization (git-fixes).
- drm/i915: Include the PLL name in the debug messages (stable-fixes).
- drm/i915: Pre-populate the cursor physical dma address (git-fixes).
- drm/i915: Replace a memset() with zero initialization (stable-fixes).
- drm/i915: Stop printing pipe name as hex (stable-fixes).
- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).
- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).
- drm/i915: Use named initializers for DPLL info (stable-fixes).
- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).
- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/meson: gate px_clk when setting rate (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).
- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).
- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).
- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
- drm/msm: Add newlines to some debug prints (git-fixes).
- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).
- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).
- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).
- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).
- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).
- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).
- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).
- drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).
- drm/probe-helper: warn about negative .get_modes() (stable-fixes).
- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).
- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).
- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).
- drm/radeon: silence UBSAN warning (v3) (stable-fixes).
- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).
- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).
- drm/sched: fix null-ptr-deref in init entity (git-fixes).
- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).
- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).
- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).
- drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Fix prime import/export (git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
- drm: Check output polling initialized before disabling (stable-fixes).
- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm: zynqmp_dpsub: Always register bridge (git-fixes).
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).
- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).
- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).
- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)
- ecryptfs: Reject casefold directory inodes (git-fixes)
- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).
- efi/unaccepted: touch soft lockup during memory accept (git-fixes).
- efi: disable mirror feature during crashkernel (stable-fixes).
- efi: fix panic in kdump kernel (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated (git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
- fast_dput(): handle underflows gracefully (git-fixes)
- fat: fix uninitialized field in nostale filehandles (git-fixes)
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
- fbdev: sh7760fb: allow modular build (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
- firewire: core: use long bus reset on gap count error (stable-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).
- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)
- fs: Fix error checking for d_hash_and_lookup() (git-fixes)
- fs: indicate request originates from old mount API (git-fixes)
- fs: relax mount_setattr() permission checks (git-fixes)
- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: do not unhash root (bsc#1223946).
- fuse: fix root lookup with nonzero generation (bsc#1223945).
- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).
- geneve: make sure to pull inner header in geneve_rx() (git-fixes).
- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).
- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).
- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpiolib: cdev: fix uninitialised kfifo (git-fixes).
- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).
- gpiolib: swnode: Remove wrong header inclusion (git-fixes).
- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).
- hwmon: (amc6821) add of_match table (stable-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).
- i2c: cadence: Avoid fifo clear after start (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
- i40e: Enforce software interrupt during busy-poll exit (git-fixes).
- i40e: Fix VF MAC filter removal (git-fixes).
- i40e: Fix firmware version comparison function (git-fixes).
- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).
- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).
- i40e: fix vf may be used uninitialized in this function warning (git-fixes).
- i915: make inject_virtual_interrupt() void (stable-fixes).
- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).
- ice: fix enabling RX VLAN filtering (git-fixes).
- ice: fix memory corruption bug with suspend and rebuild (git-fixes).
- ice: fix stats being updated by way too large values (git-fixes).
- ice: fix typo in assignment (git-fixes).
- ice: fix uninitialized dplls mutex usage (git-fixes).
- ice: reconfig host after changing MSI-X on VF (git-fixes).
- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).
- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).
- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).
- ida: make 'ida_dump' static (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- idpf: disable local BH when scheduling napi for marker packets (git-fixes).
- idpf: extend tx watchdog timeout (bsc#1224137).
- idpf: fix kernel panic on unknown packet types (git-fixes).
- igb: Fix missing time sync events (git-fixes).
- igb: extend PTP timestamp adjustments to i211 (git-fixes).
- igc: Fix missing time sync events (git-fixes).
- igc: Remove stale comment about Tx timestamping (git-fixes).
- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).
- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- iio: gts-helper: Fix division loop (git-fixes).
- iio: pressure: Fixes BME280 SPI driver data (git-fixes).
- iio: pressure: dps310: support negative temperature values (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- inet: frags: eliminate kernel-doc warning (git-fixes).
- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- init: open /initrd.image with O_LARGEFILE (stable-fixes).
- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).
- intel: legacy: Partial revert of field get conversion (git-fixes).
- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).
- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).
- interconnect: qcom: sm8550: Enable sync_state (git-fixes).
- io_uring: kabi cookie remove (bsc#1217384).
- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)
- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- iommu/vt-d: Fix wrong use of pasid config (git-fixes).
- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).
- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).
- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).
- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).
- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).
- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).
- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).
- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).
- ionic: set adminq irq affinity (git-fixes).
- ipv4: annotate data-races around fi->fib_dead (git-fixes).
- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).
- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).
- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).
- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).
- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register's index (stable-fixes).
- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).
- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).
- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).
- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).
- kABI fix of KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- kABI workaround for cs35l56 (git-fixes).
- kABI workaround for of driver changes (git-fixes).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).
- kabi/severities: Remove mitigation-related symbols Those are used by the core kernel to implement CPU vulnerabilities mitigation and are not expected to be consumed by 3rd party users.
- kabi/severities: ignore IMS functions They were dropped in previous patches. Noone is supposed to use them.
- kabi/severities: ignore TAS2781 symbol drop, it's only locally used
- kabi/severities: ignore Wangxun ethernet driver local symbols
- kabi/severities: ignore brcmfmac-specific local symbols
- kasan, fortify: properly rename memintrinsics (git-fixes).
- kasan/test: avoid gcc warning for intentional overflow (git-fixes).
- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).
- kasan: print the original fault addr when access invalid shadow (git-fixes).
- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-fixes).
- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).
- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- kselftest: Add a ksft_perror() helper (stable-fixes).
- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).
- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).
- libperf evlist: Avoid out-of-bounds access (git-fixes).
- libsubcmd: Fix parse-options memory leak (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)
- lsm: fix the logic in security_inode_getsecctx() (git-fixes).
- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).
- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).
- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).
- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).
- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).
- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).
- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).
- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).
- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).
- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).
- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).
- md: add a new helper rdev_has_badblock() (jsc#PED-7542).
- md: add a new helper reshape_interrupted() (jsc#PED-7542).
- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).
- md: check mddev->pers before calling md_set_readonly() (jsc#PED-7542).
- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).
- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).
- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).
- md: export helper md_is_rdwr() (jsc#PED-7542).
- md: export helpers to stop sync_thread (jsc#PED-7542).
- md: factor out a helper to sync mddev (jsc#PED-7542).
- md: fix kmemleak of rdev->serial (jsc#PED-7542).
- md: get rdev->mddev with READ_ONCE() (jsc#PED-7542).
- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).
- md: preserve KABI in struct md_personality (jsc#PED-7542).
- md: remove redundant check of 'mddev->sync_thread' (jsc#PED-7542).
- md: remove redundant md_wakeup_thread() (jsc#PED-7542).
- md: return directly before setting did_set_md_closing (jsc#PED-7542).
- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).
- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
- media: cadence: csi2rx: use match fwnode for media link (git-fixes).
- media: cec: core: remove length check of Timer Status (stable-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).
- media: ipu3-cio2: Request IRQ earlier (git-fixes).
- media: mc: Fix flags handling when creating pad links (stable-fixes).
- media: mc: Fix graph walk in media_pipeline_start (git-fixes).
- media: mc: Rename pad variable to clarify intent (stable-fixes).
- media: mc: mark the media devnode as registered from the, start (git-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).
- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).
- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).
- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).
- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mlxbf_gige: stop interface during shutdown (git-fixes).
- mlxsw: Use refcount_t for reference counting (git-fixes).
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).
- mm,page_owner: drop unnecessary check (bsc#1222366).
- mm,page_owner: fix recursion (bsc#1222366).
- mm/slab: make __free(kfree) accept error pointers (git-fixes).
- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).
- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).
- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).
- mm_init kABI workaround (git-fixes).
- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).
- mmc: omap: fix broken slot switch lookup (git-fixes).
- mmc: omap: fix deferred probe (git-fixes).
- mmc: omap: restore original power up/down steps (git-fixes).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS (stable-fixes).
- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).
- mptcp: annotate data-races around msk->rmem_fwd_alloc (git-fixes).
- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).
- mptcp: move __mptcp_error_report in protocol.c (git-fixes).
- mptcp: process pending subflow error on close (git-fixes).
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: spinand: Add support for 5-byte IDs (stable-fixes).
- net/mlx5: Correctly compare pkt reformat ids (git-fixes).
- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).
- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).
- net/mlx5: Fix fw reporter diagnose output (git-fixes).
- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).
- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).
- net/mlx5: Properly link new fs rules into the tree (git-fixes).
- net/mlx5: Register devlink first under devlink lock (git-fixes).
- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).
- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).
- net/mlx5: offset comp irq index in name by one (git-fixes).
- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).
- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).
- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).
- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).
- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).
- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).
- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).
- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).
- net/smc: fix documentation of buffer sizes (git-fixes).
- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).
- net: NSH: fix kernel-doc notation warning (git-fixes).
- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).
- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).
- net: annotate data-races around sk->sk_bind_phc (git-fixes).
- net: annotate data-races around sk->sk_forward_alloc (git-fixes).
- net: annotate data-races around sk->sk_lingertime (git-fixes).
- net: annotate data-races around sk->sk_tsflags (git-fixes).
- net: bonding: remove kernel-doc comment marker (git-fixes).
- net: cfg802154: fix kernel-doc notation warnings (git-fixes).
- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).
- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).
- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).
- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).
- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).
- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).
- net: ena: Fix incorrect descriptor free behavior (git-fixes).
- net: ena: Fix potential sign extension issue (git-fixes).
- net: ena: Move XDP code to its new files (git-fixes).
- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).
- net: ena: Remove ena_select_queue (git-fixes).
- net: ena: Set tx_info->xdpf value to NULL (git-fixes).
- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).
- net: ena: Wrong missing IO completions check order (git-fixes).
- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).
- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).
- net: fec: Set mac_managed_pm during probe (git-fixes).
- net: hns3: fix index limit to support all queue stats (git-fixes).
- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).
- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).
- net: hns3: fix port duplex configure error in IMP reset (git-fixes).
- net: hns3: fix wrong judgment condition issue (git-fixes).
- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).
- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).
- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).
- net: ks8851: Inline ks8851_rx_skb() (git-fixes).
- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).
- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).
- net: libwx: fix memory leak on free page (git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
- net: llc: fix kernel-doc notation warnings (git-fixes).
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).
- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).
- net: phy: micrel: Fix potential null pointer dereference (git-fixes).
- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).
- net: ravb: Always process TX descriptor ring (git-fixes).
- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).
- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).
- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).
- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).
- net: sparx5: flower: fix fragment flags handling (git-fixes).
- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).
- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).
- net: stmmac: fix rx queue priority assignment (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
- net: tls: fix returned read length with async decrypt (bsc#1221858).
- net: tls: fix use-after-free with partial reads and async (bsc#1221858).
- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).
- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: veth: do not manipulate GRO when using XDP (git-fixes).
- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).
- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- nf_conntrack: fix -Wunused-const-variable= (git-fixes).
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- nfp: flower: handle acti_netdevs allocation failure (git-fixes).
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).
- nfsd: Fix a regression in nfsd_setattr() (git-fixes).
- nfsd: do not call locks_release_private() twice concurrently (git-fixes).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nilfs2: fix out-of-range warning (git-fixes).
- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
- nilfs2: make superblock data array index computation sparse friendly (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- nouveau/gsp: do not check devinit disable on GSP (git-fixes).
- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).
- nouveau: fix devinit paths to only handle display on GSP (git-fixes).
- nouveau: fix function cast warning (git-fixes).
- nouveau: fix instmem race condition around ptr stores (git-fixes).
- nouveau: lock the client object tree (stable-fixes).
- nouveau: reset the bo resource bus info after an eviction (git-fixes).
- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).
- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).
- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvme-pci: Add quirk for broken MSIs (git-fixes).
- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).
- nvme: fix multipath batched completion accounting (git-fixes).
- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).++ kernel-source-azure.spec (revision 4)%define git_commit ba2f81d0ba1ad117dc6a5494a21d358f354126d7Release: <RELEASE>.gba2f81d
- nvmet: fix ns enable/disable possible hang (git-fixes).
- octeontx2-af: Add array index check (git-fixes).
- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).
- octeontx2-af: Fix devlink params (git-fixes).
- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).
- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).
- octeontx2-af: Use separate handlers for interrupts (git-fixes).
- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).
- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).
- octeontx2-pf: Use default max_active works instead of one (git-fixes).
- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).
- octeontx2-pf: check negative error code in otx2_open() (git-fixes).
- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).
- octeontx2: Detect the mbox up or down message via register (git-fixes).
- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).
- of: module: add buffer overflow check in of_modalias() (git-fixes).
- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).
- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).
- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).
- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).
- of: property: fix typo in io-channels (git-fixes).
- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).
- of: unittest: Fix compile in the non-dynamic case (git-fixes).
- overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).
- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).
- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).
- perf annotate: Get rid of duplicate --group option item (git-fixes).
- perf auxtrace: Fix multiple use of --itrace option (git-fixes).
- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).
- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).
- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).
- perf daemon: Fix file leak in daemon_session__control (git-fixes).
- perf docs: Document bpf event modifier (git-fixes).
- perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() (git-fixes).
- perf expr: Fix 'has_event' function for metric style events (git-fixes).
- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).
- perf jevents: Drop or simplify small integer values (git-fixes).
- perf list: fix short description for some cache events (git-fixes).
- perf lock contention: Add a missing NULL check (git-fixes).
- perf metric: Do not remove scale from counts (git-fixes).
- perf pmu: Count sys and cpuid JSON events separately (git fixes).
- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).
- perf pmu: Treat the msr pmu as software (git-fixes).
- perf print-events: make is_event_supported() more robust (git-fixes).
- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).
- perf record: Check conflict between '--timestamp-filename' option and pipe mode before recording (git-fixes).
- perf record: Fix debug message placement for test consumption (git-fixes).
- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).
- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).
- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).
- perf script: Show also errors for --insn-trace option (git-fixes).
- perf srcline: Add missed addr2line closes (git-fixes).
- perf stat: Avoid metric-only segv (git-fixes).
- perf stat: Do not display metric header for non-leader uncore events (git-fixes).
- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).
- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).
- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).
- perf tests: Apply attributes to all events in object code reading test (git-fixes).
- perf tests: Make 'test data symbol' more robust on Neoverse N1 (git-fixes).
- perf tests: Make data symbol test wait for perf to start (bsc#1220045).
- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).
- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).
- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).
- perf top: Uniform the event name for the hybrid machine (git-fixes).
- perf top: Use evsel's cpus to replace user_requested_cpus (git-fixes).
- perf ui browser: Avoid SEGV on title (git fixes).
- perf ui browser: Do not save pointer to stack memory (git-fixes).
- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).
- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).
- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).
- perf/x86/amd/core: Update and fix stalled-cycles-* events for Zen 2 and later (git-fixes).
- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).
- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).
- perf/x86/intel/ds: Do not clear ->pebs_data_cfg for the last PEBS event (git-fixes).
- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).
- perf/x86: Fix out of range data (git-fixes).
- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).
- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).
- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).
- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).
- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).
- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).
- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).
- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).
- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).
- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).
- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).
- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- ppdev: Add an error check in register_device (git-fixes).
- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).
- printk: Add this_cpu_in_panic() (bsc#1225607).
- printk: Adjust mapping for 32bit seq macros (bsc#1225607).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).
- printk: Consolidate console deferred printing (bsc#1225607).
- printk: Disable passing console lock owner completely during panic() (bsc#1225607).
- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).
- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).
- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).
- printk: Let no_printk() use _printk() (bsc#1225618).
- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).
- printk: Wait for all reserved records with pr_flush() (bsc#1225607).
- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).
- printk: ringbuffer: Clarify special lpos values (bsc#1225607).
- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).
- proc/kcore: do not try to access unaccepted memory (git-fixes).
- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).
- pstore: inode: Only d_invalidate() is needed (git-fixes).
- pwm: img: fix pwm clock lookup (git-fixes).
- qibfs: fix dentry leak (git-fixes)
- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).
- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).
- random: handle creditable entropy from atomic process context (git-fixes).
- regmap: Add regmap_read_bypassed() (git-fixes).
- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).
- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).
- regmap: maple: Fix uninitialized symbol 'ret' warnings (git-fixes).
- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).
- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
- regulator: tps65132: Add of_match table (stable-fixes).
- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).
- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).
- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).
- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).
- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (git-fixes).
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).
- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).
- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348).
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).
- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).
- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223593).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).
- sched-fair-Add-EAS-checks-before-updating-root_domain-overutilized.patch.
- sched-fair-Combine-EAS-check-with-overutilized-access.patch.
- sched-fair-Introduce-is_rd_overutilized-helper-function-to-access-root_domain-overutilized.patch.
- sched/balancing: Rename newidle_balance() => sched_balance_newidle() (bsc#1222173).
- sched/fair: Check root_domain::overload value before update (bsc#1222173).
- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).
- sched/psi: Select KERNFS as needed (git-fixes).
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).
- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842). Refresh: - patches.suse/lpfc-reintroduce-old-irq-probe-logic.patch
- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).
- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).
- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
- scsi: mpi3mr: Reduce stack usage in mpi3mr_refresh_sas_ports() (git-fixes).
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).
- scsi: sg: Avoid race in error handling & drop bogus warn (git-fixes).
- scsi: sg: Avoid sg device teardown race (git-fixes).
- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).
- sctp: annotate data-races around sk->sk_wmem_queued (git-fixes).
- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).
- selftests/binderfs: use the Makefile's rules, not Make's implicit rules (git-fixes).
- selftests/bpf: add edge case backtracking logic test (bsc#1225756).
- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).
- selftests/ftrace: Fix event filter target_func selection (stable-fixes).
- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).
- selftests/kcmp: remove unused open mode (git-fixes).
- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).
- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).
- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).
- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).
- selftests: default to host arch for LLVM builds (git-fixes).
- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).
- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).
- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).
- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).
- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).
- selftests: net: move amt to socat for better compatibility (git-fixes).
- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).
- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).
- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).
- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).
- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).
- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).
- selinux: avoid dereference of garbage after mount failure (git-fixes).
- selinux: introduce an initial SID for early boot processes (bsc#1208593).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).
- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).
- serial: Lock console when calling into driver before registration (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
- serial: core: only stop transmit when HW fifo is empty (git-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).
- serial: max310x: fix syntax error in IRQ error message (git-fixes).
- serial: mxs-auart: add spinlock around changing cts state (git-fixes).
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
- serial: stm32: Reset .throttled state in .startup() (git-fixes).
- series.conf: cleanup Fix subsection header to silence series_insert error.
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- smb3: show beginning time for per share stats (bsc#1225172).
- smb: client: ensure to try all targets when finding nested links (bsc#1225172).
- smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1225172).
- smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes, bsc#1225172).
- smb: client: get rid of dfs code dep in namespace.c (bsc#1225172).
- smb: client: get rid of dfs naming in automount code (bsc#1225172).
- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1225172).
- smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1225172).
- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1225172).
- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1225172).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).
- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).
- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).
- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).
- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).
- spi: fix null pointer dereference within spi_sync (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).
- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).
- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).
- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).
- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).
- staging: vc04_services: fix information leak in create_component() (git-fixes).
- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).
- stmmac: Clear variable when destroying workqueue (git-fixes).
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)
- swiotlb: use the calculated number of areas (git-fixes).
- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).
- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).
- thunderbolt: Introduce tb_port_reset() (stable-fixes).
- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).
- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).
- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).
- tls: do not skip over different type records from the rx_list (bsc#1221858).
- tls: fix peeking with sync+async decryption (bsc#1221858).
- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).
- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).
- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
- tracing: Remove precision vsnprintf() check from print event (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
- ubifs: Set page uptodate in the correct place (git-fixes).
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
- ubifs: fix sort function prototype (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc3-am62: Disable wakeup at remove (git-fixes).
- usb: dwc3-am62: Rename private data (git-fixes).
- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: dwc3: pci: Drop duplicate ID (git-fixes).
- usb: fotg210: Add missing kernel doc description (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).
- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).
- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: phy: generic: Get the vbus supply (git-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).
- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).
- usb: typec: tcpm: Update PD of Type-C port upon pd_set (git-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: typec: ucsi: Check for notifications after init (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).
- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).
- usb: typec: ucsi: always register a link to USB PD device (git-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
- usb: typec: ucsi: simplify partner's PD caps registration (git-fixes).
- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- usb: xhci-plat: Do not include xhci.h (stable-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper.
- usb: xhci: correct return value in case of STS_HCE (git-fixes).
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
- vboxsf: explicitly deny setlease attempts (stable-fixes).
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- vdpa_sim: reset must not run (git-fixes).
- veth: try harder when allocating queue memory (git-fixes).
- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).
- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).
- virtio_net: Do not send RSS key if it is not supported (git-fixes).
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- watchdog: bd9576: Drop 'always-running' property (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: ath10k: poll service ready message before failing (git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).
- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).
- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).
- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).
- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).
- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).
- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).
- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).
- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).
- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).
- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).
- wifi: iwlwifi: mvm: init vif works only once (git-fixes).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).
- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).
- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).
- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).
- wifi: iwlwifi: read txq->read_ptr under lock (stable-fixes).
- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
- wifi: mac80211: fix prep_connection error path (stable-fixes).
- wifi: mac80211: fix unaligned le16 access (git-fixes).
- wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-fixes).
- wifi: mac80211: remove link before AP (git-fixes).
- wifi: mac80211_hwsim: init peer measurement result (git-fixes).
- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).
- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).
- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).
- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).
- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).
- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).
- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).
- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).
- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).
- wireguard: netlink: access device through ctx instead of peer (git-fixes).
- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).
- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- x86/bugs: Remove default case for fully switched enums (git-fixes).
- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).
- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).
- x86/efistub: Call mixed mode boot services on the firmware's stack (git-fixes).
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).
- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).
- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- x86/nmi: Fix the inverse 'in NMI handler' check (git-fixes).
- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).
- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).
- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- x86/srso: Disentangle rethunk-dependent options (git-fixes).
- x86/srso: Fix unret validation dependencies (git-fixes).
- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).
- x86/srso: Print actual mitigation if requested mitigation isn't possible (git-fixes).
- x86/srso: Remove 'pred_cmd' label (git-fixes).
- x86/srso: Unexport untraining functions (git-fixes).
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).
- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).
- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).
- xen/events: increment refcnt only if event channel is refcounted (git-fixes).
- xen/events: modify internal [un]bind interfaces (git-fixes).
- xen/events: reduce externally visible helper functions (git-fixes).
- xen/events: remove some simple helpers from events_base.c (git-fixes).
- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).
- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).
- xfs: add lock protection when remove perag from radix tree (git-fixes).
- xfs: allow extent free intents to be retried (git-fixes).
- xfs: fix perag leak when growfs fails (git-fixes).
- xfs: force all buffers to be written during btree bulk load (git-fixes).
- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).
- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).
- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).
- xfs: transfer recovered intent item ownership in ->iop_recover (git-fixes).
- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).
- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
- xhci: add helper that checks for unhandled events on a event ring (git-fixes).
- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
- 9p: add missing locking around taking dentry fid list (git-fixes)
- accel/ivpu: Fix deadlock in context_xa (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).
- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).
- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).
- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
- ALSA: core: Remove debugfs at disconnection (git-fixes).
- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).
- ALSA: hda: clarify Copyright information (stable-fixes).
- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).
- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).
- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).
- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).
- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).
- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).
- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).
- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).
- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).
- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).
- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).
- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).
- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).
- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).
- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).
- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).
- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).
- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).
- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).
- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).
- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).
- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).
- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).
- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).
- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ALSA: seq: Do not clear bank selection at event -> UMP MIDI2 conversion (git-fixes).
- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).
- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).
- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).
- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).
- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).
- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).
- ALSA: ump: Set default protocol when not given explicitly (git-fixes).
- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).
- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).
- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).
- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).
- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)
- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).
- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).
- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).
- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).
- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).
- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).
- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184).
- arm64: bpf: fix 32bit unconditional bswap (git-fixes).
- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)
- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)
- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)
- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).
- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)
- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)
- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).
- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).
- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).
- ASoC: amd: yc: Revert 'Fix non-functional mic on Lenovo 21J2' (stable-fixes).
- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).
- ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config (git-fixes).
- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).
- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).
- ASoC: Intel: avs: Set name of control as in topology (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).
- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).
- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt715-sdca: volume step modification (git-fixes).
- ASoC: rt715: add vendor clear control register (git-fixes).
- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).
- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).
- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).
- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).
- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).
- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).
- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).
- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).
- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).
- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).
- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).
- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).
- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
- ax25: Fix netdev refcount issue (git-fixes).
- ax25: Fix reference count leak issue of net_device (git-fixes).
- ax25: Fix reference count leak issues of ax25_dev (git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
- bitops: add missing prototype check (git-fixes).
- blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (bsc#1225605).
- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).
- block: fix q->blkg_list corruption during disk rebind (bsc#1223591).
- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).
- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).
- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).
- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).
- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).
- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).
- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).
- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).
- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: qca: fix device-address endianness (git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
- Bluetooth: qca: fix firmware check error path (git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
- bnx2x: Fix firmware version string character counts (git-fixes).
- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).
- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).
- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).
- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).
- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).
- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)
- bpf, arm64: Fix incorrect runtime stats (git-fixes)
- bpf, scripts: Correct GPL license name (git-fixes).
- bpf: fix precision backtracking instruction iteration (bsc#1225756).
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)
- btrfs: add and use helper to check if block group is used (bsc#1220120).
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).
- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).
- btrfs: always clear PERTRANS metadata during commit (git-fixes)
- btrfs: always print transaction aborted messages with an error level (git-fixes)
- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).
- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).
- btrfs: assert delayed node locked when removing delayed item (git-fixes)
- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).
- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).
- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).
- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).
- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)
- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)
- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)
- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)
- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)
- btrfs: do not arbitrarily slow down delalloc if we're committing (git-fixes)
- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).
- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).
- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)
- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).
- btrfs: do not warn if discard range is not aligned to sector (git-fixes)
- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).
- btrfs: error out when COWing block using a stale transaction (git-fixes)
- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)
- btrfs: error when COWing block from a root that is being deleted (git-fixes)
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).
- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)
- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)
- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)
- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).
- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).
- btrfs: fix race when refilling delayed refs block reserve (git-fixes)
- btrfs: fix start transaction qgroup rsv double free (git-fixes)
- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).
- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes) Dropped hunk in selftests (test_case_7), 92e1229b204d6.
- btrfs: free qgroup rsv on io failure (git-fixes)
- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)
- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)
- btrfs: initialize key where it's used when running delayed data ref (bsc#1220120).
- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).
- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).
- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).
- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).
- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).
- btrfs: make error messages more clear when getting a chunk map (git-fixes)
- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).
- btrfs: make find_free_dev_extent() static (bsc#1220120).
- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).
- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).
- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).
- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).
- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)
- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).
- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)
- btrfs: print available space across all block groups when dumping space info (bsc#1220120).
- btrfs: print available space for a block group when dumping a space info (bsc#1220120).
- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).
- btrfs: print target number of bytes when dumping free space (bsc#1220120).
- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).
- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)
- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)
- btrfs: remove pointless 'ref_root' variable from run_delayed_data_ref() (bsc#1220120).
- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).
- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).
- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).
- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).
- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).
- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).
- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).
- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).
- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)
- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)
- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).
- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).
- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)
- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).
- btrfs: store the error that turned the fs into error state (bsc#1220120).
- btrfs: sysfs: validate scrub_speed_max value (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).
- btrfs: update documentation for add_new_free_space() (bsc#1220120).
- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).
- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).
- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).
- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).
- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)
- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)
- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).
- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).
- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).
- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).
- certs: Add ECDSA signature verification self-test (bsc#1222777).
- certs: Move RSA self-test data to separate file (bsc#1222777).
- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Get runtime PM before walking tree for clk_summary (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).
- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).
- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).
- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).
- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).
- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).
- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).
- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).
- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).
- clk: rs9: fix wrong default value for clock amplitude (git-fixes).
- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).
- clk: Show active consumers of clocks in debugfs (stable-fixes).
- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).
- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).
- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)
- coresight: trbe: Allocate platform data per device (bsc#1220587)
- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)
- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).
- cpufreq: exit() callback is optional (git-fixes).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).
- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).
- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).
- crypto: qat - improve error logging to be consistent across features (git-fixes).
- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).
- crypto: qat - specify firmware files for 402xx (git-fixes).
- crypto: rsa - add a check for allocation failure (bsc#1222775).
- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).
- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).
- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).
- cxl/trace: Properly initialize cxl_poison region name (git-fixes).
- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).
- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).
- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).
- device-dax: make dax_bus_type const (jsc#PED-5853).
- dlm: fix user space lkb refcounting (git-fixes).
- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).
- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).
- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).
- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).
- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).
- dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape (bsc#1219596)
- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).
- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).
- dma-mapping: benchmark: fix node id validation (git-fixes).
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- driver core: Introduce device_link_wait_removal() (stable-fixes).
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
- drm: Check output polling initialized before disabling (stable-fixes).
- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm: zynqmp_dpsub: Always register bridge (git-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).
- drm/amd/display: Add dml2 copy functions (stable-fixes).
- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).
- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).
- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).
- drm/amd/display: fix input states translation error for dcn35 & dcn351 (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).
- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).
- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).
- drm/amd/display: Prevent crash when disable stream (stable-fixes).
- drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4 (stable-fixes).
- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).
- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).
- drm/amd/display: Return the correct HDCP error code (stable-fixes).
- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).
- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).
- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).
- drm/amd/display: Update odm when ODM combine is changed on an otg master pipe with no plane (stable-fixes).
- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).
- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).
- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes).
- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).
- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).
- drm/amdgpu: fix doorbell regression (git-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).
- drm/amdgpu: fix use-after-free bug (stable-fixes).
- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).
- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).
- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).
- drm/amdgpu: make damage clips support configurable (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- drm/amdgpu: remove invalid resource->start check v2 (git-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
- drm/amdgpu/display: Address kdoc for 'is_psr_su' in 'fill_dc_dirty_rects' (git-fixes).
- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).
- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).
- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: anx7625: Update audio status while detecting (git-fixes).
- drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).
- drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611uxc: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
- drm/buddy: check range allocation matches alignment (stable-fixes).
- drm/ci: update device type for volteer devices (git-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
- drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/exynos: do not return negative values from .get_modes() (stable-fixes).
- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).
- drm/gma500: Remove lid code (git-fixes).
- drm/i915: Disable live M/N updates when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).
- drm/i915: Fix audio component initialization (git-fixes).
- drm/i915: Include the PLL name in the debug messages (stable-fixes).
- drm/i915: Pre-populate the cursor physical dma address (git-fixes).
- drm/i915: Replace a memset() with zero initialization (stable-fixes).
- drm/i915: Stop printing pipe name as hex (stable-fixes).
- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).
- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).
- drm/i915: Use named initializers for DPLL info (stable-fixes).
- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (git-fixes).
- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).
- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).
- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).
- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).
- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).
- drm/i915/gt: Fix CCS id's calculation for CCS mode setting (git-fixes).
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).
- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).
- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).
- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).
- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).
- drm/i915/mtl: Update workaround 14018575942 (git-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915/vrr: Generate VRR 'safe window' for DSB (git-fixes).
- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).
- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/meson: gate px_clk when setting rate (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
- drm/msm: Add newlines to some debug prints (git-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).
- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).
- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).
- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).
- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).
- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).
- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).
- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).
- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).
- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).
- drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).
- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).
- drm/probe-helper: warn about negative .get_modes() (stable-fixes).
- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).
- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).
- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).
- drm/radeon: silence UBSAN warning (v3) (stable-fixes).
- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).
- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).
- drm/sched: fix null-ptr-deref in init entity (git-fixes).
- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).
- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).
- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).
- drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).
- drm/vmwgfx: Fix prime import/export (git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).
- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).
- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).
- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)
- ecryptfs: Reject casefold directory inodes (git-fixes)
- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).
- efi: disable mirror feature during crashkernel (stable-fixes).
- efi: fix panic in kdump kernel (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated (git-fixes).
- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).
- efi/unaccepted: touch soft lockup during memory accept (git-fixes).
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
- fast_dput(): handle underflows gracefully (git-fixes)
- fat: fix uninitialized field in nostale filehandles (git-fixes)
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
- fbdev: sh7760fb: allow modular build (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
- firewire: core: use long bus reset on gap count error (stable-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).
- fs: Fix error checking for d_hash_and_lookup() (git-fixes)
- fs: indicate request originates from old mount API (git-fixes)
- fs: relax mount_setattr() permission checks (git-fixes)
- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)
- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: do not unhash root (bsc#1223946).
- fuse: fix root lookup with nonzero generation (bsc#1223945).
- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).
- geneve: make sure to pull inner header in geneve_rx() (git-fixes).
- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).
- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).
- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpiolib: cdev: fix uninitialised kfifo (git-fixes).
- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).
- gpiolib: swnode: Remove wrong header inclusion (git-fixes).
- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).
- HID: amd_sfh: Handle 'no sensors' in PM operations (git-fixes).
- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).
- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).
- hwmon: (amc6821) add of_match table (stable-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).
- i2c: acpi: Unbind mux adapters before delete (git-fixes).
- i2c: cadence: Avoid fifo clear after start (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).
- i40e: Enforce software interrupt during busy-poll exit (git-fixes).
- i40e: Fix firmware version comparison function (git-fixes).
- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).
- i40e: Fix VF MAC filter removal (git-fixes).
- i40e: fix vf may be used uninitialized in this function warning (git-fixes).
- i915: make inject_virtual_interrupt() void (stable-fixes).
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- ice: fix enabling RX VLAN filtering (git-fixes).
- ice: fix memory corruption bug with suspend and rebuild (git-fixes).
- ice: fix stats being updated by way too large values (git-fixes).
- ice: fix typo in assignment (git-fixes).
- ice: fix uninitialized dplls mutex usage (git-fixes).
- ice: reconfig host after changing MSI-X on VF (git-fixes).
- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).
- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).
- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).
- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).
- ida: make 'ida_dump' static (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- idpf: disable local BH when scheduling napi for marker packets (git-fixes).
- idpf: extend tx watchdog timeout (bsc#1224137).
- idpf: fix kernel panic on unknown packet types (git-fixes).
- igb: extend PTP timestamp adjustments to i211 (git-fixes).
- igb: Fix missing time sync events (git-fixes).
- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).
- igc: Fix missing time sync events (git-fixes).
- igc: Remove stale comment about Tx timestamping (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).
- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- iio: gts-helper: Fix division loop (git-fixes).
- iio: pressure: dps310: support negative temperature values (git-fixes).
- iio: pressure: Fixes BME280 SPI driver data (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).
- inet: frags: eliminate kernel-doc warning (git-fixes).
- init: open /initrd.image with O_LARGEFILE (stable-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- Input: allocate keycode for Display refresh rate toggle (stable-fixes).
- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).
- Input: imagis - use FIELD_GET where applicable (stable-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).
- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).
- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).
- intel: legacy: Partial revert of field get conversion (git-fixes).
- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).
- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).
- interconnect: qcom: sm8550: Enable sync_state (git-fixes).
- io_uring: kabi cookie remove (bsc#1217384).
- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)
- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).
- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- iommu/vt-d: Fix wrong use of pasid config (git-fixes).
- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).
- iommu/vt-d: Update iotlb in nested domain attach (git-fixes).
- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).
- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).
- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).
- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).
- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).
- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).
- ionic: set adminq irq affinity (git-fixes).
- ipv4: annotate data-races around fi->fib_dead (git-fixes).
- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).
- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).
- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).
- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).
- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register's index (stable-fixes).
- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).
- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).
- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).
- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
- kabi/severities: ignore brcmfmac-specific local symbols
- kabi/severities: ignore IMS functions They were dropped in previous patches. Noone is supposed to use them.
- kabi/severities: ignore TAS2781 symbol drop, it's only locally used
- kabi/severities: ignore Wangxun ethernet driver local symbols
- kabi/severities: Remove mitigation-related symbols Those are used by the core kernel to implement CPU vulnerabilities mitigation and are not expected to be consumed by 3rd party users.
- kasan, fortify: properly rename memintrinsics (git-fixes).
- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).
- kasan: print the original fault addr when access invalid shadow (git-fixes).
- kasan/test: avoid gcc warning for intentional overflow (git-fixes).
- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- kselftest: Add a ksft_perror() helper (stable-fixes).
- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).
- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).
- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (git-fixes).
- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).
- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).
- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).
- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).
- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).
- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).
- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).
- KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP (git-fixes).
- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).
- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).
- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).
- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).
- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).
- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).
- KVM: x86/pmu: Apply 'fast' RDPMC only to Intel PMUs (git-fixes).
- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).
- KVM: x86/pmu: Disallow 'fast' RDPMC for architectural Intel PMUs (git-fixes).
- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).
- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).
- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).
- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at 'RESET' (git-fixes).
- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).
- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).
- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).
- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).
- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).
- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).
- libsubcmd: Fix parse-options memory leak (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)
- lsm: fix the logic in security_inode_getsecctx() (git-fixes).
- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).
- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).
- md: add a new helper rdev_has_badblock() (jsc#PED-7542).
- md: add a new helper reshape_interrupted() (jsc#PED-7542).
- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).
- md: check mddev->pers before calling md_set_readonly() (jsc#PED-7542).
- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).
- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).
- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).
- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).
- md: export helper md_is_rdwr() (jsc#PED-7542).
- md: export helpers to stop sync_thread (jsc#PED-7542).
- md: factor out a helper to sync mddev (jsc#PED-7542).
- md: fix kmemleak of rdev->serial (jsc#PED-7542).
- md: get rdev->mddev with READ_ONCE() (jsc#PED-7542).
- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).
- md: preserve KABI in struct md_personality (jsc#PED-7542).
- md: remove redundant check of 'mddev->sync_thread' (jsc#PED-7542).
- md: remove redundant md_wakeup_thread() (jsc#PED-7542).
- md: return directly before setting did_set_md_closing (jsc#PED-7542).
- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).
- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).
- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).
- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).
- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).
- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).
- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).
- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).
- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).
- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
- media: cadence: csi2rx: use match fwnode for media link (git-fixes).
- media: cec: core: remove length check of Timer Status (stable-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).
- media: ipu3-cio2: Request IRQ earlier (git-fixes).
- media: mc: Fix flags handling when creating pad links (stable-fixes).
- media: mc: Fix graph walk in media_pipeline_start (git-fixes).
- media: mc: mark the media devnode as registered from the, start (git-fixes).
- media: mc: Rename pad variable to clarify intent (stable-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).
- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).
- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).
- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).
- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).
- mlxbf_gige: stop interface during shutdown (git-fixes).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mlxsw: Use refcount_t for reference counting (git-fixes).
- mm_init kABI workaround (git-fixes).
- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- mm,page_owner: drop unnecessary check (bsc#1222366).
- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- mm,page_owner: fix recursion (bsc#1222366).
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).
- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).
- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).
- mm/slab: make __free(kfree) accept error pointers (git-fixes).
- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).
- mmc: omap: fix broken slot switch lookup (git-fixes).
- mmc: omap: fix deferred probe (git-fixes).
- mmc: omap: restore original power up/down steps (git-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).
- modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS (stable-fixes).
- mptcp: annotate data-races around msk->rmem_fwd_alloc (git-fixes).
- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).
- mptcp: move __mptcp_error_report in protocol.c (git-fixes).
- mptcp: process pending subflow error on close (git-fixes).
- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: spinand: Add support for 5-byte IDs (stable-fixes).
- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).
- net: annotate data-races around sk->sk_bind_phc (git-fixes).
- net: annotate data-races around sk->sk_forward_alloc (git-fixes).
- net: annotate data-races around sk->sk_lingertime (git-fixes).
- net: annotate data-races around sk->sk_tsflags (git-fixes).
- net: bonding: remove kernel-doc comment marker (git-fixes).
- net: cfg802154: fix kernel-doc notation warnings (git-fixes).
- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).
- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).
- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).
- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).
- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).
- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).
- net: ena: Fix incorrect descriptor free behavior (git-fixes).
- net: ena: Fix potential sign extension issue (git-fixes).
- net: ena: Move XDP code to its new files (git-fixes).
- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).
- net: ena: Remove ena_select_queue (git-fixes).
- net: ena: Set tx_info->xdpf value to NULL (git-fixes).
- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).
- net: ena: Wrong missing IO completions check order (git-fixes).
- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).
- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).
- net: fec: Set mac_managed_pm during probe (git-fixes).
- net: hns3: fix index limit to support all queue stats (git-fixes).
- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).
- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).
- net: hns3: fix port duplex configure error in IMP reset (git-fixes).
- net: hns3: fix wrong judgment condition issue (git-fixes).
- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).
- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).
- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).
- net: ks8851: Inline ks8851_rx_skb() (git-fixes).
- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).
- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).
- net: libwx: fix memory leak on free page (git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
- net: llc: fix kernel-doc notation warnings (git-fixes).
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- net: NSH: fix kernel-doc notation warning (git-fixes).
- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).
- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).
- net: phy: micrel: Fix potential null pointer dereference (git-fixes).
- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).
- net: ravb: Always process TX descriptor ring (git-fixes).
- net: ravb: Always update error counters (git-fixes).
- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).
- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).
- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).
- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).
- net: sparx5: flower: fix fragment flags handling (git-fixes).
- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).
- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).
- net: stmmac: fix rx queue priority assignment (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
- net: tls: fix returned read length with async decrypt (bsc#1221858).
- net: tls: fix use-after-free with partial reads and async (bsc#1221858).
- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).
- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).
- net: veth: do not manipulate GRO when using XDP (git-fixes).
- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- net/mlx5: Correctly compare pkt reformat ids (git-fixes).
- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).
- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).
- net/mlx5: Fix fw reporter diagnose output (git-fixes).
- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).
- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).
- net/mlx5: offset comp irq index in name by one (git-fixes).
- net/mlx5: Properly link new fs rules into the tree (git-fixes).
- net/mlx5: Register devlink first under devlink lock (git-fixes).
- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).
- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).
- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).
- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).
- net/mlx5e: Fix MACsec state loss upon state update in offload path (git-fixes).
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).
- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).
- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).
- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).
- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).
- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).
- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).
- net/smc: fix documentation of buffer sizes (git-fixes).
- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).
- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).
- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- nf_conntrack: fix -Wunused-const-variable= (git-fixes).
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- nfp: flower: handle acti_netdevs allocation failure (git-fixes).
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).
- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).
- nfsd: do not call locks_release_private() twice concurrently (git-fixes).
- nfsd: Fix a regression in nfsd_setattr() (git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nilfs2: fix out-of-range warning (git-fixes).
- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
- nilfs2: make superblock data array index computation sparse friendly (git-fixes).
- nouveau: fix devinit paths to only handle display on GSP (git-fixes).
- nouveau: fix function cast warning (git-fixes).
- nouveau: fix instmem race condition around ptr stores (git-fixes).
- nouveau: lock the client object tree (stable-fixes).
- nouveau: reset the bo resource bus info after an eviction (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- nouveau/gsp: do not check devinit disable on GSP (git-fixes).
- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).
- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).
- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).
- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvme-pci: Add quirk for broken MSIs (git-fixes).
- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).
- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- octeontx2-af: Add array index check (git-fixes).
- octeontx2-af: Fix devlink params (git-fixes).
- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).
- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).
- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).
- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).
- octeontx2-af: Use separate handlers for interrupts (git-fixes).
- octeontx2-pf: check negative error code in otx2_open() (git-fixes).
- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).
- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).
- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).
- octeontx2-pf: Use default max_active works instead of one (git-fixes).
- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).
- octeontx2: Detect the mbox up or down message via register (git-fixes).
- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).
- of: module: add buffer overflow check in of_modalias() (git-fixes).
- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).
- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).
- of: property: fix typo in io-channels (git-fixes).
- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).
- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).
- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).
- of: unittest: Fix compile in the non-dynamic case (git-fixes).
- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).
- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).
- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).
- PCI: Fix typos in docs and comments (stable-fixes).
- PCI: hv: Fix ring buffer size calculation (git-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- PCI: qcom: Add support for sa8775p SoC (git-fixes).
- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).
- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).
- PCI: switchtec: Use normal comment style (stable-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- PCI/AER: Block runtime suspend when handling errors (stable-fixes).
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).
- PCI/DPC: Use FIELD_GET() (stable-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).
- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).
- perf tests: Make data symbol test wait for perf to start (bsc#1220045).
- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).
- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).
- perf/x86/amd/core: Update and fix stalled-cycles-* events for Zen 2 and later (git-fixes).
- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).
- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).
- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).
- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).
- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).
- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).
- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).
- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).
- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).
- platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).
- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).
- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).
- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).
- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).
- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).
- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- ppdev: Add an error check in register_device (git-fixes).
- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).
- printk: Add this_cpu_in_panic() (bsc#1225607).
- printk: Adjust mapping for 32bit seq macros (bsc#1225607).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).
- printk: Consolidate console deferred printing (bsc#1225607).
- printk: Disable passing console lock owner completely during panic() (bsc#1225607).
- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).
- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).
- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).
- printk: Let no_printk() use _printk() (bsc#1225618).
- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).
- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).
- printk: ringbuffer: Clarify special lpos values (bsc#1225607).
- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).
- printk: Wait for all reserved records with pr_flush() (bsc#1225607).
- proc/kcore: do not try to access unaccepted memory (git-fixes).
- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).
- pstore: inode: Only d_invalidate() is needed (git-fixes).
- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
- pwm: img: fix pwm clock lookup (git-fixes).
- qibfs: fix dentry leak (git-fixes)
- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).
- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).
- random: handle creditable entropy from atomic process context (git-fixes).
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)
- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)
- RDMA/rxe: Allow good work requests to be executed (git-fixes)
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes)
- regmap: Add regmap_read_bypassed() (git-fixes).
- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).
- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).
- regmap: maple: Fix uninitialized symbol 'ret' warnings (git-fixes).
- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).
- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
- regulator: tps65132: Add of_match table (stable-fixes).
- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).
- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).
- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).
- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).
- Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
- Revert 'ASoC: SOF: Intel: hda-dai-ops: only allocate/release streams for first CPU DAI' (stable-fixes).
- Revert 'ASoC: SOF: Intel: hda-dai-ops: reset device count for SoundWire DAIs' (stable-fixes).
- Revert 'drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()' (stable-fixes).
- Revert 'drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP displays without PSR' (stable-fixes).
- Revert 'drm/amd/display: fix USB-C flag update after enc10 feature init' (stable-fixes).
- Revert 'drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices' (stable-fixes).
- Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes).
- Revert 'drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()' (stable-fixes).
- Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes).
- Revert 'iommu/amd: Enable PCI/IMS' (git-fixes).
- Revert 'iommu/vt-d: Enable PCI/IMS' (git-fixes).
- Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (git-fixes).
- Revert 'net/mlx5e: Check the number of elements before walk TC rhashtable' (git-fixes).
- Revert 'PCI/MSI: Provide IMS (Interrupt Message Store) support' (git-fixes).
- Revert 'PCI/MSI: Provide pci_ims_alloc/free_irq()' (git-fixes).
- Revert 'PCI/MSI: Provide stubs for IMS functions' (git-fixes).
- Revert 'selinux: introduce an initial SID for early boot processes' (bsc#1208593) It caused a regression on ALP-current branch, kernel-obs-qa build failed.
- Revert 'thermal: core: Do not update trip points inside the hysteresis range' (git-fixes).
- Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
- Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (git-fixes).
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
- ring-buffer: Only update pages_touched when a new page is touched (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).
- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).
- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).
- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348).
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).
- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).
- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223593).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).
- sched/balancing: Rename newidle_balance() => sched_balance_newidle() (bsc#1222173).
- sched/fair: Check root_domain::overload value before update (bsc#1222173).
- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).
- sched/psi: Select KERNFS as needed (git-fixes).
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).
- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
- scsi: mpi3mr: Reduce stack usage in mpi3mr_refresh_sas_ports() (git-fixes).
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).
- scsi: sg: Avoid race in error handling & drop bogus warn (git-fixes).
- scsi: sg: Avoid sg device teardown race (git-fixes).
- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).
- sctp: annotate data-races around sk->sk_wmem_queued (git-fixes).
- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).
- selftests: default to host arch for LLVM builds (git-fixes).
- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).
- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).
- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).
- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).
- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).
- selftests: net: move amt to socat for better compatibility (git-fixes).
- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).
- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).
- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).
- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).
- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).
- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).
- selftests/binderfs: use the Makefile's rules, not Make's implicit rules (git-fixes).
- selftests/bpf: add edge case backtracking logic test (bsc#1225756).
- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).
- selftests/ftrace: Fix event filter target_func selection (stable-fixes).
- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).
- selftests/kcmp: remove unused open mode (git-fixes).
- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).
- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).
- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).
- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).
- selinux: avoid dereference of garbage after mount failure (git-fixes).
- selinux: introduce an initial SID for early boot processes (bsc#1208593).
- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).
- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
- serial: core: only stop transmit when HW fifo is empty (git-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
- serial: Lock console when calling into driver before registration (git-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
- serial: max3100: Update uart_driver_registered on driver removal (git-fixes).
- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).
- serial: max310x: fix syntax error in IRQ error message (git-fixes).
- serial: mxs-auart: add spinlock around changing cts state (git-fixes).
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
- serial: stm32: Reset .throttled state in .startup() (git-fixes).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
- SEV: disable SEV-ES DebugSwap by default (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).
- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).
- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).
- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).
- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).
- spi: fix null pointer dereference within spi_sync (git-fixes).
- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).
- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).
- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).
- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).
- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).
- staging: vc04_services: fix information leak in create_component() (git-fixes).
- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).
- stmmac: Clear variable when destroying workqueue (git-fixes).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- swiotlb: use the calculated number of areas (git-fixes).
- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).
- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).
- thunderbolt: Introduce tb_port_reset() (stable-fixes).
- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).
- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).
- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).
- tls: do not skip over different type records from the rx_list (bsc#1221858).
- tls: fix peeking with sync+async decryption (bsc#1221858).
- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).
- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).
- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tracing: Remove precision vsnprintf() check from print event (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
- ubifs: fix sort function prototype (git-fixes).
- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
- ubifs: Set page uptodate in the correct place (git-fixes).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- USB: core: Add hub_get() and hub_put() routines (stable-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix deadlock in port 'disable' sysfs attribute (stable-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc3-am62: Disable wakeup at remove (git-fixes).
- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).
- usb: dwc3-am62: Rename private data (git-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: dwc3: pci: Drop duplicate ID (git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).
- usb: fotg210: Add missing kernel doc description (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).
- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).
- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: phy: generic: Get the vbus supply (git-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).
- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).
- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).
- usb: typec: tcpm: Update PD of Type-C port upon pd_set (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: typec: ucsi: always register a link to USB PD device (git-fixes).
- usb: typec: ucsi: Check for notifications after init (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).
- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).
- usb: typec: ucsi: simplify partner's PD caps registration (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- usb: xhci-plat: Do not include xhci.h (stable-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
- usb: xhci: correct return value in case of STS_HCE (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper.
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
- vboxsf: explicitly deny setlease attempts (stable-fixes).
- vdpa_sim: reset must not run (git-fixes).
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- veth: try harder when allocating queue memory (git-fixes).
- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).
- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
- virtio_net: Do not send RSS key if it is not supported (git-fixes).
- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).
- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- watchdog: bd9576: Drop 'always-running' property (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: ath10k: poll service ready message before failing (git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).
- wifi: ath12k: Update Qualcomm Innovation Center, Inc. copyrights (stable-fixes).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).
- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).
- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).
- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).
- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).
- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).
- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).
- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).
- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).
- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).
- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).
- wifi: iwlwifi: mvm: init vif works only once (git-fixes).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).
- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).
- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).
- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).
- wifi: iwlwifi: read txq->read_ptr under lock (stable-fixes).
- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).
- wifi: mac80211_hwsim: init peer measurement result (git-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
- wifi: mac80211: fix prep_connection error path (stable-fixes).
- wifi: mac80211: fix unaligned le16 access (git-fixes).
- wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-fixes).
- wifi: mac80211: remove link before AP (git-fixes).
- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).
- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).
- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).
- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).
- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).
- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).
- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).
- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).
- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).
- wireguard: netlink: access device through ctx instead of peer (git-fixes).
- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).
- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- x86/bugs: Remove default case for fully switched enums (git-fixes).
- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).
- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).
- x86/efistub: Call mixed mode boot services on the firmware's stack (git-fixes).
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).
- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).
- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- x86/nmi: Fix the inverse 'in NMI handler' check (git-fixes).
- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).
- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).
- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- x86/srso: Disentangle rethunk-dependent options (git-fixes).
- x86/srso: Fix unret validation dependencies (git-fixes).
- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).
- x86/srso: Print actual mitigation if requested mitigation isn't possible (git-fixes).
- x86/srso: Remove 'pred_cmd' label (git-fixes).
- x86/srso: Unexport untraining functions (git-fixes).
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).
- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).
- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).
- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).
- xen/events: increment refcnt only if event channel is refcounted (git-fixes).
- xen/events: modify internal [un]bind interfaces (git-fixes).
- xen/events: reduce externally visible helper functions (git-fixes).
- xen/events: remove some simple helpers from events_base.c (git-fixes).
- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).
- xfs: add lock protection when remove perag from radix tree (git-fixes).
- xfs: allow extent free intents to be retried (git-fixes).
- xfs: fix perag leak when growfs fails (git-fixes).
- xfs: force all buffers to be written during btree bulk load (git-fixes).
- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).
- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).
- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).
- xfs: transfer recovered intent item ownership in ->iop_recover (git-fixes).
- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).
- xhci: add helper that checks for unhandled events on a event ring (git-fixes).
- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).
- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
- xhci: update event ring dequeue pointer position to controller correctly (git-fixes). Altered because we cannot take the multiple interrupter code
Patchnames
SUSE-2024-2135,SUSE-SLE-Module-Public-Cloud-15-SP6-2024-2135,openSUSE-SLE-15.6-2024-2135
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).\n- CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).\n- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).\n- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).\n- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).\n- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).\n- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).\n- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).\n- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).\n- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).\n- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).\n- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).\n- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).\n- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).\n- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).\n- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).\n- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).\n- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).\n- CVE-2024-26906: Disallowed vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).\n- CVE-2024-26816: Ignore relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).\n- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).\n- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).\n- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).\n- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).\n- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).\n- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).\n- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).\n- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).\n- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).\n- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).\n- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).\n- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).\n- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).\n- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).\n- CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via directory renaming (bsc#1221044).\n- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).\n- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).\n- CVE-2024-26614: Fixed the initialization of accept_queue\u0027s spinlocks (bsc#1221293).\n- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).\n- CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562).\n- CVE-2024-36030: Fix the double free in rvu_npc_freemem() (bsc#1225712)\n- CVE-2023-52698: Fix memory leak in netlbl_calipso_add_pass() (bsc#1224621)\n- CVE-2024-26860: Fix a memory leak when rechecking the data (bsc#1223077).\n- CVE-2023-52772: Fix use-after-free in unix_stream_read_actor() (bsc#1224989).\n- CVE-2024-27431: Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).\n- CVE-2024-35860: Support deferring bpf_link dealloc to after RCU grace period BPF link for some program types (bsc#1224531).\n- CVE-2024-35964: Fix not validating setsockopt user input Check user input length before copying data (bsc#1224581).\n- CVE-2023-0160: Prevent lock inversion deadlock in map delete elem (bsc#1209657).\n- CVE-2024-35903: Fix IP after emitting call depth accounting Adjust the IP passed to `emit_patch` so it calculates the correct offset for the CALL instruction if `x86_call_depth_emit_accounting` emits code (bsc#1224493).\n- CVE-2024-35931: Skip do PCI error slot reset during RAS recovery (bsc#1224652).\n- CVE-2024-35877: Fix VM_PAT handling in COW mappings (bsc#1224525).\n- CVE-2024-35969: Fix race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580)\n- CVE-2024-35852: Fix memory leak when canceling rehash work The rehash delayed work is rescheduled with a delay if the number of credits at end of the work is not negative as supposedly it means that the migration ended (bsc#1224502).\n- CVE-2024-36006: Fix incorrect list API usage (bsc#1224541).\n- CVE-2024-36007: Fix warning during rehash (bsc#1224543).\n- CVE-2024-35872: Fix GUP-fast succeeding on secretmem folios (bsc#1224530).\n- CVE-2024-35956: Fix qgroup prealloc rsv leak in subvolume operations (bsc#1224674)\n- CVE-2023-52771: Fix delete_endpoint() vs parent unregistration race (bsc#1225007).\n- CVE-2024-27408: Add sync read before starting the DMA transfer in remote setup (bsc#1224430).\n- CVE-2024-35943: Add a null pointer check to the omap_prm_domain_init devm_kasprintf()returns a pointer to dynamically allocated memory which can be NULL upon failure (bsc#1224649).\n- CVE-2024-35921: Fix oops when HEVC init fails (bsc#1224477).\n- CVE-2023-52860: Use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process (bsc#1224936).\n- CVE-2024-35991: kABI workaround for struct idxd_evl (bsc#1224553).\n- CVE-2024-35854: Fix possible use-after-free during rehash (bsc#1224636).\n- CVE-2024-27418: Take ownership of skb in mctp_local_output (bsc#1224720)\n- CVE-2024-27417: Fix potential \u0027struct net\u0027 leak in inet6_rtm_getaddr() (bsc#1224721).\n- CVE-2024-35905: Protect against int overflow for stack access size (bsc#1224488).\n- CVE-2024-35917: Fix bpf_plt pointer arithmetic (bsc#1224481).\n- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() to nsure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don\u0027t attempt to access outside scarlett2_mixer_values[] (bsc#1224727).\n- CVE-2023-52680: Add missing error checks to *_ctl_get() because the *_ctl_get() functions which call scarlett2_update_*() were not checking the return value (bsc#1224608).\n- CVE-2023-52692: Add missing error check to scarlett2_usb_set_config() scarlett2_usb_set_config() calls scarlett2_usb_get() but was not checking the result (bsc#1224628).\n- CVE-2024-35944: Fix memcpy() run-time warning in dg_dispatch_as_host() Syzkaller hit \u0027WARNING in dg_dispatch_as_host\u0027 bug (bsc#1224648).\n- CVE-2024-26923: Suppress false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).\n- CVE-2023-52659: Ensure input to pfn_to_kaddr() is treated as a 64-bit type (bsc#1224442).\n- CVE-2024-21823: Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may have allowed an authorized user to potentially enable denial of service via local access (bsc#1223625).\n- CVE-2024-26828: Fix underflow in parse_server_interfaces() (bsc#1223084).\n- CVE-2024-27395: Fix Use-After-Free in ovs_ct_exit Since kfree_rcu (bsc#1224098).\n- CVE-2023-52483: Perform route lookups under a RCU read-side lock (bsc#1220738).\n- CVE-2024-27396: Fix Use-After-Free in gtp_dellink (bsc#1224096).\n- CVE-2024-26632: Fix iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).\n- CVE-2024-27401: Ensure that packet_buffer_get respects the user_length provided. (bsc#1224181).\n- CVE-2024-26775: Avoid potential deadlock at set_capacity (bsc#1222627).\n- CVE-2024-26958: Fix UAF in direct writes (bsc#1223653).\n- CVE-2024-26643: Mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allowed it to collect elements from anonymous sets with timeouts while it is being released from the commit path. (bsc#1221829).\n- CVE-2023-52618: Check for unlikely string overflow (bsc#1221615).\n- CVE-2023-6238: Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption (bsc#1217384).\n- CVE-2024-26946: Use copy_from_kernel_nofault() to read from unsafe address Read from an unsafe address with copy_from_kernel_nofault() in arch_adjust_kprobe_addr() because this function is used before checking the address is in text or not (bsc#1223669).\n- CVE-2024-26945: Fix nr_cpus nr_iaa case If nr_cpus nr_iaa, the calculated cpus_per_iaa will be 0, which causes a divide-by-0 in rebalance_wq_table() (bsc#1223732).\n- CVE-2024-26679: Read sk-\u003esk_family once in inet_recv_error() inet_recv_error() is called without holding the socket lock. IPv6 socket could mutate to IPv4 with IPV6_ADDRFORM socket option and trigger a KCSAN warning (bsc#1222385).\n- CVE-2024-26791: Properly validate device names (bsc#1222793)\n- CVE-2023-52641: Add NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)\n- CVE-2024-26726: Do not drop extent_map for free space inode on write error (bsc#1222532)\n- CVE-2024-27022: Defer linking file vma until vma is fully initialized (bsc#1223774).\n- CVE-2024-26899: Fix deadlock between bd_link_disk_holder and partition scan (bsc#1223045).\n- CVE-2024-26638: Always initialize struct msghdr completely (bsc#1221649).\n- CVE-2024-26909: Fix drm bridge use-after-free A recent DRM series purporting to simplify support (bsc#1223143).\n- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).\n- CVE-2024-26832: Fix missing folio cleanup in writeback race path (bsc#1223007).\n- CVE-2024-26844: Fix WARNING in _copy_from_iter (bsc#1223015).\n- CVE-2024-26774: Avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (bsc#1222622).\n- CVE-2024-26815: Properly check TCA_TAPRIO_TC_ENTRY_INDEX (bsc#1222635).\n- cve-2024-267600: Fix bio_put() for error case (bsc#1222596).\n- CVE-2024-26731: Fix NULL pointer dereference in sk_psock_verdict_data_ready() (bsc#1222371).\n- CVE-2024-26740: Use the backlog for mirred ingress (bsc#1222563).\n- CVE-2023-52640: Fix oob in ntfs_listxattr The length of name cannot exceed the space occupied by ea (bsc#1222301).\n- CVE-2023-52631: Fix a NULL dereference bug (bsc#1222264).\n- CVE-2023-52458: Add check that partition length needs to be aligned with block size (bsc#1220428).\n- CVE-2023-6270: Fix the potential use-after-free problem in aoecmd_cfg_pkts (bsc#1218562).\n- CVE-2024-26805: Fix kernel-infoleak-after-free in __skb_datagram_iter (bsc#1222630).\n- CVE-2024-26991: Do not overflow lpage_info when checking attributes (bsc#1223695).\n\n- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).\n- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).\n- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).\n- CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).\n- CVE-2024-26928: Fixed potential UAF in cifs_debug_files_proc_show() (bsc#1223532).\n- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).\n- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).\n- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).\n- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).\n- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).\n- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).\n- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).\n- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).\n- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).\n- CVE-2024-35869: Guarantee refcounted children from parent session (bsc#1224679).\n- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).\n- CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).\n- CVE-2024-27036: Fixed writeback data corruption (bsc#1223810). \n \nThe following non-security bugs were fixed:\n\n- 9p: add missing locking around taking dentry fid list (git-fixes)\n- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).\n- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).\n- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).\n- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).\n- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).\n- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).\n- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).\n- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).\n- ACPI: disable -Wstringop-truncation (git-fixes).\n- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).\n- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).\n- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).\n- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).\n- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).\n- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).\n- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).\n- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).\n- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).\n- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).\n- ALSA: core: Remove debugfs at disconnection (git-fixes).\n- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).\n- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).\n- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).\n- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).\n- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).\n- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).\n- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).\n- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).\n- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).\n- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).\n- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).\n- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).\n- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).\n- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).\n- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).\n- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).\n- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).\n- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).\n- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).\n- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).\n- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).\n- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).\n- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).\n- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).\n- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).\n- ALSA: hda: clarify Copyright information (stable-fixes).\n- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).\n- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).\n- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).\n- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).\n- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).\n- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).\n- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).\n- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).\n- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).\n- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).\n- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).\n- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).\n- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).\n- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).\n- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).\n- ALSA: line6: Zero-initialize message buffers (stable-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).\n- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).\n- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).\n- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).\n- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).\n- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).\n- ALSA: seq: Do not clear bank selection at event -\u003e UMP MIDI2 conversion (git-fixes).\n- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).\n- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).\n- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).\n- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).\n- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).\n- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).\n- ALSA: timer: Set lower bound of start tick time (stable-fixes).\n- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).\n- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).\n- ALSA: ump: Set default protocol when not given explicitly (git-fixes).\n- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).\n- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).\n- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).\n- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).\n- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).\n- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).\n- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).\n- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).\n- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).\n- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).\n- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).\n- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).\n- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).\n- ASoC: Intel: avs: Set name of control as in topology (git-fixes).\n- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).\n- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).\n- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).\n- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).\n- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).\n- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).\n- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).\n- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).\n- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).\n- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).\n- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).\n- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).\n- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).\n- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).\n- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).\n- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).\n- ASoC: amd: yc: Revert \u0027Fix non-functional mic on Lenovo 21J2\u0027 (stable-fixes).\n- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).\n- ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config (git-fixes).\n- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).\n- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).\n- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).\n- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).\n- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).\n- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).\n- ASoC: meson: axg-card: make links nonatomic (git-fixes).\n- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).\n- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).\n- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).\n- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).\n- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).\n- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).\n- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).\n- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).\n- ASoC: rt5682-sdw: fix locking sequence (git-fixes).\n- ASoC: rt711-sdca: fix locking sequence (git-fixes).\n- ASoC: rt711-sdw: fix locking sequence (git-fixes).\n- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).\n- ASoC: rt715-sdca: volume step modification (git-fixes).\n- ASoC: rt715: add vendor clear control register (git-fixes).\n- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).\n- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).\n- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).\n- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).\n- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).\n- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).\n- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).\n- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).\n- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).\n- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).\n- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).\n- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).\n- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).\n- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).\n- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).\n- Add alt-commit to a nouveau patch\n- Add cherry-picked id to amdgpu patch\n- Add cherry-picked id to amdgpu patch (git-fixes)\n- Add cherry-picked patch references to amdgpu patches\n- Add reference to L3 bsc#1225765 in BPF control flow graph and precision backtrack fixes (bsc#1225756) The L3 bsc#1225765 was created seperately since our customer requires PTF.\n- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).\n- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).\n- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).\n- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).\n- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).\n- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).\n- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).\n- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).\n- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).\n- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).\n- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: add quirk for broken address properties (git-fixes).\n- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).\n- Bluetooth: btintel: Fixe build regression (git-fixes).\n- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).\n- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).\n- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).\n- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).\n- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).\n- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).\n- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).\n- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).\n- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).\n- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).\n- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).\n- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).\n- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).\n- Bluetooth: qca: add missing firmware sanity checks (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).\n- Bluetooth: qca: fix NVM configuration parsing (git-fixes).\n- Bluetooth: qca: fix device-address endianness (git-fixes).\n- Bluetooth: qca: fix firmware check error path (git-fixes).\n- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).\n- Delete patches.suse/btrfs-qgroup-fix-qgroup-prealloc-rsv-leak-in-subvolu.patch. Quoting bsc#1225945#c11: \u0027So the upstream 6.5 kernel commit (1b53e51a4a8f (\u0027btrfs: do not commit transaction for every subvol create\u0027) ) was never backported to SLE, so that fix eb96e221937a (\u0027btrfs: fix unwritten extent buffer after snapshotting a new subvolume\u0027) was never backported.\u0027\n- Docs/admin-guide/mm/damon/usage: fix wrong example of DAMOS filter matching sysfs file (git-fixes).\n- Drop usb gadget patch that was taken mistakenly and reverted (git-fixes)\n- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).\n- Edit \u0027amdkfd: use calloc instead of kzalloc to avoid integer overflow\u0027 Reference CVE and bug numbers.\n- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)\n- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_ECDSA.\n- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_RSA.\n- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).\n- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).\n- Fix patches.suse/coresight-etm4x-Add-ACPI-support-in-platform-driver.patch (bsc#1218779 bsc#1220587) Put back patch hunk which where missed because file rename drivers/acpi/acpi_amba.c -\u003e drivers/acpi/arm64/amba.c\n- HID: amd_sfh: Handle \u0027no sensors\u0027 in PM operations (git-fixes).\n- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).\n- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).\n- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).\n- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev-\u003edevc (git-fixes).\n- HID: logitech-dj: allow mice to use all types of reports (git-fixes).\n- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).\n- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)\n- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).\n- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).\n- Input: imagis - use FIELD_GET where applicable (stable-fixes).\n- Input: ims-pcu - fix printf string overflow (git-fixes).\n- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).\n- Input: synaptics-rmi4 - fail probing if memory allocation for \u0027phys\u0027 fails (stable-fixes).\n- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).\n- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).\n- KEYS: trusted: Do not use WARN when encode fails (git-fixes).\n- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).\n- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).\n- KVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region() (git-fixes).\n- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).\n- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).\n- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).\n- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).\n- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).\n- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).\n- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).\n- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).\n- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).\n- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).\n- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).\n- KVM: x86/pmu: Apply \u0027fast\u0027 RDPMC only to Intel PMUs (git-fixes).\n- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).\n- KVM: x86/pmu: Disallow \u0027fast\u0027 RDPMC for architectural Intel PMUs (git-fixes).\n- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).\n- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).\n- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).\n- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).\n- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at \u0027RESET\u0027 (git-fixes).\n- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).\n- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).\n- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).\n- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).\n- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).\n- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).\n- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).\n- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).\n- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).\n- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).\n- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).\n- KVM: x86: Snapshot if a vCPU\u0027s vendor model is AMD vs. Intel compatible (git-fixes).\n- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they\u0027re a WIP (git-fixes).\n- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).\n- Move out-of-tree powerpc patch to the right section\n- Move the upstreamed BT fix patch to sorted section\n- Move the upstreamed BT patch into sorted section\n- Move upstreamed ACPI patch into sorted section\n- Move upstreamed HD-audio patch into sorted section\n- Move upstreamed USB fix into sorted section\n- Move upstreamed media patches into sorted section\n- Move upstreamed mm patches into sorted section\n- Move upstreamed patches into sorted section\n- Move upstreamed patches into sorted section\n- Move upstreamed patches into sorted section\n- Move upstreamed patches into sorted section\n- Move upstreamed powerpc patches into sorted section\n- Move upstreamed powerpc patches into sorted section\n- NFC: trf7970a: disable all regulators on removal (git-fixes).\n- NFS: Fix an off by one in root_nfs_cat() (git-fixes).\n- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).\n- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).\n- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).\n- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).\n- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).\n- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).\n- NFSD: Retransmit callbacks after client reconnects (git-fixes).\n- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).\n- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).\n- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).\n- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).\n- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).\n- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).\n- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).\n- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).\n- PCI/AER: Block runtime suspend when handling errors (stable-fixes).\n- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).\n- PCI/DPC: Use FIELD_GET() (stable-fixes).\n- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).\n- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).\n- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).\n- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).\n- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).\n- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).\n- PCI: Fix typos in docs and comments (stable-fixes).\n- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).\n- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).\n- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).\n- PCI: hv: Fix ring buffer size calculation (git-fixes).\n- PCI: qcom: Add support for sa8775p SoC (git-fixes).\n- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).\n- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).\n- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).\n- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).\n- PCI: switchtec: Use normal comment style (stable-fixes).\n- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).\n- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).\n- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).\n- Port \u0027certs: Add ECDSA signature verification self-test\u0027.\n- Port \u0027certs: Move RSA self-test data to separate file\u0027.\n- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).\n- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).\n- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).\n- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)\n- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)\n- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)\n- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)\n- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)\n- RDMA/hns: Fix GMV table pagesize (git-fixes)\n- RDMA/hns: Fix UAF for cq async event (git-fixes)\n- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)\n- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)\n- RDMA/hns: Modify the print level of CQE error (git-fixes)\n- RDMA/hns: Use complete parentheses in macros (git-fixes)\n- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).\n- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)\n- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)\n- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)\n- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)\n- RDMA/rxe: Allow good work requests to be executed (git-fixes)\n- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)\n- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)\n- RDMA/rxe: Fix the problem \u0027mutex_destroy missing\u0027 (git-fixes)\n- README.BRANCH: Remove copy of branch name\n- Reapply \u0027drm/qxl: simplify qxl_fence_wait\u0027 (stable-fixes).\n- Refresh patches.suse/0002-PKCS-7-Check-codeSigning-EKU-for-kernel-module-and-k.patch (bsc#1222771). In preparation of enabling CONFIG_FIPS_SIGNATURE_SELFTEST, amend the missing \u0027usage\u0027 argument in the pkcs7_validate_trust() invocation from the PKCS#7 selftest.\n- Refresh patches.suse/ASoC-SOF-Intel-mtl-Implement-firmware-boot-state-che.patch.\n- Remove NTFSv3 from configs (bsc#1224429) References: bsc#1224429 comment#3 We only support fuse version of the NTFS-3g driver. Disable NTFSv3 from all configs. This was enabled in d016c04d731 (\u0027Bump to 6.4 kernel (jsc#PED-4593)\u0027)\n- Rename patches.suse/Workaround-broken-chacha-crypto-fallback.patch to patches.suse/powerpc-crypto-chacha-p10-Fix-failure-on-non-Power10.patch.\n- Revert \u0027ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default\u0027 (stable-fixes).\n- Revert \u0027ASoC: SOF: Intel: hda-dai-ops: only allocate/release streams for first CPU DAI\u0027 (stable-fixes).\n- Revert \u0027ASoC: SOF: Intel: hda-dai-ops: reset device count for SoundWire DAIs\u0027 (stable-fixes).\n- Revert \u0027PCI/MSI: Provide IMS (Interrupt Message Store) support\u0027 (git-fixes).\n- Revert \u0027PCI/MSI: Provide pci_ims_alloc/free_irq()\u0027 (git-fixes).\n- Revert \u0027PCI/MSI: Provide stubs for IMS functions\u0027 (git-fixes).\n- Revert \u0027cifs: reconnect work should have reference on server struct\u0027 (git-fixes, bsc#1225172).\n- Revert \u0027drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()\u0027 (stable-fixes).\n- Revert \u0027drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP displays without PSR\u0027 (stable-fixes).\n- Revert \u0027drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices\u0027 (stable-fixes).\n- Revert \u0027drm/bridge: ti-sn65dsi83: Fix enable error path\u0027 (git-fixes).\n- Revert \u0027drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()\u0027 (stable-fixes).\n- Revert \u0027drm/qxl: simplify qxl_fence_wait\u0027 (git-fixes).\n- Revert \u0027iommu/amd: Enable PCI/IMS\u0027 (git-fixes).\n- Revert \u0027iommu/vt-d: Enable PCI/IMS\u0027 (git-fixes).\n- Revert \u0027net/mlx5: Block entering switchdev mode with ns inconsistency\u0027 (git-fixes).\n- Revert \u0027net/mlx5e: Check the number of elements before walk TC rhashtable\u0027 (git-fixes).\n- Revert \u0027selinux: introduce an initial SID for early boot processes\u0027 (bsc#1208593) It caused a regression on ALP-current branch, kernel-obs-qa build failed.\n- Revert \u0027usb: cdc-wdm: close race between read and workqueue\u0027 (git-fixes).\n- Revert \u0027usb: phy: generic: Get the vbus supply\u0027 (git-fixes).\n- SEV: disable SEV-ES DebugSwap by default (git-fixes).\n- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).\n- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).\n- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).\n- USB: core: Add hub_get() and hub_put() routines (stable-fixes).\n- USB: core: Fix access violation during port device removal (git-fixes).\n- USB: core: Fix deadlock in port \u0027disable\u0027 sysfs attribute (stable-fixes).\n- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).\n- USB: serial: add device ID for VeriFone adapter (stable-fixes).\n- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).\n- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).\n- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).\n- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).\n- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).\n- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).\n- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).\n- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).\n- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).\n- Update patches.suse/Bluetooth-hci_sync-Don-t-double-print-name-in-add-re.patch (bsc#1216358). Added bugzilla reference\n- Update patches.suse/nvme-ensure-disabling-pairs-with-unquiesce.patch (jsc#PED-6252 jsc#PED-5728 jsc#PED-5062 jsc#PED-3535 bsc#1224534).\n- Update ath11k suspend patches from the latest subsystem tree (bsc#1207948).\n- Update config files. Disable N_GSM (jsc#PED-8240).\n- Update patches.suse/gpio-tegra186-Fix-tegra186_gpio_is_accessible-check.patch (git-fixes bsc#1223439)\n- Update patches.suse/powerpc-pseries-vas-Hold-mmap_mutex-after-mmap-lock-.patch (bsc#1012628 jsc#PED-542 git-fixes bsc#1213573 ltc#203238).\n- Update patches.suse/scsi-qedf-Don-t-process-stag-work-during-unload.patch (bsc#1214852)\n- Update patches.suse/scsi-qedf-Wait-for-stag-work-during-unload.patch (bsc#1214852)\n- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).\n- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).\n- Workaround broken chacha crypto fallback (bsc#1218205).\n- accel/ivpu: Fix deadlock in context_xa (git-fixes).\n- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).\n- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).\n- ahci: asm1064: correct count of reported ports (stable-fixes).\n- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).\n- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).\n- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).\n- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)\n- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)\n- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184). Please note that some adjustments were needed since the upstream commit is based on kernel 6.9 which has idreg-override.c moved under arch/arm64/kernel/pi/.\n- arm64: bpf: fix 32bit unconditional bswap (git-fixes).\n- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)\n- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)\n- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)\n- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)\n- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)\n- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)\n- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)\n- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)\n- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)\n- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)\n- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)\n- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)\n- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)\n- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)\n- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)\n- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).\n- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)\n- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)\n- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)\n- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)\n- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).\n- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).\n- ata: pata_legacy: make legacy_exit() work again (git-fixes).\n- ata: sata_gemini: Check clk_enable() result (stable-fixes).\n- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).\n- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).\n- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).\n- ax25: Fix netdev refcount issue (git-fixes).\n- ax25: Fix reference count leak issue of net_device (git-fixes).\n- ax25: Fix reference count leak issues of ax25_dev (git-fixes).\n- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).\n- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).\n- bitops: add missing prototype check (git-fixes).\n- blacklist.conf: workqueues: system-wide nr_active enforcement patchset; \tnot worth the risk (bsc#1225580)\n- blk-cgroup: fix list corruption from reorder of WRITE -\u003elqueued (bsc#1225605).\n- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).\n- block: fix q-\u003eblkg_list corruption during disk rebind (bsc#1223591).\n- bnx2x: Fix firmware version string character counts (git-fixes).\n- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).\n- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).\n- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).\n- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)\n- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).\n- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).\n- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).\n- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).\n- bpf, arm64: Fix incorrect runtime stats (git-fixes)\n- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)\n- bpf, scripts: Correct GPL license name (git-fixes).\n- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).\n- bpf: fix precision backtracking instruction iteration (bsc#1225756).\n- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).\n- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)\n- btrfs: add and use helper to check if block group is used (bsc#1220120).\n- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)\n- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).\n- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).\n- btrfs: always clear PERTRANS metadata during commit (git-fixes)\n- btrfs: always print transaction aborted messages with an error level (git-fixes)\n- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).\n- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).\n- btrfs: assert delayed node locked when removing delayed item (git-fixes)\n- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).\n- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).\n- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).\n- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).\n- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)\n- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)\n- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)\n- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)\n- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)\n- btrfs: do not arbitrarily slow down delalloc if we\u0027re committing (git-fixes)\n- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).\n- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).\n- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)\n- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).\n- btrfs: do not warn if discard range is not aligned to sector (git-fixes)\n- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).\n- btrfs: error out when COWing block using a stale transaction (git-fixes)\n- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)\n- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)\n- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).\n- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)\n- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)\n- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).\n- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)\n- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)\n- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)\n- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)\n- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)\n- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).\n- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).\n- btrfs: fix race when refilling delayed refs block reserve (git-fixes)\n- btrfs: fix start transaction qgroup rsv double free (git-fixes)\n- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).\n- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes) Dropped hunk in selftests (test_case_7), 92e1229b204d6.\n- btrfs: free qgroup rsv on io failure (git-fixes)\n- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)\n- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).\n- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)\n- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)\n- btrfs: initialize key where it\u0027s used when running delayed data ref (bsc#1220120).\n- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).\n- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).\n- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).\n- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).\n- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).\n- btrfs: make error messages more clear when getting a chunk map (git-fixes)\n- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).\n- btrfs: make find_free_dev_extent() static (bsc#1220120).\n- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).\n- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).\n- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).\n- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).\n- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)\n- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).\n- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)\n- btrfs: print available space across all block groups when dumping space info (bsc#1220120).\n- btrfs: print available space for a block group when dumping a space info (bsc#1220120).\n- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).\n- btrfs: print target number of bytes when dumping free space (bsc#1220120).\n- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).\n- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)\n- btrfs: record delayed inode root in transaction (git-fixes)\n- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)\n- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)\n- btrfs: remove pointless \u0027ref_root\u0027 variable from run_delayed_data_ref() (bsc#1220120).\n- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).\n- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).\n- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).\n- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).\n- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).\n- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).\n- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).\n- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).\n- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).\n- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).\n- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).\n- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).\n- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)\n- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)\n- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).\n- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).\n- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).\n- btrfs: send: ensure send_fd is writable (git-fixes)\n- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)\n- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)\n- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)\n- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).\n- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).\n- btrfs: store the error that turned the fs into error state (bsc#1220120).\n- btrfs: sysfs: validate scrub_speed_max value (git-fixes)\n- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)\n- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).\n- btrfs: update documentation for add_new_free_space() (bsc#1220120).\n- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).\n- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).\n- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).\n- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).\n- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).\n- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)\n- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)\n- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).\n- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).\n- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).\n- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).\n- certs: Add ECDSA signature verification self-test (bsc#1222777).\n- certs: Move RSA self-test data to separate file (bsc#1222777).\n- cifs: Do not use certain unnecessary folio_*() functions (bsc#1225172).\n- cifs: account for primary channel in the interface list (bsc#1225172).\n- cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1225172).\n- cifs: distribute channels across interfaces based on speed (bsc#1225172).\n- cifs: do not pass cifs_sb when trying to add channels (bsc#1225172).\n- cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1225172).\n- cifs: fix charset issue in reconnection (bsc#1225172).\n- cifs: fix leak of iface for primary channel (git-fixes, bsc#1225172).\n- cifs: handle cases where a channel is closed (bsc#1225172).\n- cifs: handle cases where multiple sessions share connection (bsc#1225172).\n- cifs: reconnect work should have reference on server struct (bsc#1225172).\n- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).\n- clk: Get runtime PM before walking tree during disable_unused (git-fixes).\n- clk: Get runtime PM before walking tree for clk_summary (git-fixes).\n- clk: Initialize struct clk_core kref earlier (stable-fixes).\n- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).\n- clk: Show active consumers of clocks in debugfs (stable-fixes).\n- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).\n- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).\n- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).\n- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).\n- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).\n- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).\n- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).\n- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).\n- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).\n- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).\n- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).\n- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).\n- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).\n- clk: rs9: fix wrong default value for clock amplitude (git-fixes).\n- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).\n- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).\n- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).\n- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).\n- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).\n- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)\n- coresight: trbe: Allocate platform data per device (bsc#1220587)\n- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)\n- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).\n- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).\n- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).\n- cpufreq: exit() callback is optional (git-fixes).\n- cpumask: Add for_each_cpu_from() (bsc#1225053).\n- crypto: bcm - Fix pointer arithmetic (git-fixes).\n- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).\n- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).\n- crypto: ccp - drop platform ifdef checks (git-fixes).\n- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).\n- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).\n- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).\n- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).\n- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).\n- crypto: qat - improve error logging to be consistent across features (git-fixes).\n- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).\n- crypto: qat - specify firmware files for 402xx (git-fixes).\n- crypto: rsa - add a check for allocation failure (bsc#1222775).\n- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).\n- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).\n- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).\n- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).\n- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).\n- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).\n- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).\n- cxl/trace: Properly initialize cxl_poison region name (git-fixes).\n- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).\n- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).\n- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).\n- device-dax: make dax_bus_type const (jsc#PED-5853).\n- dlm: fix user space lkb refcounting (git-fixes).\n- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).\n- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).\n- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).\n- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).\n- dm-multipath: dont\u0027t attempt SG_IO on non-SCSI-disks (bsc#1223575).\n- dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape (bsc#1219596) Also update diff context in patches.suse/dm-raid-fix-false-positive-for-requeue-needed-during-b25b.patch\n- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).\n- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).\n- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).\n- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).\n- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).\n- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).\n- dma-mapping: benchmark: fix node id validation (git-fixes).\n- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).\n- dma: xilinx_dpdma: Fix locking (git-fixes).\n- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).\n- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).\n- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).\n- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).\n- dmaengine: owl: fix register access functions (git-fixes).\n- dmaengine: tegra186: Fix residual calculation (git-fixes).\n- docs: Restore \u0027smart quotes\u0027 for quotes (stable-fixes).\n- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).\n- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).\n- driver core: Introduce device_link_wait_removal() (stable-fixes).\n- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).\n- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).\n- drm/amd/display: Add dml2 copy functions (stable-fixes).\n- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).\n- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).\n- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).\n- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).\n- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).\n- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).\n- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).\n- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).\n- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).\n- drm/amd/display: Fix nanosec stat overflow (stable-fixes).\n- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).\n- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).\n- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).\n- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).\n- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).\n- drm/amd/display: Prevent crash when disable stream (stable-fixes).\n- drm/amd/display: Program VSC SDP colorimetry for all DP sinks \u003e= 1.4 (stable-fixes).\n- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).\n- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).\n- drm/amd/display: Return the correct HDCP error code (stable-fixes).\n- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).\n- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).\n- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).\n- drm/amd/display: Update odm when ODM combine is changed on an otg master pipe with no plane (stable-fixes).\n- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).\n- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).\n- drm/amd/display: fix input states translation error for dcn35 \u0026 dcn351 (stable-fixes).\n- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).\n- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).\n- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).\n- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).\n- drm/amdgpu/display: Address kdoc for \u0027is_psr_su\u0027 in \u0027fill_dc_dirty_rects\u0027 (git-fixes).\n- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).\n- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).\n- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).\n- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).\n- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).\n- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes).\n- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).\n- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).\n- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).\n- drm/amdgpu: Refine IB schedule error logging (stable-fixes).\n- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).\n- drm/amdgpu: always force full reset for SOC21 (stable-fixes).\n- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).\n- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).\n- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).\n- drm/amdgpu: fix doorbell regression (git-fixes).\n- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).\n- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).\n- drm/amdgpu: fix use-after-free bug (stable-fixes).\n- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).\n- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).\n- drm/amdgpu: make damage clips support configurable (stable-fixes).\n- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).\n- drm/amdgpu: remove invalid resource-\u003estart check v2 (git-fixes).\n- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).\n- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).\n- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).\n- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).\n- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).\n- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).\n- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).\n- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).\n- drm/ast: Fix soft lockup (git-fixes).\n- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).\n- drm/bridge: anx7625: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: anx7625: Update audio status while detecting (git-fixes).\n- drm/bridge: dpc3433: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: icn6211: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt8912b: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt9611: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt9611uxc: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: tc358775: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).\n- drm/buddy: check range allocation matches alignment (stable-fixes).\n- drm/client: Fully protect modes[] with dev-\u003emode_config.mutex (stable-fixes).\n- drm/connector: Add \\n to message about demoting connector force-probes (git-fixes).\n- drm/display: fix typo (git-fixes).\n- drm/exynos: do not return negative values from .get_modes() (stable-fixes).\n- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).\n- drm/gma500: Remove lid code (git-fixes).\n- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).\n- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).\n- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).\n- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).\n- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).\n- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY \u0026lt; 13 (git-fixes).\n- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).\n- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).\n- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).\n- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).\n- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).\n- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).\n- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).\n- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).\n- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).\n- drm/i915/gt: Fix CCS id\u0027s calculation for CCS mode setting (git-fixes).\n- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).\n- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).\n- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).\n- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).\n- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).\n- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).\n- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).\n- drm/i915/mtl: Update workaround 14018575942 (git-fixes).\n- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).\n- drm/i915/vrr: Generate VRR \u0027safe window\u0027 for DSB (git-fixes).\n- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).\n- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).\n- drm/i915: Fix audio component initialization (git-fixes).\n- drm/i915: Include the PLL name in the debug messages (stable-fixes).\n- drm/i915: Pre-populate the cursor physical dma address (git-fixes).\n- drm/i915: Replace a memset() with zero initialization (stable-fixes).\n- drm/i915: Stop printing pipe name as hex (stable-fixes).\n- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).\n- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).\n- drm/i915: Use named initializers for DPLL info (stable-fixes).\n- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).\n- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).\n- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).\n- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).\n- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).\n- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).\n- drm/meson: dw-hdmi: power up phy on device init (git-fixes).\n- drm/meson: gate px_clk when setting rate (git-fixes).\n- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).\n- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).\n- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).\n- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).\n- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).\n- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).\n- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).\n- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).\n- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).\n- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).\n- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).\n- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).\n- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).\n- drm/msm: Add newlines to some debug prints (git-fixes).\n- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).\n- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).\n- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).\n- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).\n- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).\n- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).\n- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).\n- drm/panel: ili9341: Respect deferred probe (git-fixes).\n- drm/panel: ili9341: Use predefined error codes (git-fixes).\n- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).\n- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).\n- drm/panel: novatek-nt35950: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).\n- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).\n- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).\n- drm/panfrost: fix power transition timeout warnings (git-fixes).\n- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).\n- drm/probe-helper: warn about negative .get_modes() (stable-fixes).\n- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).\n- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).\n- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).\n- drm/radeon: silence UBSAN warning (v3) (stable-fixes).\n- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).\n- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).\n- drm/sched: fix null-ptr-deref in init entity (git-fixes).\n- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).\n- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).\n- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).\n- drm/vc4: do not check if plane-\u003estate-\u003efb == state-\u003efb (stable-fixes).\n- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).\n- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).\n- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).\n- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).\n- drm/vmwgfx: Fix crtc\u0027s atomic check conditional (git-fixes).\n- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).\n- drm/vmwgfx: Fix prime import/export (git-fixes).\n- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).\n- drm: Check output polling initialized before disabling (stable-fixes).\n- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).\n- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).\n- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).\n- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).\n- drm: nv04: Fix out of bounds access (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).\n- drm: vc4: Fix possible null pointer dereference (git-fixes).\n- drm: zynqmp_dpsub: Always register bridge (git-fixes).\n- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)\n- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).\n- dyndbg: fix old BUG_ON in \u003econtrol parser (stable-fixes).\n- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).\n- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).\n- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).\n- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)\n- ecryptfs: Reject casefold directory inodes (git-fixes)\n- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).\n- efi/unaccepted: touch soft lockup during memory accept (git-fixes).\n- efi: disable mirror feature during crashkernel (stable-fixes).\n- efi: fix panic in kdump kernel (git-fixes).\n- efi: libstub: only free priv.runtime_map when allocated (git-fixes).\n- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).\n- fast_dput(): handle underflows gracefully (git-fixes)\n- fat: fix uninitialized field in nostale filehandles (git-fixes)\n- fbdev: fix incorrect address computation in deferred IO (git-fixes).\n- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).\n- fbdev: sh7760fb: allow modular build (git-fixes).\n- fbdev: shmobile: fix snprintf truncation (git-fixes).\n- fbdev: sisfb: hide unused variables (git-fixes).\n- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).\n- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).\n- firewire: core: use long bus reset on gap count error (stable-fixes).\n- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).\n- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).\n- firmware: dmi-id: add a release callback function (git-fixes).\n- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).\n- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).\n- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)\n- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)\n- fs: Fix error checking for d_hash_and_lookup() (git-fixes)\n- fs: indicate request originates from old mount API (git-fixes)\n- fs: relax mount_setattr() permission checks (git-fixes)\n- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)\n- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).\n- fuse: do not unhash root (bsc#1223946).\n- fuse: fix root lookup with nonzero generation (bsc#1223945).\n- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).\n- geneve: make sure to pull inner header in geneve_rx() (git-fixes).\n- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).\n- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).\n- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).\n- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).\n- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).\n- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).\n- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).\n- gpiolib: cdev: fix uninitialised kfifo (git-fixes).\n- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).\n- gpiolib: swnode: Remove wrong header inclusion (git-fixes).\n- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).\n- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).\n- hwmon: (amc6821) add of_match table (stable-fixes).\n- hwmon: (corsair-cpro) Protect ccp-\u003ewait_input_report with a spinlock (git-fixes).\n- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).\n- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).\n- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).\n- hwmon: (lm70) fix links in doc and comments (git-fixes).\n- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).\n- hwmon: (shtc1) Fix property misspelling (git-fixes).\n- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).\n- i2c: cadence: Avoid fifo clear after start (git-fixes).\n- i2c: pxa: hide unused icr_bits[] variable (git-fixes).\n- i2c: smbus: fix NULL function pointer dereference (git-fixes).\n- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).\n- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).\n- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).\n- i40e: Enforce software interrupt during busy-poll exit (git-fixes).\n- i40e: Fix VF MAC filter removal (git-fixes).\n- i40e: Fix firmware version comparison function (git-fixes).\n- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).\n- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).\n- i40e: fix vf may be used uninitialized in this function warning (git-fixes).\n- i915: make inject_virtual_interrupt() void (stable-fixes).\n- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).\n- ice: fix enabling RX VLAN filtering (git-fixes).\n- ice: fix memory corruption bug with suspend and rebuild (git-fixes).\n- ice: fix stats being updated by way too large values (git-fixes).\n- ice: fix typo in assignment (git-fixes).\n- ice: fix uninitialized dplls mutex usage (git-fixes).\n- ice: reconfig host after changing MSI-X on VF (git-fixes).\n- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).\n- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).\n- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).\n- ida: make \u0027ida_dump\u0027 static (git-fixes).\n- idma64: Do not try to serve interrupts when device is powered off (git-fixes).\n- idpf: disable local BH when scheduling napi for marker packets (git-fixes).\n- idpf: extend tx watchdog timeout (bsc#1224137).\n- idpf: fix kernel panic on unknown packet types (git-fixes).\n- igb: Fix missing time sync events (git-fixes).\n- igb: extend PTP timestamp adjustments to i211 (git-fixes).\n- igc: Fix missing time sync events (git-fixes).\n- igc: Remove stale comment about Tx timestamping (git-fixes).\n- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).\n- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).\n- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).\n- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).\n- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).\n- iio: gts-helper: Fix division loop (git-fixes).\n- iio: pressure: Fixes BME280 SPI driver data (git-fixes).\n- iio: pressure: dps310: support negative temperature values (git-fixes).\n- iio:imu: adis16475: Fix sync mode setting (git-fixes).\n- inet: frags: eliminate kernel-doc warning (git-fixes).\n- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).\n- init/main.c: Fix potential static_command_line memory overflow (git-fixes).\n- init: open /initrd.image with O_LARGEFILE (stable-fixes).\n- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).\n- intel: legacy: Partial revert of field get conversion (git-fixes).\n- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).\n- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).\n- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).\n- interconnect: qcom: sm8550: Enable sync_state (git-fixes).\n- io_uring: kabi cookie remove (bsc#1217384).\n- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)\n- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).\n- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)\n- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).\n- iommu/vt-d: Allocate local memory for page request queue (git-fixes).\n- iommu/vt-d: Fix wrong use of pasid config (git-fixes).\n- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).\n- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).\n- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).\n- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).\n- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).\n- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).\n- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).\n- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).\n- ionic: set adminq irq affinity (git-fixes).\n- ipv4: annotate data-races around fi-\u003efib_dead (git-fixes).\n- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).\n- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).\n- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).\n- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).\n- irqchip/gic-v3-its: Prevent double free on error (git-fixes).\n- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).\n- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).\n- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register\u0027s index (stable-fixes).\n- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).\n- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).\n- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).\n- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).\n- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).\n- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).\n- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).\n- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).\n- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).\n- kABI fix of KVM: x86: Snapshot if a vCPU\u0027s vendor model is AMD vs. Intel compatible (git-fixes).\n- kABI workaround for cs35l56 (git-fixes).\n- kABI workaround for of driver changes (git-fixes).\n- kABI: Adjust trace_iterator.wait_index (git-fixes).\n- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).\n- kabi/severities: Remove mitigation-related symbols Those are used by the core kernel to implement CPU vulnerabilities mitigation and are not expected to be consumed by 3rd party users.\n- kabi/severities: ignore IMS functions They were dropped in previous patches. Noone is supposed to use them.\n- kabi/severities: ignore TAS2781 symbol drop, it\u0027s only locally used\n- kabi/severities: ignore Wangxun ethernet driver local symbols\n- kabi/severities: ignore brcmfmac-specific local symbols\n- kasan, fortify: properly rename memintrinsics (git-fixes).\n- kasan/test: avoid gcc warning for intentional overflow (git-fixes).\n- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).\n- kasan: print the original fault addr when access invalid shadow (git-fixes).\n- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-fixes).\n- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).\n- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).\n- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).\n- kselftest: Add a ksft_perror() helper (stable-fixes).\n- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).\n- leds: pwm: Disable PWM when going to suspend (git-fixes).\n- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).\n- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).\n- libperf evlist: Avoid out-of-bounds access (git-fixes).\n- libsubcmd: Fix parse-options memory leak (git-fixes).\n- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).\n- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)\n- lsm: fix the logic in security_inode_getsecctx() (git-fixes).\n- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).\n- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).\n- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).\n- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).\n- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).\n- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).\n- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).\n- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).\n- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).\n- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).\n- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).\n- md: add a new helper rdev_has_badblock() (jsc#PED-7542).\n- md: add a new helper reshape_interrupted() (jsc#PED-7542).\n- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).\n- md: check mddev-\u003epers before calling md_set_readonly() (jsc#PED-7542).\n- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).\n- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).\n- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).\n- md: export helper md_is_rdwr() (jsc#PED-7542).\n- md: export helpers to stop sync_thread (jsc#PED-7542).\n- md: factor out a helper to sync mddev (jsc#PED-7542).\n- md: fix kmemleak of rdev-\u003eserial (jsc#PED-7542).\n- md: get rdev-\u003emddev with READ_ONCE() (jsc#PED-7542).\n- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).\n- md: preserve KABI in struct md_personality (jsc#PED-7542).\n- md: remove redundant check of \u0027mddev-\u003esync_thread\u0027 (jsc#PED-7542).\n- md: remove redundant md_wakeup_thread() (jsc#PED-7542).\n- md: return directly before setting did_set_md_closing (jsc#PED-7542).\n- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).\n- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).\n- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).\n- media: cadence: csi2rx: use match fwnode for media link (git-fixes).\n- media: cec: core: remove length check of Timer Status (stable-fixes).\n- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).\n- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).\n- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).\n- media: ipu3-cio2: Request IRQ earlier (git-fixes).\n- media: mc: Fix flags handling when creating pad links (stable-fixes).\n- media: mc: Fix graph walk in media_pipeline_start (git-fixes).\n- media: mc: Rename pad variable to clarify intent (stable-fixes).\n- media: mc: mark the media devnode as registered from the, start (git-fixes).\n- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).\n- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).\n- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).\n- media: sta2x11: fix irq handler cast (stable-fixes).\n- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).\n- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).\n- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).\n- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).\n- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).\n- mei: me: add arrow lake point H DID (stable-fixes).\n- mei: me: add arrow lake point S DID (stable-fixes).\n- mei: me: add lunar lake point M DID (stable-fixes).\n- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).\n- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).\n- mlxbf_gige: stop PHY during open() error paths (git-fixes).\n- mlxbf_gige: stop interface during shutdown (git-fixes).\n- mlxsw: Use refcount_t for reference counting (git-fixes).\n- mm,page_owner: Defer enablement of static branch (bsc#1222366).\n- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).\n- mm,page_owner: Fix printing of stack records (bsc#1222366).\n- mm,page_owner: Fix refcount imbalance (bsc#1222366).\n- mm,page_owner: Update metadata for tail pages (bsc#1222366).\n- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).\n- mm,page_owner: drop unnecessary check (bsc#1222366).\n- mm,page_owner: fix recursion (bsc#1222366).\n- mm/slab: make __free(kfree) accept error pointers (git-fixes).\n- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).\n- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).\n- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).\n- mm_init kABI workaround (git-fixes).\n- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).\n- mmc: core: Avoid negative index with array access (git-fixes).\n- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).\n- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).\n- mmc: omap: fix broken slot switch lookup (git-fixes).\n- mmc: omap: fix deferred probe (git-fixes).\n- mmc: omap: restore original power up/down steps (git-fixes).\n- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).\n- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).\n- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).\n- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).\n- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).\n- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).\n- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).\n- modpost: Add \u0027.ltext\u0027 and \u0027.ltext.*\u0027 to TEXT_SECTIONS (stable-fixes).\n- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).\n- mptcp: annotate data-races around msk-\u003ermem_fwd_alloc (git-fixes).\n- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).\n- mptcp: move __mptcp_error_report in protocol.c (git-fixes).\n- mptcp: process pending subflow error on close (git-fixes).\n- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).\n- mtd: diskonchip: work around ubsan link failure (stable-fixes).\n- mtd: rawnand: hynix: fixed typo (git-fixes).\n- mtd: spinand: Add support for 5-byte IDs (stable-fixes).\n- net/mlx5: Correctly compare pkt reformat ids (git-fixes).\n- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).\n- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).\n- net/mlx5: Fix fw reporter diagnose output (git-fixes).\n- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).\n- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).\n- net/mlx5: Properly link new fs rules into the tree (git-fixes).\n- net/mlx5: Register devlink first under devlink lock (git-fixes).\n- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).\n- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).\n- net/mlx5: offset comp irq index in name by one (git-fixes).\n- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).\n- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).\n- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).\n- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).\n- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).\n- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).\n- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).\n- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).\n- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).\n- net/smc: fix documentation of buffer sizes (git-fixes).\n- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).\n- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).\n- net: NSH: fix kernel-doc notation warning (git-fixes).\n- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).\n- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).\n- net: annotate data-races around sk-\u003esk_bind_phc (git-fixes).\n- net: annotate data-races around sk-\u003esk_forward_alloc (git-fixes).\n- net: annotate data-races around sk-\u003esk_lingertime (git-fixes).\n- net: annotate data-races around sk-\u003esk_tsflags (git-fixes).\n- net: bonding: remove kernel-doc comment marker (git-fixes).\n- net: cfg802154: fix kernel-doc notation warnings (git-fixes).\n- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).\n- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).\n- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).\n- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).\n- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).\n- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).\n- net: ena: Fix incorrect descriptor free behavior (git-fixes).\n- net: ena: Fix potential sign extension issue (git-fixes).\n- net: ena: Move XDP code to its new files (git-fixes).\n- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).\n- net: ena: Remove ena_select_queue (git-fixes).\n- net: ena: Set tx_info-\u003exdpf value to NULL (git-fixes).\n- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).\n- net: ena: Wrong missing IO completions check order (git-fixes).\n- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).\n- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).\n- net: fec: Set mac_managed_pm during probe (git-fixes).\n- net: hns3: fix index limit to support all queue stats (git-fixes).\n- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).\n- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).\n- net: hns3: fix port duplex configure error in IMP reset (git-fixes).\n- net: hns3: fix wrong judgment condition issue (git-fixes).\n- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).\n- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).\n- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).\n- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).\n- net: ks8851: Inline ks8851_rx_skb() (git-fixes).\n- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).\n- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).\n- net: libwx: fix memory leak on free page (git-fixes).\n- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).\n- net: llc: fix kernel-doc notation warnings (git-fixes).\n- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).\n- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).\n- net: nfc: remove inappropriate attrs check (stable-fixes).\n- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).\n- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).\n- net: phy: micrel: Fix potential null pointer dereference (git-fixes).\n- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).\n- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).\n- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).\n- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).\n- net: ravb: Always process TX descriptor ring (git-fixes).\n- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).\n- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).\n- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).\n- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).\n- net: sparx5: flower: fix fragment flags handling (git-fixes).\n- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).\n- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).\n- net: stmmac: fix rx queue priority assignment (git-fixes).\n- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).\n- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).\n- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).\n- net: tls: fix returned read length with async decrypt (bsc#1221858).\n- net: tls: fix use-after-free with partial reads and async (bsc#1221858).\n- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).\n- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).\n- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).\n- net: usb: ax88179_178a: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).\n- net: usb: smsc95xx: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: sr9700: stop lying about skb-\u003etruesize (git-fixes).\n- net: veth: do not manipulate GRO when using XDP (git-fixes).\n- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).\n- net:usb:qmi_wwan: support Rolling modules (stable-fixes).\n- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).\n- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).\n- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).\n- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).\n- nf_conntrack: fix -Wunused-const-variable= (git-fixes).\n- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).\n- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).\n- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).\n- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).\n- nfp: flower: handle acti_netdevs allocation failure (git-fixes).\n- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).\n- nfsd: Fix a regression in nfsd_setattr() (git-fixes).\n- nfsd: do not call locks_release_private() twice concurrently (git-fixes).\n- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).\n- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).\n- nilfs2: fix out-of-range warning (git-fixes).\n- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).\n- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).\n- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).\n- nilfs2: make superblock data array index computation sparse friendly (git-fixes).\n- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).\n- nouveau/gsp: do not check devinit disable on GSP (git-fixes).\n- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).\n- nouveau: fix devinit paths to only handle display on GSP (git-fixes).\n- nouveau: fix function cast warning (git-fixes).\n- nouveau: fix instmem race condition around ptr stores (git-fixes).\n- nouveau: lock the client object tree (stable-fixes).\n- nouveau: reset the bo resource bus info after an eviction (git-fixes).\n- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).\n- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).\n- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).\n- nvme-fc: do not wait in vain when unloading module (git-fixes).\n- nvme-multipath: fix io accounting on failover (git-fixes).\n- nvme-pci: Add quirk for broken MSIs (git-fixes).\n- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).\n- nvme: fix multipath batched completion accounting (git-fixes).\n- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).\n- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).\n- nvmet-fc: abort command when there is no binding (git-fixes).\n- nvmet-fc: defer cleanup using RCU properly (git-fixes).\n- nvmet-fc: hold reference on hostport match (git-fixes).\n- nvmet-fc: release reference on target port (git-fixes).\n- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).\n- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).++ kernel-source-azure.spec (revision 4)%define git_commit ba2f81d0ba1ad117dc6a5494a21d358f354126d7Release: \u0026lt;RELEASE\u003e.gba2f81d\n- nvmet: fix ns enable/disable possible hang (git-fixes).\n- octeontx2-af: Add array index check (git-fixes).\n- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).\n- octeontx2-af: Fix devlink params (git-fixes).\n- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).\n- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).\n- octeontx2-af: Use separate handlers for interrupts (git-fixes).\n- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).\n- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).\n- octeontx2-pf: Use default max_active works instead of one (git-fixes).\n- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).\n- octeontx2-pf: check negative error code in otx2_open() (git-fixes).\n- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).\n- octeontx2: Detect the mbox up or down message via register (git-fixes).\n- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).\n- of: module: add buffer overflow check in of_modalias() (git-fixes).\n- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).\n- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).\n- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).\n- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).\n- of: property: fix typo in io-channels (git-fixes).\n- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).\n- of: unittest: Fix compile in the non-dynamic case (git-fixes).\n- overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).\n- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).\n- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).\n- perf annotate: Get rid of duplicate --group option item (git-fixes).\n- perf auxtrace: Fix multiple use of --itrace option (git-fixes).\n- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).\n- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).\n- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).\n- perf daemon: Fix file leak in daemon_session__control (git-fixes).\n- perf docs: Document bpf event modifier (git-fixes).\n- perf evsel: Fix duplicate initialization of data-\u003eid in evsel__parse_sample() (git-fixes).\n- perf expr: Fix \u0027has_event\u0027 function for metric style events (git-fixes).\n- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).\n- perf jevents: Drop or simplify small integer values (git-fixes).\n- perf list: fix short description for some cache events (git-fixes).\n- perf lock contention: Add a missing NULL check (git-fixes).\n- perf metric: Do not remove scale from counts (git-fixes).\n- perf pmu: Count sys and cpuid JSON events separately (git fixes).\n- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).\n- perf pmu: Treat the msr pmu as software (git-fixes).\n- perf print-events: make is_event_supported() more robust (git-fixes).\n- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).\n- perf record: Check conflict between \u0027--timestamp-filename\u0027 option and pipe mode before recording (git-fixes).\n- perf record: Fix debug message placement for test consumption (git-fixes).\n- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).\n- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).\n- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).\n- perf script: Show also errors for --insn-trace option (git-fixes).\n- perf srcline: Add missed addr2line closes (git-fixes).\n- perf stat: Avoid metric-only segv (git-fixes).\n- perf stat: Do not display metric header for non-leader uncore events (git-fixes).\n- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).\n- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).\n- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).\n- perf tests: Apply attributes to all events in object code reading test (git-fixes).\n- perf tests: Make \u0027test data symbol\u0027 more robust on Neoverse N1 (git-fixes).\n- perf tests: Make data symbol test wait for perf to start (bsc#1220045).\n- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).\n- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).\n- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).\n- perf top: Uniform the event name for the hybrid machine (git-fixes).\n- perf top: Use evsel\u0027s cpus to replace user_requested_cpus (git-fixes).\n- perf ui browser: Avoid SEGV on title (git fixes).\n- perf ui browser: Do not save pointer to stack memory (git-fixes).\n- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).\n- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).\n- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).\n- perf/x86/amd/core: Update and fix stalled-cycles-* events for Zen 2 and later (git-fixes).\n- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).\n- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).\n- perf/x86/intel/ds: Do not clear -\u003epebs_data_cfg for the last PEBS event (git-fixes).\n- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).\n- perf/x86: Fix out of range data (git-fixes).\n- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).\n- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).\n- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).\n- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).\n- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).\n- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).\n- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).\n- pinctrl/meson: fix typo in PDM\u0027s pin name (git-fixes).\n- pinctrl: armada-37xx: remove an unused variable (git-fixes).\n- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).\n- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).\n- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).\n- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).\n- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).\n- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).\n- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).\n- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).\n- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).\n- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).\n- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).\n- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).\n- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).\n- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).\n- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).\n- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).\n- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).\n- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).\n- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).\n- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).\n- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).\n- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).\n- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).\n- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).\n- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).\n- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).\n- ppdev: Add an error check in register_device (git-fixes).\n- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).\n- printk: Add this_cpu_in_panic() (bsc#1225607).\n- printk: Adjust mapping for 32bit seq macros (bsc#1225607).\n- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).\n- printk: Consolidate console deferred printing (bsc#1225607).\n- printk: Disable passing console lock owner completely during panic() (bsc#1225607).\n- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).\n- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).\n- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).\n- printk: Let no_printk() use _printk() (bsc#1225618).\n- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).\n- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).\n- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).\n- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).\n- printk: Wait for all reserved records with pr_flush() (bsc#1225607).\n- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).\n- printk: ringbuffer: Clarify special lpos values (bsc#1225607).\n- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).\n- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).\n- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).\n- proc/kcore: do not try to access unaccepted memory (git-fixes).\n- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).\n- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).\n- pstore: inode: Only d_invalidate() is needed (git-fixes).\n- pwm: img: fix pwm clock lookup (git-fixes).\n- qibfs: fix dentry leak (git-fixes)\n- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).\n- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).\n- random: handle creditable entropy from atomic process context (git-fixes).\n- regmap: Add regmap_read_bypassed() (git-fixes).\n- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).\n- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).\n- regmap: maple: Fix uninitialized symbol \u0027ret\u0027 warnings (git-fixes).\n- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).\n- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).\n- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).\n- regulator: core: fix debugfs creation regression (git-fixes).\n- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).\n- regulator: tps65132: Add of_match table (stable-fixes).\n- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).\n- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).\n- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).\n- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).\n- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).\n- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).\n- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).\n- ring-buffer: Fix a race between readers and resize checks (git-fixes).\n- ring-buffer: Fix full_waiters_pending in poll (git-fixes).\n- ring-buffer: Fix resetting of shortest_full (git-fixes).\n- ring-buffer: Fix waking up ring buffer readers (git-fixes).\n- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).\n- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).\n- ring-buffer: use READ_ONCE() to read cpu_buffer-\u003ecommit_page in concurrent environment (git-fixes).\n- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).\n- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).\n- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).\n- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).\n- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).\n- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348).\n- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).\n- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).\n- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).\n- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).\n- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).\n- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).\n- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).\n- s390/vdso: drop \u0027-fPIC\u0027 from LDFLAGS (git-fixes bsc#1223593).\n- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).\n- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).\n- sched-fair-Add-EAS-checks-before-updating-root_domain-overutilized.patch.\n- sched-fair-Combine-EAS-check-with-overutilized-access.patch.\n- sched-fair-Introduce-is_rd_overutilized-helper-function-to-access-root_domain-overutilized.patch.\n- sched/balancing: Rename newidle_balance() =\u003e sched_balance_newidle() (bsc#1222173).\n- sched/fair: Check root_domain::overload value before update (bsc#1222173).\n- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).\n- sched/psi: Select KERNFS as needed (git-fixes).\n- sched/topology: Optimize topology_span_sane() (bsc#1225053).\n- scsi: bfa: Fix function pointer type mismatch for hcb_qe-\u003ecbfn (git-fixes).\n- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).\n- scsi: core: Fix unremoved procfs host directory regression (git-fixes).\n- scsi: csiostor: Avoid function pointer casts (git-fixes).\n- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).\n- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).\n- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).\n- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).\n- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).\n- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842). Refresh: \t- patches.suse/lpfc-reintroduce-old-irq-probe-logic.patch\n- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).\n- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).\n- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).\n- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).\n- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).\n- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).\n- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).\n- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).\n- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).\n- scsi: lpfc: Move NPIV\u0027s transport unregistration to after resource clean up (bsc#1221777).\n- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).\n- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).\n- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).\n- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).\n- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).\n- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).\n- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).\n- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).\n- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).\n- scsi: mpi3mr: Reduce stack usage in mpi3mr_refresh_sas_ports() (git-fixes).\n- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).\n- scsi: mylex: Fix sysfs buffer lengths (git-fixes).\n- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).\n- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).\n- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).\n- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).\n- scsi: qla2xxx: Fix double free of fcport (bsc1221816).\n- scsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer (bsc1221816).\n- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).\n- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).\n- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).\n- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).\n- scsi: qla2xxx: Update manufacturer detail (bsc1221816).\n- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).\n- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).\n- scsi: sg: Avoid race in error handling \u0026 drop bogus warn (git-fixes).\n- scsi: sg: Avoid sg device teardown race (git-fixes).\n- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).\n- sctp: annotate data-races around sk-\u003esk_wmem_queued (git-fixes).\n- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).\n- selftests/binderfs: use the Makefile\u0027s rules, not Make\u0027s implicit rules (git-fixes).\n- selftests/bpf: add edge case backtracking logic test (bsc#1225756).\n- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).\n- selftests/ftrace: Fix event filter target_func selection (stable-fixes).\n- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).\n- selftests/kcmp: remove unused open mode (git-fixes).\n- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).\n- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).\n- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).\n- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).\n- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).\n- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).\n- selftests: default to host arch for LLVM builds (git-fixes).\n- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).\n- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).\n- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).\n- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).\n- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).\n- selftests: net: move amt to socat for better compatibility (git-fixes).\n- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).\n- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).\n- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).\n- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).\n- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).\n- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).\n- selinux: avoid dereference of garbage after mount failure (git-fixes).\n- selinux: introduce an initial SID for early boot processes (bsc#1208593).\n- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).\n- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).\n- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).\n- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).\n- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).\n- serial: Lock console when calling into driver before registration (git-fixes).\n- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).\n- serial: core: only stop transmit when HW fifo is empty (git-fixes).\n- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).\n- serial: max3100: Fix bitwise types (git-fixes).\n- serial: max3100: Lock port-\u003elock when calling uart_handle_cts_change() (git-fixes).\n- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).\n- serial: max310x: fix syntax error in IRQ error message (git-fixes).\n- serial: mxs-auart: add spinlock around changing cts state (git-fixes).\n- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).\n- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).\n- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).\n- serial: stm32: Reset .throttled state in .startup() (git-fixes).\n- series.conf: cleanup Fix subsection header to silence series_insert error.\n- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).\n- smb3: show beginning time for per share stats (bsc#1225172).\n- smb: client: ensure to try all targets when finding nested links (bsc#1225172).\n- smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1225172).\n- smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes, bsc#1225172).\n- smb: client: get rid of dfs code dep in namespace.c (bsc#1225172).\n- smb: client: get rid of dfs naming in automount code (bsc#1225172).\n- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1225172).\n- smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1225172).\n- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1225172).\n- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1225172).\n- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).\n- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).\n- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).\n- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).\n- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).\n- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).\n- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).\n- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).\n- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).\n- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).\n- speakup: Avoid crash on very long word (git-fixes).\n- speakup: Fix 8bit characters from direct synth (git-fixes).\n- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).\n- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).\n- spi: fix null pointer dereference within spi_sync (git-fixes).\n- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).\n- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).\n- spi: lm70llp: fix links in doc and comments (git-fixes).\n- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).\n- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).\n- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).\n- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).\n- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).\n- spi: stm32: Do not warn about spurious interrupts (git-fixes).\n- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).\n- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).\n- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).\n- staging: vc04_services: fix information leak in create_component() (git-fixes).\n- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).\n- stmmac: Clear variable when destroying workqueue (git-fixes).\n- supported.conf: support tcp_dctcp module (jsc#PED-8111)\n- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)\n- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)\n- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)\n- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)\n- swiotlb: use the calculated number of areas (git-fixes).\n- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).\n- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).\n- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).\n- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).\n- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).\n- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).\n- thunderbolt: Fix wake configurations after device unplug (stable-fixes).\n- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).\n- thunderbolt: Introduce tb_port_reset() (stable-fixes).\n- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).\n- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).\n- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).\n- tls: do not skip over different type records from the rx_list (bsc#1221858).\n- tls: fix peeking with sync+async decryption (bsc#1221858).\n- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).\n- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).\n- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).\n- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).\n- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).\n- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).\n- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).\n- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).\n- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).\n- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).\n- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).\n- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).\n- tracing: Remove precision vsnprintf() check from print event (git-fixes).\n- tracing: Use .flush() call to wake up readers (git-fixes).\n- tracing: hide unused ftrace_event_id_fops (git-fixes).\n- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).\n- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).\n- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).\n- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).\n- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).\n- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).\n- ubifs: Set page uptodate in the correct place (git-fixes).\n- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).\n- ubifs: fix sort function prototype (git-fixes).\n- usb: Disable USB3 LPM at shutdown (stable-fixes).\n- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).\n- usb: aqc111: stop lying about skb-\u003etruesize (git-fixes).\n- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).\n- usb: cdc-wdm: close race between read and workqueue (git-fixes).\n- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).\n- usb: dwc2: gadget: LPM flow fix (git-fixes).\n- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).\n- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).\n- usb: dwc2: host: Fix hibernation flow (git-fixes).\n- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).\n- usb: dwc3-am62: Disable wakeup at remove (git-fixes).\n- usb: dwc3-am62: Rename private data (git-fixes).\n- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).\n- usb: dwc3: Properly set system wakeup (git-fixes).\n- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).\n- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).\n- usb: dwc3: pci: Drop duplicate ID (git-fixes).\n- usb: fotg210: Add missing kernel doc description (git-fixes).\n- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).\n- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).\n- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).\n- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).\n- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).\n- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).\n- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).\n- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).\n- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).\n- usb: ohci: Prevent missed ohci interrupts (git-fixes).\n- usb: phy: generic: Get the vbus supply (git-fixes).\n- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).\n- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).\n- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).\n- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).\n- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).\n- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).\n- usb: typec: tcpm: Update PD of Type-C port upon pd_set (git-fixes).\n- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).\n- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).\n- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).\n- usb: typec: tipd: fix event checking for tps6598x (git-fixes).\n- usb: typec: ucsi: Ack unsupported commands (stable-fixes).\n- usb: typec: ucsi: Check for notifications after init (git-fixes).\n- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).\n- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).\n- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).\n- usb: typec: ucsi: Fix connector check on init (git-fixes).\n- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).\n- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).\n- usb: typec: ucsi: always register a link to USB PD device (git-fixes).\n- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).\n- usb: typec: ucsi: simplify partner\u0027s PD caps registration (git-fixes).\n- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).\n- usb: udc: remove warning when queue disabled ep (stable-fixes).\n- usb: xhci-plat: Do not include xhci.h (stable-fixes).\n- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).\n- usb: xhci: Implement xhci_handshake_check_state() helper.\n- usb: xhci: correct return value in case of STS_HCE (git-fixes).\n- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).\n- vboxsf: explicitly deny setlease attempts (stable-fixes).\n- vdpa/mlx5: Allow CVQ size changes (git-fixes).\n- vdpa_sim: reset must not run (git-fixes).\n- veth: try harder when allocating queue memory (git-fixes).\n- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).\n- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).\n- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).\n- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).\n- virtio_net: Do not send RSS key if it is not supported (git-fixes).\n- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).\n- vsock/virtio: fix packet delivery to tap device (git-fixes).\n- watchdog: bd9576: Drop \u0027always-running\u0027 property (git-fixes).\n- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).\n- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).\n- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).\n- wifi: ar5523: enable proper endpoint verification (git-fixes).\n- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).\n- wifi: ath10k: poll service ready message before failing (git-fixes).\n- wifi: ath10k: populate board data for WCN3990 (git-fixes).\n- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).\n- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).\n- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).\n- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).\n- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).\n- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).\n- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).\n- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).\n- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).\n- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).\n- wifi: carl9170: re-fix fortified-memset warning (git-fixes).\n- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).\n- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).\n- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).\n- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).\n- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).\n- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).\n- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).\n- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).\n- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).\n- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).\n- wifi: iwlwifi: mvm: init vif works only once (git-fixes).\n- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).\n- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).\n- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).\n- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).\n- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).\n- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).\n- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).\n- wifi: iwlwifi: read txq-\u003eread_ptr under lock (stable-fixes).\n- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).\n- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).\n- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).\n- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).\n- wifi: mac80211: fix prep_connection error path (stable-fixes).\n- wifi: mac80211: fix unaligned le16 access (git-fixes).\n- wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-fixes).\n- wifi: mac80211: remove link before AP (git-fixes).\n- wifi: mac80211_hwsim: init peer measurement result (git-fixes).\n- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).\n- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).\n- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).\n- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).\n- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).\n- wifi: mwl8k: initialize cmd-\u003eaddr[] properly (git-fixes).\n- wifi: nl80211: do not free NULL coalescing rule (git-fixes).\n- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).\n- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).\n- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).\n- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).\n- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).\n- wireguard: netlink: access device through ctx instead of peer (git-fixes).\n- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).\n- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).\n- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).\n- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).\n- x86/bugs: Fix BHI retpoline check (git-fixes).\n- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).\n- x86/bugs: Remove default case for fully switched enums (git-fixes).\n- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).\n- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).\n- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).\n- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).\n- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).\n- x86/efistub: Call mixed mode boot services on the firmware\u0027s stack (git-fixes).\n- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).\n- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).\n- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).\n- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).\n- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).\n- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).\n- x86/nmi: Fix the inverse \u0027in NMI handler\u0027 check (git-fixes).\n- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).\n- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).\n- x86/purgatory: Switch to the position-independent small code model (git-fixes).\n- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).\n- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).\n- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).\n- x86/srso: Disentangle rethunk-dependent options (git-fixes).\n- x86/srso: Fix unret validation dependencies (git-fixes).\n- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).\n- x86/srso: Print actual mitigation if requested mitigation isn\u0027t possible (git-fixes).\n- x86/srso: Remove \u0027pred_cmd\u0027 label (git-fixes).\n- x86/srso: Unexport untraining functions (git-fixes).\n- x86/xen: Add some null pointer checking to smp.c (git-fixes).\n- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).\n- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).\n- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).\n- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).\n- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).\n- xen/events: increment refcnt only if event channel is refcounted (git-fixes).\n- xen/events: modify internal [un]bind interfaces (git-fixes).\n- xen/events: reduce externally visible helper functions (git-fixes).\n- xen/events: remove some simple helpers from events_base.c (git-fixes).\n- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).\n- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).\n- xfs: add lock protection when remove perag from radix tree (git-fixes).\n- xfs: allow extent free intents to be retried (git-fixes).\n- xfs: fix perag leak when growfs fails (git-fixes).\n- xfs: force all buffers to be written during btree bulk load (git-fixes).\n- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).\n- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).\n- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).\n- xfs: transfer recovered intent item ownership in -\u003eiop_recover (git-fixes).\n- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).\n- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).\n- xhci: add helper that checks for unhandled events on a event ring (git-fixes).\n- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).\n- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).\n- 9p: add missing locking around taking dentry fid list (git-fixes)\n- accel/ivpu: Fix deadlock in context_xa (git-fixes).\n- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).\n- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).\n- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).\n- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).\n- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).\n- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).\n- ACPI: disable -Wstringop-truncation (git-fixes).\n- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).\n- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).\n- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).\n- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).\n- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).\n- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).\n- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).\n- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).\n- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).\n- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).\n- ahci: asm1064: correct count of reported ports (stable-fixes).\n- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).\n- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).\n- ALSA: core: Remove debugfs at disconnection (git-fixes).\n- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).\n- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).\n- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).\n- ALSA: hda: clarify Copyright information (stable-fixes).\n- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).\n- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).\n- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).\n- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).\n- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).\n- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).\n- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).\n- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).\n- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).\n- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).\n- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).\n- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).\n- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).\n- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).\n- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).\n- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).\n- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).\n- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).\n- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).\n- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).\n- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).\n- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).\n- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).\n- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).\n- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).\n- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).\n- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).\n- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).\n- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).\n- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).\n- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).\n- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).\n- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).\n- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).\n- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).\n- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).\n- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).\n- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).\n- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).\n- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).\n- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).\n- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).\n- ALSA: line6: Zero-initialize message buffers (stable-fixes).\n- ALSA: scarlett2: Add correct product series name to messages (stable-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).\n- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).\n- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).\n- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).\n- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).\n- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).\n- ALSA: seq: Do not clear bank selection at event -\u003e UMP MIDI2 conversion (git-fixes).\n- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).\n- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).\n- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).\n- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).\n- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).\n- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).\n- ALSA: timer: Set lower bound of start tick time (stable-fixes).\n- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).\n- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).\n- ALSA: ump: Set default protocol when not given explicitly (git-fixes).\n- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).\n- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).\n- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).\n- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).\n- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).\n- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)\n- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)\n- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).\n- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).\n- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).\n- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).\n- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).\n- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).\n- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).\n- arm64: Add the arm64.no32bit_el0 command line option (jsc#PED-3184).\n- arm64: bpf: fix 32bit unconditional bswap (git-fixes).\n- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)\n- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)\n- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)\n- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)\n- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)\n- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)\n- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)\n- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)\n- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)\n- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)\n- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)\n- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)\n- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)\n- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)\n- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)\n- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)\n- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)\n- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)\n- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).\n- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)\n- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)\n- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).\n- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)\n- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)\n- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).\n- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).\n- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).\n- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).\n- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).\n- ASoC: amd: yc: Revert \u0027Fix non-functional mic on Lenovo 21J2\u0027 (stable-fixes).\n- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).\n- ASoC: cs35l41: Update DSP1RX5/6 Sources for DSP config (git-fixes).\n- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).\n- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).\n- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).\n- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).\n- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).\n- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).\n- ASoC: Intel: avs: Set name of control as in topology (git-fixes).\n- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).\n- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).\n- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).\n- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).\n- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).\n- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).\n- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).\n- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).\n- ASoC: meson: axg-card: make links nonatomic (git-fixes).\n- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).\n- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).\n- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).\n- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).\n- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).\n- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).\n- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).\n- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).\n- ASoC: rt5682-sdw: fix locking sequence (git-fixes).\n- ASoC: rt711-sdca: fix locking sequence (git-fixes).\n- ASoC: rt711-sdw: fix locking sequence (git-fixes).\n- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).\n- ASoC: rt715-sdca: volume step modification (git-fixes).\n- ASoC: rt715: add vendor clear control register (git-fixes).\n- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).\n- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).\n- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).\n- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).\n- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).\n- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).\n- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).\n- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).\n- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).\n- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).\n- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).\n- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).\n- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).\n- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).\n- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).\n- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).\n- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).\n- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).\n- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).\n- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).\n- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).\n- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).\n- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).\n- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).\n- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).\n- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).\n- ata: pata_legacy: make legacy_exit() work again (git-fixes).\n- ata: sata_gemini: Check clk_enable() result (stable-fixes).\n- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).\n- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).\n- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).\n- ax25: Fix netdev refcount issue (git-fixes).\n- ax25: Fix reference count leak issue of net_device (git-fixes).\n- ax25: Fix reference count leak issues of ax25_dev (git-fixes).\n- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).\n- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).\n- bitops: add missing prototype check (git-fixes).\n- blk-cgroup: fix list corruption from reorder of WRITE -\u003elqueued (bsc#1225605).\n- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).\n- block: fix q-\u003eblkg_list corruption during disk rebind (bsc#1223591).\n- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).\n- Bluetooth: add quirk for broken address properties (git-fixes).\n- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).\n- Bluetooth: btintel: Fixe build regression (git-fixes).\n- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).\n- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).\n- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).\n- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).\n- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).\n- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).\n- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).\n- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).\n- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).\n- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).\n- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).\n- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).\n- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).\n- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).\n- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).\n- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).\n- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).\n- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).\n- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).\n- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).\n- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).\n- Bluetooth: qca: add missing firmware sanity checks (git-fixes).\n- Bluetooth: qca: fix device-address endianness (git-fixes).\n- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).\n- Bluetooth: qca: fix firmware check error path (git-fixes).\n- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).\n- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).\n- Bluetooth: qca: fix NVM configuration parsing (git-fixes).\n- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).\n- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).\n- bnx2x: Fix firmware version string character counts (git-fixes).\n- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).\n- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).\n- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).\n- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)\n- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).\n- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).\n- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).\n- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).\n- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)\n- bpf, arm64: Fix incorrect runtime stats (git-fixes)\n- bpf, scripts: Correct GPL license name (git-fixes).\n- bpf: fix precision backtracking instruction iteration (bsc#1225756).\n- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).\n- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).\n- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)\n- btrfs: add and use helper to check if block group is used (bsc#1220120).\n- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)\n- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).\n- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).\n- btrfs: always clear PERTRANS metadata during commit (git-fixes)\n- btrfs: always print transaction aborted messages with an error level (git-fixes)\n- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).\n- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).\n- btrfs: assert delayed node locked when removing delayed item (git-fixes)\n- btrfs: avoid start and commit empty transaction when flushing qgroups (bsc#1220120).\n- btrfs: avoid start and commit empty transaction when starting qgroup rescan (bsc#1220120).\n- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).\n- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).\n- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)\n- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)\n- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)\n- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)\n- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)\n- btrfs: do not arbitrarily slow down delalloc if we\u0027re committing (git-fixes)\n- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).\n- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).\n- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)\n- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).\n- btrfs: do not warn if discard range is not aligned to sector (git-fixes)\n- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).\n- btrfs: error out when COWing block using a stale transaction (git-fixes)\n- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)\n- btrfs: error when COWing block from a root that is being deleted (git-fixes)\n- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)\n- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).\n- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)\n- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)\n- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).\n- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)\n- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)\n- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)\n- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)\n- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)\n- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).\n- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).\n- btrfs: fix race when refilling delayed refs block reserve (git-fixes)\n- btrfs: fix start transaction qgroup rsv double free (git-fixes)\n- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).\n- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes) Dropped hunk in selftests (test_case_7), 92e1229b204d6.\n- btrfs: free qgroup rsv on io failure (git-fixes)\n- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)\n- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).\n- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)\n- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)\n- btrfs: initialize key where it\u0027s used when running delayed data ref (bsc#1220120).\n- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).\n- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).\n- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).\n- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).\n- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).\n- btrfs: make error messages more clear when getting a chunk map (git-fixes)\n- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).\n- btrfs: make find_free_dev_extent() static (bsc#1220120).\n- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).\n- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).\n- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).\n- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).\n- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)\n- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).\n- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)\n- btrfs: print available space across all block groups when dumping space info (bsc#1220120).\n- btrfs: print available space for a block group when dumping a space info (bsc#1220120).\n- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).\n- btrfs: print target number of bytes when dumping free space (bsc#1220120).\n- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).\n- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)\n- btrfs: record delayed inode root in transaction (git-fixes)\n- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)\n- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)\n- btrfs: remove pointless \u0027ref_root\u0027 variable from run_delayed_data_ref() (bsc#1220120).\n- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).\n- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).\n- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).\n- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).\n- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).\n- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).\n- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).\n- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).\n- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).\n- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).\n- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).\n- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).\n- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)\n- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)\n- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).\n- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).\n- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).\n- btrfs: send: ensure send_fd is writable (git-fixes)\n- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)\n- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)\n- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)\n- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).\n- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).\n- btrfs: store the error that turned the fs into error state (bsc#1220120).\n- btrfs: sysfs: validate scrub_speed_max value (git-fixes)\n- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)\n- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).\n- btrfs: update documentation for add_new_free_space() (bsc#1220120).\n- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).\n- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).\n- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).\n- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).\n- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).\n- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)\n- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)\n- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).\n- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).\n- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).\n- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).\n- certs: Add ECDSA signature verification self-test (bsc#1222777).\n- certs: Move RSA self-test data to separate file (bsc#1222777).\n- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).\n- clk: Get runtime PM before walking tree during disable_unused (git-fixes).\n- clk: Get runtime PM before walking tree for clk_summary (git-fixes).\n- clk: Initialize struct clk_core kref earlier (stable-fixes).\n- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).\n- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).\n- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).\n- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).\n- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).\n- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).\n- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).\n- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).\n- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).\n- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).\n- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).\n- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).\n- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).\n- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).\n- clk: rs9: fix wrong default value for clock amplitude (git-fixes).\n- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).\n- clk: Show active consumers of clocks in debugfs (stable-fixes).\n- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).\n- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).\n- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).\n- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).\n- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)\n- coresight: trbe: Allocate platform data per device (bsc#1220587)\n- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)\n- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).\n- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).\n- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).\n- cpufreq: exit() callback is optional (git-fixes).\n- cpumask: Add for_each_cpu_from() (bsc#1225053).\n- crypto: bcm - Fix pointer arithmetic (git-fixes).\n- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).\n- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).\n- crypto: ccp - drop platform ifdef checks (git-fixes).\n- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).\n- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).\n- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).\n- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).\n- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).\n- crypto: qat - improve error logging to be consistent across features (git-fixes).\n- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).\n- crypto: qat - specify firmware files for 402xx (git-fixes).\n- crypto: rsa - add a check for allocation failure (bsc#1222775).\n- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).\n- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).\n- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).\n- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).\n- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).\n- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).\n- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).\n- cxl/trace: Properly initialize cxl_poison region name (git-fixes).\n- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).\n- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).\n- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).\n- device-dax: make dax_bus_type const (jsc#PED-5853).\n- dlm: fix user space lkb refcounting (git-fixes).\n- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).\n- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).\n- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).\n- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).\n- dm-multipath: dont\u0027t attempt SG_IO on non-SCSI-disks (bsc#1223575).\n- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).\n- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).\n- dm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape (bsc#1219596)\n- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).\n- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).\n- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).\n- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).\n- dma-mapping: benchmark: fix node id validation (git-fixes).\n- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).\n- dma: xilinx_dpdma: Fix locking (git-fixes).\n- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).\n- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).\n- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).\n- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).\n- dmaengine: owl: fix register access functions (git-fixes).\n- dmaengine: tegra186: Fix residual calculation (git-fixes).\n- driver core: Introduce device_link_wait_removal() (stable-fixes).\n- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).\n- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).\n- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).\n- drm: Check output polling initialized before disabling (stable-fixes).\n- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).\n- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).\n- drm: nv04: Fix out of bounds access (git-fixes).\n- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).\n- drm: vc4: Fix possible null pointer dereference (git-fixes).\n- drm: zynqmp_dpsub: Always register bridge (git-fixes).\n- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).\n- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).\n- drm/amd/display: Add dml2 copy functions (stable-fixes).\n- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).\n- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).\n- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).\n- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).\n- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).\n- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).\n- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).\n- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).\n- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).\n- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).\n- drm/amd/display: fix input states translation error for dcn35 \u0026 dcn351 (stable-fixes).\n- drm/amd/display: Fix nanosec stat overflow (stable-fixes).\n- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).\n- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).\n- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).\n- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).\n- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).\n- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).\n- drm/amd/display: Prevent crash when disable stream (stable-fixes).\n- drm/amd/display: Program VSC SDP colorimetry for all DP sinks \u003e= 1.4 (stable-fixes).\n- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).\n- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).\n- drm/amd/display: Return the correct HDCP error code (stable-fixes).\n- drm/amd/display: Send DTBCLK disable message on first commit (git-fixes).\n- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).\n- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).\n- drm/amd/display: Update odm when ODM combine is changed on an otg master pipe with no plane (stable-fixes).\n- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).\n- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).\n- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).\n- drm/amdgpu: always force full reset for SOC21 (stable-fixes).\n- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).\n- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).\n- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).\n- drm/amdgpu: Enable gpu reset for S3 abort cases on Raven series (stable-fixes).\n- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).\n- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).\n- drm/amdgpu: fix doorbell regression (git-fixes).\n- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).\n- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).\n- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).\n- drm/amdgpu: fix use-after-free bug (stable-fixes).\n- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).\n- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).\n- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).\n- drm/amdgpu: make damage clips support configurable (stable-fixes).\n- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).\n- drm/amdgpu: Refine IB schedule error logging (stable-fixes).\n- drm/amdgpu: remove invalid resource-\u003estart check v2 (git-fixes).\n- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).\n- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).\n- drm/amdgpu/display: Address kdoc for \u0027is_psr_su\u0027 in \u0027fill_dc_dirty_rects\u0027 (git-fixes).\n- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).\n- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).\n- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).\n- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).\n- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).\n- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).\n- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).\n- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).\n- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).\n- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).\n- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).\n- drm/ast: Fix soft lockup (git-fixes).\n- drm/bridge: anx7625: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: anx7625: Update audio status while detecting (git-fixes).\n- drm/bridge: dpc3433: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).\n- drm/bridge: icn6211: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt8912b: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt9611: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: lt9611uxc: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: tc358775: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).\n- drm/buddy: check range allocation matches alignment (stable-fixes).\n- drm/ci: update device type for volteer devices (git-fixes).\n- drm/client: Fully protect modes[] with dev-\u003emode_config.mutex (stable-fixes).\n- drm/connector: Add \\n to message about demoting connector force-probes (git-fixes).\n- drm/display: fix typo (git-fixes).\n- drm/exynos: do not return negative values from .get_modes() (stable-fixes).\n- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).\n- drm/gma500: Remove lid code (git-fixes).\n- drm/i915: Disable live M/N updates when using bigjoiner (stable-fixes).\n- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).\n- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).\n- drm/i915: Fix audio component initialization (git-fixes).\n- drm/i915: Include the PLL name in the debug messages (stable-fixes).\n- drm/i915: Pre-populate the cursor physical dma address (git-fixes).\n- drm/i915: Replace a memset() with zero initialization (stable-fixes).\n- drm/i915: Stop printing pipe name as hex (stable-fixes).\n- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).\n- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).\n- drm/i915: Use named initializers for DPLL info (stable-fixes).\n- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).\n- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).\n- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).\n- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).\n- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).\n- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY \u0026lt; 13 (git-fixes).\n- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).\n- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).\n- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).\n- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).\n- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).\n- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).\n- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).\n- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).\n- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).\n- drm/i915/gt: Fix CCS id\u0027s calculation for CCS mode setting (git-fixes).\n- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).\n- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).\n- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).\n- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).\n- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).\n- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).\n- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).\n- drm/i915/mtl: Update workaround 14018575942 (git-fixes).\n- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).\n- drm/i915/vrr: Generate VRR \u0027safe window\u0027 for DSB (git-fixes).\n- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).\n- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).\n- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).\n- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).\n- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).\n- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).\n- drm/meson: dw-hdmi: power up phy on device init (git-fixes).\n- drm/meson: gate px_clk when setting rate (git-fixes).\n- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).\n- drm/msm: Add newlines to some debug prints (git-fixes).\n- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).\n- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).\n- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).\n- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).\n- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).\n- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).\n- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).\n- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).\n- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).\n- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).\n- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).\n- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).\n- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).\n- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).\n- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).\n- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).\n- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).\n- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).\n- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).\n- drm/panel: ili9341: Respect deferred probe (git-fixes).\n- drm/panel: ili9341: Use predefined error codes (git-fixes).\n- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).\n- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).\n- drm/panel: novatek-nt35950: Do not log an error when DSI host can\u0027t be found (git-fixes).\n- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).\n- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).\n- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).\n- drm/panfrost: fix power transition timeout warnings (git-fixes).\n- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).\n- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).\n- drm/probe-helper: warn about negative .get_modes() (stable-fixes).\n- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).\n- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).\n- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).\n- drm/radeon: silence UBSAN warning (v3) (stable-fixes).\n- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).\n- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).\n- drm/sched: fix null-ptr-deref in init entity (git-fixes).\n- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).\n- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).\n- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).\n- drm/vc4: do not check if plane-\u003estate-\u003efb == state-\u003efb (stable-fixes).\n- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).\n- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).\n- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).\n- drm/vmwgfx: Fix crtc\u0027s atomic check conditional (git-fixes).\n- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).\n- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).\n- drm/vmwgfx: Fix prime import/export (git-fixes).\n- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).\n- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)\n- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).\n- dyndbg: fix old BUG_ON in \u003econtrol parser (stable-fixes).\n- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).\n- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).\n- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).\n- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)\n- ecryptfs: Reject casefold directory inodes (git-fixes)\n- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).\n- efi: disable mirror feature during crashkernel (stable-fixes).\n- efi: fix panic in kdump kernel (git-fixes).\n- efi: libstub: only free priv.runtime_map when allocated (git-fixes).\n- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).\n- efi/unaccepted: touch soft lockup during memory accept (git-fixes).\n- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).\n- fast_dput(): handle underflows gracefully (git-fixes)\n- fat: fix uninitialized field in nostale filehandles (git-fixes)\n- fbdev: fix incorrect address computation in deferred IO (git-fixes).\n- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).\n- fbdev: sh7760fb: allow modular build (git-fixes).\n- fbdev: shmobile: fix snprintf truncation (git-fixes).\n- fbdev: sisfb: hide unused variables (git-fixes).\n- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).\n- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).\n- firewire: core: use long bus reset on gap count error (stable-fixes).\n- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).\n- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).\n- firmware: dmi-id: add a release callback function (git-fixes).\n- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).\n- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).\n- fs: Fix error checking for d_hash_and_lookup() (git-fixes)\n- fs: indicate request originates from old mount API (git-fixes)\n- fs: relax mount_setattr() permission checks (git-fixes)\n- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)\n- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)\n- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)\n- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).\n- fuse: do not unhash root (bsc#1223946).\n- fuse: fix root lookup with nonzero generation (bsc#1223945).\n- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).\n- geneve: make sure to pull inner header in geneve_rx() (git-fixes).\n- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).\n- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).\n- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).\n- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).\n- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).\n- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).\n- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).\n- gpiolib: cdev: fix uninitialised kfifo (git-fixes).\n- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).\n- gpiolib: swnode: Remove wrong header inclusion (git-fixes).\n- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).\n- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).\n- HID: amd_sfh: Handle \u0027no sensors\u0027 in PM operations (git-fixes).\n- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).\n- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).\n- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).\n- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev-\u003edevc (git-fixes).\n- HID: logitech-dj: allow mice to use all types of reports (git-fixes).\n- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).\n- hwmon: (amc6821) add of_match table (stable-fixes).\n- hwmon: (corsair-cpro) Protect ccp-\u003ewait_input_report with a spinlock (git-fixes).\n- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).\n- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).\n- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).\n- hwmon: (lm70) fix links in doc and comments (git-fixes).\n- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).\n- hwmon: (shtc1) Fix property misspelling (git-fixes).\n- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).\n- i2c: acpi: Unbind mux adapters before delete (git-fixes).\n- i2c: cadence: Avoid fifo clear after start (git-fixes).\n- i2c: pxa: hide unused icr_bits[] variable (git-fixes).\n- i2c: smbus: fix NULL function pointer dereference (git-fixes).\n- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).\n- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).\n- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).\n- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).\n- i40e: Enforce software interrupt during busy-poll exit (git-fixes).\n- i40e: Fix firmware version comparison function (git-fixes).\n- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).\n- i40e: Fix VF MAC filter removal (git-fixes).\n- i40e: fix vf may be used uninitialized in this function warning (git-fixes).\n- i915: make inject_virtual_interrupt() void (stable-fixes).\n- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)\n- ice: fix enabling RX VLAN filtering (git-fixes).\n- ice: fix memory corruption bug with suspend and rebuild (git-fixes).\n- ice: fix stats being updated by way too large values (git-fixes).\n- ice: fix typo in assignment (git-fixes).\n- ice: fix uninitialized dplls mutex usage (git-fixes).\n- ice: reconfig host after changing MSI-X on VF (git-fixes).\n- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).\n- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).\n- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).\n- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).\n- ida: make \u0027ida_dump\u0027 static (git-fixes).\n- idma64: Do not try to serve interrupts when device is powered off (git-fixes).\n- idpf: disable local BH when scheduling napi for marker packets (git-fixes).\n- idpf: extend tx watchdog timeout (bsc#1224137).\n- idpf: fix kernel panic on unknown packet types (git-fixes).\n- igb: extend PTP timestamp adjustments to i211 (git-fixes).\n- igb: Fix missing time sync events (git-fixes).\n- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).\n- igc: Fix missing time sync events (git-fixes).\n- igc: Remove stale comment about Tx timestamping (git-fixes).\n- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).\n- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).\n- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).\n- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).\n- iio: gts-helper: Fix division loop (git-fixes).\n- iio: pressure: dps310: support negative temperature values (git-fixes).\n- iio: pressure: Fixes BME280 SPI driver data (git-fixes).\n- iio:imu: adis16475: Fix sync mode setting (git-fixes).\n- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).\n- inet: frags: eliminate kernel-doc warning (git-fixes).\n- init: open /initrd.image with O_LARGEFILE (stable-fixes).\n- init/main.c: Fix potential static_command_line memory overflow (git-fixes).\n- Input: allocate keycode for Display refresh rate toggle (stable-fixes).\n- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).\n- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).\n- Input: imagis - use FIELD_GET where applicable (stable-fixes).\n- Input: ims-pcu - fix printf string overflow (git-fixes).\n- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).\n- Input: synaptics-rmi4 - fail probing if memory allocation for \u0027phys\u0027 fails (stable-fixes).\n- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).\n- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).\n- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).\n- intel: legacy: Partial revert of field get conversion (git-fixes).\n- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).\n- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).\n- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).\n- interconnect: qcom: sm8550: Enable sync_state (git-fixes).\n- io_uring: kabi cookie remove (bsc#1217384).\n- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)\n- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).\n- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).\n- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)\n- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).\n- iommu/vt-d: Allocate local memory for page request queue (git-fixes).\n- iommu/vt-d: Fix wrong use of pasid config (git-fixes).\n- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).\n- iommu/vt-d: Update iotlb in nested domain attach (git-fixes).\n- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).\n- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).\n- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).\n- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).\n- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).\n- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).\n- ionic: set adminq irq affinity (git-fixes).\n- ipv4: annotate data-races around fi-\u003efib_dead (git-fixes).\n- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).\n- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).\n- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).\n- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).\n- irqchip/gic-v3-its: Prevent double free on error (git-fixes).\n- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).\n- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).\n- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register\u0027s index (stable-fixes).\n- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).\n- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).\n- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).\n- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).\n- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).\n- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).\n- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).\n- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).\n- kabi/severities: ignore brcmfmac-specific local symbols\n- kabi/severities: ignore IMS functions They were dropped in previous patches. Noone is supposed to use them.\n- kabi/severities: ignore TAS2781 symbol drop, it\u0027s only locally used\n- kabi/severities: ignore Wangxun ethernet driver local symbols\n- kabi/severities: Remove mitigation-related symbols Those are used by the core kernel to implement CPU vulnerabilities mitigation and are not expected to be consumed by 3rd party users.\n- kasan, fortify: properly rename memintrinsics (git-fixes).\n- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).\n- kasan: print the original fault addr when access invalid shadow (git-fixes).\n- kasan/test: avoid gcc warning for intentional overflow (git-fixes).\n- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).\n- KEYS: trusted: Do not use WARN when encode fails (git-fixes).\n- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).\n- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).\n- kselftest: Add a ksft_perror() helper (stable-fixes).\n- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).\n- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).\n- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).\n- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).\n- KVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region() (git-fixes).\n- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).\n- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).\n- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).\n- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).\n- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).\n- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).\n- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).\n- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).\n- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).\n- KVM: x86: Snapshot if a vCPU\u0027s vendor model is AMD vs. Intel compatible (git-fixes).\n- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they\u0027re a WIP (git-fixes).\n- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).\n- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).\n- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).\n- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).\n- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).\n- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).\n- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).\n- KVM: x86/pmu: Apply \u0027fast\u0027 RDPMC only to Intel PMUs (git-fixes).\n- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).\n- KVM: x86/pmu: Disallow \u0027fast\u0027 RDPMC for architectural Intel PMUs (git-fixes).\n- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).\n- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).\n- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).\n- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).\n- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at \u0027RESET\u0027 (git-fixes).\n- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).\n- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).\n- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).\n- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).\n- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).\n- leds: pwm: Disable PWM when going to suspend (git-fixes).\n- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).\n- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).\n- libsubcmd: Fix parse-options memory leak (git-fixes).\n- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).\n- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)\n- lsm: fix the logic in security_inode_getsecctx() (git-fixes).\n- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).\n- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).\n- md: add a new helper rdev_has_badblock() (jsc#PED-7542).\n- md: add a new helper reshape_interrupted() (jsc#PED-7542).\n- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).\n- md: check mddev-\u003epers before calling md_set_readonly() (jsc#PED-7542).\n- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).\n- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).\n- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).\n- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).\n- md: export helper md_is_rdwr() (jsc#PED-7542).\n- md: export helpers to stop sync_thread (jsc#PED-7542).\n- md: factor out a helper to sync mddev (jsc#PED-7542).\n- md: fix kmemleak of rdev-\u003eserial (jsc#PED-7542).\n- md: get rdev-\u003emddev with READ_ONCE() (jsc#PED-7542).\n- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).\n- md: preserve KABI in struct md_personality (jsc#PED-7542).\n- md: remove redundant check of \u0027mddev-\u003esync_thread\u0027 (jsc#PED-7542).\n- md: remove redundant md_wakeup_thread() (jsc#PED-7542).\n- md: return directly before setting did_set_md_closing (jsc#PED-7542).\n- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).\n- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).\n- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).\n- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).\n- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).\n- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).\n- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).\n- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).\n- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).\n- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).\n- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).\n- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).\n- media: cadence: csi2rx: use match fwnode for media link (git-fixes).\n- media: cec: core: remove length check of Timer Status (stable-fixes).\n- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).\n- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).\n- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).\n- media: ipu3-cio2: Request IRQ earlier (git-fixes).\n- media: mc: Fix flags handling when creating pad links (stable-fixes).\n- media: mc: Fix graph walk in media_pipeline_start (git-fixes).\n- media: mc: mark the media devnode as registered from the, start (git-fixes).\n- media: mc: Rename pad variable to clarify intent (stable-fixes).\n- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).\n- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).\n- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).\n- media: sta2x11: fix irq handler cast (stable-fixes).\n- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).\n- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).\n- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).\n- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).\n- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).\n- mei: me: add arrow lake point H DID (stable-fixes).\n- mei: me: add arrow lake point S DID (stable-fixes).\n- mei: me: add lunar lake point M DID (stable-fixes).\n- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).\n- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).\n- mlxbf_gige: stop interface during shutdown (git-fixes).\n- mlxbf_gige: stop PHY during open() error paths (git-fixes).\n- mlxsw: Use refcount_t for reference counting (git-fixes).\n- mm_init kABI workaround (git-fixes).\n- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).\n- mm,page_owner: Defer enablement of static branch (bsc#1222366).\n- mm,page_owner: drop unnecessary check (bsc#1222366).\n- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).\n- mm,page_owner: Fix printing of stack records (bsc#1222366).\n- mm,page_owner: fix recursion (bsc#1222366).\n- mm,page_owner: Fix refcount imbalance (bsc#1222366).\n- mm,page_owner: Update metadata for tail pages (bsc#1222366).\n- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).\n- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).\n- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).\n- mm/slab: make __free(kfree) accept error pointers (git-fixes).\n- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).\n- mmc: core: Avoid negative index with array access (git-fixes).\n- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).\n- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).\n- mmc: omap: fix broken slot switch lookup (git-fixes).\n- mmc: omap: fix deferred probe (git-fixes).\n- mmc: omap: restore original power up/down steps (git-fixes).\n- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).\n- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).\n- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).\n- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).\n- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).\n- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).\n- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).\n- modpost: Add \u0027.ltext\u0027 and \u0027.ltext.*\u0027 to TEXT_SECTIONS (stable-fixes).\n- mptcp: annotate data-races around msk-\u003ermem_fwd_alloc (git-fixes).\n- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).\n- mptcp: move __mptcp_error_report in protocol.c (git-fixes).\n- mptcp: process pending subflow error on close (git-fixes).\n- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).\n- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).\n- mtd: diskonchip: work around ubsan link failure (stable-fixes).\n- mtd: rawnand: hynix: fixed typo (git-fixes).\n- mtd: spinand: Add support for 5-byte IDs (stable-fixes).\n- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).\n- net: annotate data-races around sk-\u003esk_bind_phc (git-fixes).\n- net: annotate data-races around sk-\u003esk_forward_alloc (git-fixes).\n- net: annotate data-races around sk-\u003esk_lingertime (git-fixes).\n- net: annotate data-races around sk-\u003esk_tsflags (git-fixes).\n- net: bonding: remove kernel-doc comment marker (git-fixes).\n- net: cfg802154: fix kernel-doc notation warnings (git-fixes).\n- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).\n- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).\n- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).\n- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).\n- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).\n- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).\n- net: ena: Fix incorrect descriptor free behavior (git-fixes).\n- net: ena: Fix potential sign extension issue (git-fixes).\n- net: ena: Move XDP code to its new files (git-fixes).\n- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).\n- net: ena: Remove ena_select_queue (git-fixes).\n- net: ena: Set tx_info-\u003exdpf value to NULL (git-fixes).\n- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).\n- net: ena: Wrong missing IO completions check order (git-fixes).\n- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).\n- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).\n- net: fec: Set mac_managed_pm during probe (git-fixes).\n- net: hns3: fix index limit to support all queue stats (git-fixes).\n- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).\n- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).\n- net: hns3: fix port duplex configure error in IMP reset (git-fixes).\n- net: hns3: fix wrong judgment condition issue (git-fixes).\n- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).\n- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).\n- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).\n- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).\n- net: ks8851: Inline ks8851_rx_skb() (git-fixes).\n- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).\n- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).\n- net: libwx: fix memory leak on free page (git-fixes).\n- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).\n- net: llc: fix kernel-doc notation warnings (git-fixes).\n- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).\n- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).\n- net: nfc: remove inappropriate attrs check (stable-fixes).\n- net: NSH: fix kernel-doc notation warning (git-fixes).\n- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).\n- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).\n- net: phy: micrel: Fix potential null pointer dereference (git-fixes).\n- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).\n- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).\n- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).\n- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).\n- net: ravb: Always process TX descriptor ring (git-fixes).\n- net: ravb: Always update error counters (git-fixes).\n- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).\n- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).\n- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).\n- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).\n- net: sparx5: flower: fix fragment flags handling (git-fixes).\n- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).\n- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).\n- net: stmmac: fix rx queue priority assignment (git-fixes).\n- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).\n- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).\n- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).\n- net: tls: fix returned read length with async decrypt (bsc#1221858).\n- net: tls: fix use-after-free with partial reads and async (bsc#1221858).\n- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).\n- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).\n- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).\n- net: usb: ax88179_178a: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: smsc95xx: fix changing LED_SEL bit value updated from EEPROM (git-fixes).\n- net: usb: smsc95xx: stop lying about skb-\u003etruesize (git-fixes).\n- net: usb: sr9700: stop lying about skb-\u003etruesize (git-fixes).\n- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).\n- net: veth: do not manipulate GRO when using XDP (git-fixes).\n- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).\n- net:usb:qmi_wwan: support Rolling modules (stable-fixes).\n- net/mlx5: Correctly compare pkt reformat ids (git-fixes).\n- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).\n- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).\n- net/mlx5: Fix fw reporter diagnose output (git-fixes).\n- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).\n- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).\n- net/mlx5: offset comp irq index in name by one (git-fixes).\n- net/mlx5: Properly link new fs rules into the tree (git-fixes).\n- net/mlx5: Register devlink first under devlink lock (git-fixes).\n- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).\n- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).\n- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).\n- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).\n- net/mlx5e: Fix MACsec state loss upon state update in offload path (git-fixes).\n- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).\n- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).\n- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).\n- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).\n- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).\n- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).\n- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).\n- net/smc: fix documentation of buffer sizes (git-fixes).\n- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).\n- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).\n- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).\n- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).\n- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).\n- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).\n- nf_conntrack: fix -Wunused-const-variable= (git-fixes).\n- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).\n- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).\n- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).\n- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).\n- NFC: trf7970a: disable all regulators on removal (git-fixes).\n- nfp: flower: handle acti_netdevs allocation failure (git-fixes).\n- NFS: Fix an off by one in root_nfs_cat() (git-fixes).\n- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).\n- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).\n- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).\n- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).\n- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).\n- nfsd: do not call locks_release_private() twice concurrently (git-fixes).\n- nfsd: Fix a regression in nfsd_setattr() (git-fixes).\n- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).\n- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).\n- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).\n- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).\n- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).\n- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).\n- NFSD: Retransmit callbacks after client reconnects (git-fixes).\n- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).\n- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).\n- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).\n- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).\n- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).\n- nilfs2: fix out-of-range warning (git-fixes).\n- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).\n- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).\n- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).\n- nilfs2: make superblock data array index computation sparse friendly (git-fixes).\n- nouveau: fix devinit paths to only handle display on GSP (git-fixes).\n- nouveau: fix function cast warning (git-fixes).\n- nouveau: fix instmem race condition around ptr stores (git-fixes).\n- nouveau: lock the client object tree (stable-fixes).\n- nouveau: reset the bo resource bus info after an eviction (git-fixes).\n- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).\n- nouveau/gsp: do not check devinit disable on GSP (git-fixes).\n- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).\n- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).\n- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).\n- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).\n- nvme-fc: do not wait in vain when unloading module (git-fixes).\n- nvme-pci: Add quirk for broken MSIs (git-fixes).\n- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).\n- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).\n- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).\n- nvmet-fc: abort command when there is no binding (git-fixes).\n- nvmet-fc: avoid deadlock on delete association path (git-fixes).\n- nvmet-fc: defer cleanup using RCU properly (git-fixes).\n- nvmet-fc: hold reference on hostport match (git-fixes).\n- nvmet-fc: release reference on target port (git-fixes).\n- nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).\n- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).\n- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).\n- octeontx2-af: Add array index check (git-fixes).\n- octeontx2-af: Fix devlink params (git-fixes).\n- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).\n- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).\n- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).\n- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).\n- octeontx2-af: Use separate handlers for interrupts (git-fixes).\n- octeontx2-pf: check negative error code in otx2_open() (git-fixes).\n- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).\n- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).\n- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).\n- octeontx2-pf: Use default max_active works instead of one (git-fixes).\n- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).\n- octeontx2: Detect the mbox up or down message via register (git-fixes).\n- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).\n- of: module: add buffer overflow check in of_modalias() (git-fixes).\n- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).\n- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).\n- of: property: fix typo in io-channels (git-fixes).\n- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).\n- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).\n- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).\n- of: unittest: Fix compile in the non-dynamic case (git-fixes).\n- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).\n- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).\n- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).\n- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).\n- PCI: Fix typos in docs and comments (stable-fixes).\n- PCI: hv: Fix ring buffer size calculation (git-fixes).\n- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).\n- PCI: qcom: Add support for sa8775p SoC (git-fixes).\n- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).\n- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).\n- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).\n- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).\n- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).\n- PCI: switchtec: Use normal comment style (stable-fixes).\n- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).\n- PCI/AER: Block runtime suspend when handling errors (stable-fixes).\n- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).\n- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).\n- PCI/DPC: Use FIELD_GET() (stable-fixes).\n- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).\n- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).\n- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).\n- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).\n- perf tests: Make data symbol test wait for perf to start (bsc#1220045).\n- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).\n- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).\n- perf/x86/amd/core: Update and fix stalled-cycles-* events for Zen 2 and later (git-fixes).\n- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).\n- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).\n- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).\n- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).\n- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).\n- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).\n- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).\n- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).\n- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).\n- pinctrl: armada-37xx: remove an unused variable (git-fixes).\n- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).\n- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).\n- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).\n- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).\n- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).\n- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).\n- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).\n- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).\n- pinctrl/meson: fix typo in PDM\u0027s pin name (git-fixes).\n- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).\n- platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).\n- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).\n- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).\n- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).\n- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).\n- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).\n- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).\n- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).\n- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).\n- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).\n- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).\n- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).\n- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).\n- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).\n- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).\n- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).\n- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).\n- ppdev: Add an error check in register_device (git-fixes).\n- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).\n- printk: Add this_cpu_in_panic() (bsc#1225607).\n- printk: Adjust mapping for 32bit seq macros (bsc#1225607).\n- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).\n- printk: Consolidate console deferred printing (bsc#1225607).\n- printk: Disable passing console lock owner completely during panic() (bsc#1225607).\n- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).\n- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).\n- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).\n- printk: Let no_printk() use _printk() (bsc#1225618).\n- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).\n- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).\n- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).\n- printk: ringbuffer: Clarify special lpos values (bsc#1225607).\n- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).\n- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).\n- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).\n- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).\n- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).\n- printk: Wait for all reserved records with pr_flush() (bsc#1225607).\n- proc/kcore: do not try to access unaccepted memory (git-fixes).\n- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).\n- pstore: inode: Only d_invalidate() is needed (git-fixes).\n- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).\n- pwm: img: fix pwm clock lookup (git-fixes).\n- qibfs: fix dentry leak (git-fixes)\n- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).\n- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).\n- random: handle creditable entropy from atomic process context (git-fixes).\n- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).\n- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).\n- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).\n- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)\n- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)\n- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)\n- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)\n- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)\n- RDMA/hns: Fix GMV table pagesize (git-fixes)\n- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)\n- RDMA/hns: Fix UAF for cq async event (git-fixes)\n- RDMA/hns: Modify the print level of CQE error (git-fixes)\n- RDMA/hns: Use complete parentheses in macros (git-fixes)\n- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)\n- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).\n- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)\n- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)\n- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)\n- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)\n- RDMA/rxe: Allow good work requests to be executed (git-fixes)\n- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)\n- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)\n- RDMA/rxe: Fix the problem \u0027mutex_destroy missing\u0027 (git-fixes)\n- regmap: Add regmap_read_bypassed() (git-fixes).\n- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).\n- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).\n- regmap: maple: Fix uninitialized symbol \u0027ret\u0027 warnings (git-fixes).\n- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).\n- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).\n- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).\n- regulator: core: fix debugfs creation regression (git-fixes).\n- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).\n- regulator: tps65132: Add of_match table (stable-fixes).\n- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).\n- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).\n- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).\n- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).\n- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).\n- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).\n- Revert \u0027ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default\u0027 (stable-fixes).\n- Revert \u0027ASoC: SOF: Intel: hda-dai-ops: only allocate/release streams for first CPU DAI\u0027 (stable-fixes).\n- Revert \u0027ASoC: SOF: Intel: hda-dai-ops: reset device count for SoundWire DAIs\u0027 (stable-fixes).\n- Revert \u0027drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()\u0027 (stable-fixes).\n- Revert \u0027drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP displays without PSR\u0027 (stable-fixes).\n- Revert \u0027drm/amd/display: fix USB-C flag update after enc10 feature init\u0027 (stable-fixes).\n- Revert \u0027drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices\u0027 (stable-fixes).\n- Revert \u0027drm/bridge: ti-sn65dsi83: Fix enable error path\u0027 (git-fixes).\n- Revert \u0027drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()\u0027 (stable-fixes).\n- Revert \u0027drm/qxl: simplify qxl_fence_wait\u0027 (git-fixes).\n- Revert \u0027iommu/amd: Enable PCI/IMS\u0027 (git-fixes).\n- Revert \u0027iommu/vt-d: Enable PCI/IMS\u0027 (git-fixes).\n- Revert \u0027net/mlx5: Block entering switchdev mode with ns inconsistency\u0027 (git-fixes).\n- Revert \u0027net/mlx5e: Check the number of elements before walk TC rhashtable\u0027 (git-fixes).\n- Revert \u0027PCI/MSI: Provide IMS (Interrupt Message Store) support\u0027 (git-fixes).\n- Revert \u0027PCI/MSI: Provide pci_ims_alloc/free_irq()\u0027 (git-fixes).\n- Revert \u0027PCI/MSI: Provide stubs for IMS functions\u0027 (git-fixes).\n- Revert \u0027selinux: introduce an initial SID for early boot processes\u0027 (bsc#1208593) It caused a regression on ALP-current branch, kernel-obs-qa build failed.\n- Revert \u0027thermal: core: Do not update trip points inside the hysteresis range\u0027 (git-fixes).\n- Revert \u0027usb: cdc-wdm: close race between read and workqueue\u0027 (git-fixes).\n- Revert \u0027usb: phy: generic: Get the vbus supply\u0027 (git-fixes).\n- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).\n- ring-buffer: Fix a race between readers and resize checks (git-fixes).\n- ring-buffer: Fix full_waiters_pending in poll (git-fixes).\n- ring-buffer: Fix resetting of shortest_full (git-fixes).\n- ring-buffer: Fix waking up ring buffer readers (git-fixes).\n- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).\n- ring-buffer: Only update pages_touched when a new page is touched (git-fixes).\n- ring-buffer: use READ_ONCE() to read cpu_buffer-\u003ecommit_page in concurrent environment (git-fixes).\n- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).\n- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).\n- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).\n- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).\n- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).\n- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).\n- s390/cpum_cf: make crypto counters upward compatible across machine types (bsc#1224348).\n- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).\n- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).\n- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).\n- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).\n- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).\n- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).\n- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).\n- s390/vdso: drop \u0027-fPIC\u0027 from LDFLAGS (git-fixes bsc#1223593).\n- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).\n- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).\n- sched/balancing: Rename newidle_balance() =\u003e sched_balance_newidle() (bsc#1222173).\n- sched/fair: Check root_domain::overload value before update (bsc#1222173).\n- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).\n- sched/psi: Select KERNFS as needed (git-fixes).\n- sched/topology: Optimize topology_span_sane() (bsc#1225053).\n- scsi: bfa: Fix function pointer type mismatch for hcb_qe-\u003ecbfn (git-fixes).\n- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).\n- scsi: core: Fix unremoved procfs host directory regression (git-fixes).\n- scsi: csiostor: Avoid function pointer casts (git-fixes).\n- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).\n- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).\n- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).\n- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).\n- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).\n- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).\n- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).\n- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).\n- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).\n- scsi: lpfc: Move NPIV\u0027s transport unregistration to after resource clean up (bsc#1221777).\n- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).\n- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).\n- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).\n- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).\n- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).\n- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).\n- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).\n- scsi: mpi3mr: Reduce stack usage in mpi3mr_refresh_sas_ports() (git-fixes).\n- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).\n- scsi: mylex: Fix sysfs buffer lengths (git-fixes).\n- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).\n- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).\n- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).\n- scsi: qla2xxx: Fix double free of fcport (bsc1221816).\n- scsi: qla2xxx: Fix double free of the ha-\u003evp_map pointer (bsc1221816).\n- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).\n- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).\n- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).\n- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).\n- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).\n- scsi: qla2xxx: Update manufacturer detail (bsc1221816).\n- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).\n- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).\n- scsi: sg: Avoid race in error handling \u0026 drop bogus warn (git-fixes).\n- scsi: sg: Avoid sg device teardown race (git-fixes).\n- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).\n- sctp: annotate data-races around sk-\u003esk_wmem_queued (git-fixes).\n- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).\n- selftests: default to host arch for LLVM builds (git-fixes).\n- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).\n- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).\n- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).\n- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).\n- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).\n- selftests: net: move amt to socat for better compatibility (git-fixes).\n- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).\n- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).\n- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).\n- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).\n- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).\n- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).\n- selftests/binderfs: use the Makefile\u0027s rules, not Make\u0027s implicit rules (git-fixes).\n- selftests/bpf: add edge case backtracking logic test (bsc#1225756).\n- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).\n- selftests/ftrace: Fix event filter target_func selection (stable-fixes).\n- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).\n- selftests/kcmp: remove unused open mode (git-fixes).\n- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).\n- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).\n- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).\n- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).\n- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).\n- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).\n- selinux: avoid dereference of garbage after mount failure (git-fixes).\n- selinux: introduce an initial SID for early boot processes (bsc#1208593).\n- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).\n- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).\n- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).\n- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).\n- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).\n- serial: core: only stop transmit when HW fifo is empty (git-fixes).\n- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).\n- serial: Lock console when calling into driver before registration (git-fixes).\n- serial: max3100: Fix bitwise types (git-fixes).\n- serial: max3100: Lock port-\u003elock when calling uart_handle_cts_change() (git-fixes).\n- serial: max3100: Update uart_driver_registered on driver removal (git-fixes).\n- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).\n- serial: max310x: fix syntax error in IRQ error message (git-fixes).\n- serial: mxs-auart: add spinlock around changing cts state (git-fixes).\n- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).\n- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).\n- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).\n- serial: stm32: Reset .throttled state in .startup() (git-fixes).\n- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).\n- SEV: disable SEV-ES DebugSwap by default (git-fixes).\n- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).\n- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).\n- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).\n- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).\n- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).\n- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).\n- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).\n- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).\n- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).\n- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).\n- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).\n- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).\n- speakup: Avoid crash on very long word (git-fixes).\n- speakup: Fix 8bit characters from direct synth (git-fixes).\n- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).\n- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).\n- spi: fix null pointer dereference within spi_sync (git-fixes).\n- spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs (git-fixes).\n- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).\n- spi: lm70llp: fix links in doc and comments (git-fixes).\n- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).\n- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).\n- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).\n- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).\n- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).\n- spi: stm32: Do not warn about spurious interrupts (git-fixes).\n- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).\n- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).\n- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).\n- staging: vc04_services: fix information leak in create_component() (git-fixes).\n- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).\n- stmmac: Clear variable when destroying workqueue (git-fixes).\n- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).\n- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).\n- supported.conf: support tcp_dctcp module (jsc#PED-8111)\n- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)\n- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)\n- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)\n- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)\n- swiotlb: use the calculated number of areas (git-fixes).\n- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).\n- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).\n- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).\n- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).\n- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).\n- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).\n- thunderbolt: Fix wake configurations after device unplug (stable-fixes).\n- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).\n- thunderbolt: Introduce tb_port_reset() (stable-fixes).\n- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).\n- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).\n- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).\n- tls: do not skip over different type records from the rx_list (bsc#1221858).\n- tls: fix peeking with sync+async decryption (bsc#1221858).\n- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).\n- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).\n- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).\n- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).\n- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).\n- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).\n- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).\n- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).\n- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).\n- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).\n- tracing: hide unused ftrace_event_id_fops (git-fixes).\n- tracing: Remove precision vsnprintf() check from print event (git-fixes).\n- tracing: Use .flush() call to wake up readers (git-fixes).\n- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).\n- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).\n- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).\n- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).\n- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).\n- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).\n- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).\n- ubifs: fix sort function prototype (git-fixes).\n- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).\n- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).\n- ubifs: Set page uptodate in the correct place (git-fixes).\n- usb: aqc111: stop lying about skb-\u003etruesize (git-fixes).\n- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).\n- usb: cdc-wdm: close race between read and workqueue (git-fixes).\n- USB: core: Add hub_get() and hub_put() routines (stable-fixes).\n- USB: core: Fix access violation during port device removal (git-fixes).\n- USB: core: Fix deadlock in port \u0027disable\u0027 sysfs attribute (stable-fixes).\n- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).\n- usb: Disable USB3 LPM at shutdown (stable-fixes).\n- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).\n- usb: dwc2: gadget: LPM flow fix (git-fixes).\n- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).\n- usb: dwc2: host: Fix hibernation flow (git-fixes).\n- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).\n- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).\n- usb: dwc3-am62: Disable wakeup at remove (git-fixes).\n- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).\n- usb: dwc3-am62: Rename private data (git-fixes).\n- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).\n- usb: dwc3: pci: Drop duplicate ID (git-fixes).\n- usb: dwc3: Properly set system wakeup (git-fixes).\n- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).\n- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).\n- usb: fotg210: Add missing kernel doc description (git-fixes).\n- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).\n- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).\n- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).\n- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).\n- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).\n- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).\n- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).\n- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).\n- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).\n- usb: ohci: Prevent missed ohci interrupts (git-fixes).\n- usb: phy: generic: Get the vbus supply (git-fixes).\n- USB: serial: add device ID for VeriFone adapter (stable-fixes).\n- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).\n- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).\n- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).\n- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).\n- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).\n- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).\n- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).\n- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).\n- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).\n- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).\n- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).\n- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).\n- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).\n- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).\n- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).\n- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).\n- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).\n- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).\n- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).\n- usb: typec: tcpm: Update PD of Type-C port upon pd_set (git-fixes).\n- usb: typec: tipd: fix event checking for tps6598x (git-fixes).\n- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).\n- usb: typec: ucsi: Ack unsupported commands (stable-fixes).\n- usb: typec: ucsi: always register a link to USB PD device (git-fixes).\n- usb: typec: ucsi: Check for notifications after init (git-fixes).\n- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).\n- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).\n- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).\n- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).\n- usb: typec: ucsi: Fix connector check on init (git-fixes).\n- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).\n- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).\n- usb: typec: ucsi: simplify partner\u0027s PD caps registration (git-fixes).\n- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).\n- usb: udc: remove warning when queue disabled ep (stable-fixes).\n- usb: xhci-plat: Do not include xhci.h (stable-fixes).\n- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).\n- usb: xhci: correct return value in case of STS_HCE (git-fixes).\n- usb: xhci: Implement xhci_handshake_check_state() helper.\n- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).\n- vboxsf: explicitly deny setlease attempts (stable-fixes).\n- vdpa_sim: reset must not run (git-fixes).\n- vdpa/mlx5: Allow CVQ size changes (git-fixes).\n- veth: try harder when allocating queue memory (git-fixes).\n- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).\n- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).\n- virtio_net: Do not send RSS key if it is not supported (git-fixes).\n- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).\n- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).\n- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).\n- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).\n- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).\n- vsock/virtio: fix packet delivery to tap device (git-fixes).\n- watchdog: bd9576: Drop \u0027always-running\u0027 property (git-fixes).\n- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).\n- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).\n- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).\n- wifi: ar5523: enable proper endpoint verification (git-fixes).\n- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).\n- wifi: ath10k: poll service ready message before failing (git-fixes).\n- wifi: ath10k: populate board data for WCN3990 (git-fixes).\n- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).\n- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).\n- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).\n- wifi: ath12k: Update Qualcomm Innovation Center, Inc. copyrights (stable-fixes).\n- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).\n- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).\n- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).\n- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).\n- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).\n- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).\n- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).\n- wifi: carl9170: re-fix fortified-memset warning (git-fixes).\n- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).\n- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).\n- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).\n- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).\n- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).\n- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).\n- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).\n- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).\n- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).\n- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).\n- wifi: iwlwifi: mvm: init vif works only once (git-fixes).\n- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).\n- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).\n- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).\n- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).\n- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).\n- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).\n- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).\n- wifi: iwlwifi: read txq-\u003eread_ptr under lock (stable-fixes).\n- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).\n- wifi: mac80211_hwsim: init peer measurement result (git-fixes).\n- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).\n- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).\n- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).\n- wifi: mac80211: fix prep_connection error path (stable-fixes).\n- wifi: mac80211: fix unaligned le16 access (git-fixes).\n- wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-fixes).\n- wifi: mac80211: remove link before AP (git-fixes).\n- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).\n- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).\n- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).\n- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).\n- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).\n- wifi: mwl8k: initialize cmd-\u003eaddr[] properly (git-fixes).\n- wifi: nl80211: do not free NULL coalescing rule (git-fixes).\n- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).\n- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).\n- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).\n- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).\n- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).\n- wireguard: netlink: access device through ctx instead of peer (git-fixes).\n- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).\n- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).\n- x86/bugs: Fix BHI retpoline check (git-fixes).\n- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).\n- x86/bugs: Remove default case for fully switched enums (git-fixes).\n- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).\n- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).\n- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).\n- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).\n- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).\n- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).\n- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).\n- x86/efistub: Call mixed mode boot services on the firmware\u0027s stack (git-fixes).\n- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).\n- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).\n- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).\n- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).\n- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).\n- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).\n- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).\n- x86/nmi: Fix the inverse \u0027in NMI handler\u0027 check (git-fixes).\n- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).\n- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).\n- x86/purgatory: Switch to the position-independent small code model (git-fixes).\n- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).\n- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).\n- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).\n- x86/srso: Disentangle rethunk-dependent options (git-fixes).\n- x86/srso: Fix unret validation dependencies (git-fixes).\n- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).\n- x86/srso: Print actual mitigation if requested mitigation isn\u0027t possible (git-fixes).\n- x86/srso: Remove \u0027pred_cmd\u0027 label (git-fixes).\n- x86/srso: Unexport untraining functions (git-fixes).\n- x86/xen: Add some null pointer checking to smp.c (git-fixes).\n- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).\n- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).\n- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).\n- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).\n- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).\n- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).\n- xen/events: increment refcnt only if event channel is refcounted (git-fixes).\n- xen/events: modify internal [un]bind interfaces (git-fixes).\n- xen/events: reduce externally visible helper functions (git-fixes).\n- xen/events: remove some simple helpers from events_base.c (git-fixes).\n- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).\n- xfs: add lock protection when remove perag from radix tree (git-fixes).\n- xfs: allow extent free intents to be retried (git-fixes).\n- xfs: fix perag leak when growfs fails (git-fixes).\n- xfs: force all buffers to be written during btree bulk load (git-fixes).\n- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).\n- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).\n- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).\n- xfs: transfer recovered intent item ownership in -\u003eiop_recover (git-fixes).\n- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).\n- xhci: add helper that checks for unhandled events on a event ring (git-fixes).\n- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).\n- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).\n- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).\n- xhci: update event ring dequeue pointer position to controller correctly (git-fixes). Altered because we cannot take the multiple interrupter code\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-2135,SUSE-SLE-Module-Public-Cloud-15-SP6-2024-2135,openSUSE-SLE-15.6-2024-2135",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_2135-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:2135-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20242135-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:2135-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-June/035681.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012628",
"url": "https://bugzilla.suse.com/1012628"
},
{
"category": "self",
"summary": "SUSE Bug 1065729",
"url": "https://bugzilla.suse.com/1065729"
},
{
"category": "self",
"summary": "SUSE Bug 1181674",
"url": "https://bugzilla.suse.com/1181674"
},
{
"category": "self",
"summary": "SUSE Bug 1187716",
"url": "https://bugzilla.suse.com/1187716"
},
{
"category": "self",
"summary": "SUSE Bug 1193599",
"url": "https://bugzilla.suse.com/1193599"
},
{
"category": "self",
"summary": "SUSE Bug 1194869",
"url": "https://bugzilla.suse.com/1194869"
},
{
"category": "self",
"summary": "SUSE Bug 1207948",
"url": "https://bugzilla.suse.com/1207948"
},
{
"category": "self",
"summary": "SUSE Bug 1208593",
"url": "https://bugzilla.suse.com/1208593"
},
{
"category": "self",
"summary": "SUSE Bug 1209657",
"url": "https://bugzilla.suse.com/1209657"
},
{
"category": "self",
"summary": "SUSE Bug 1213573",
"url": "https://bugzilla.suse.com/1213573"
},
{
"category": "self",
"summary": "SUSE Bug 1214852",
"url": "https://bugzilla.suse.com/1214852"
},
{
"category": "self",
"summary": "SUSE Bug 1215199",
"url": "https://bugzilla.suse.com/1215199"
},
{
"category": "self",
"summary": "SUSE Bug 1216196",
"url": "https://bugzilla.suse.com/1216196"
},
{
"category": "self",
"summary": "SUSE Bug 1216358",
"url": "https://bugzilla.suse.com/1216358"
},
{
"category": "self",
"summary": "SUSE Bug 1216702",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "self",
"summary": "SUSE Bug 1217169",
"url": "https://bugzilla.suse.com/1217169"
},
{
"category": "self",
"summary": "SUSE Bug 1217384",
"url": "https://bugzilla.suse.com/1217384"
},
{
"category": "self",
"summary": "SUSE Bug 1217408",
"url": "https://bugzilla.suse.com/1217408"
},
{
"category": "self",
"summary": "SUSE Bug 1217489",
"url": "https://bugzilla.suse.com/1217489"
},
{
"category": "self",
"summary": "SUSE Bug 1217750",
"url": "https://bugzilla.suse.com/1217750"
},
{
"category": "self",
"summary": "SUSE Bug 1217959",
"url": "https://bugzilla.suse.com/1217959"
},
{
"category": "self",
"summary": "SUSE Bug 1218205",
"url": "https://bugzilla.suse.com/1218205"
},
{
"category": "self",
"summary": "SUSE Bug 1218336",
"url": "https://bugzilla.suse.com/1218336"
},
{
"category": "self",
"summary": "SUSE Bug 1218447",
"url": "https://bugzilla.suse.com/1218447"
},
{
"category": "self",
"summary": "SUSE Bug 1218562",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "self",
"summary": "SUSE Bug 1218779",
"url": "https://bugzilla.suse.com/1218779"
},
{
"category": "self",
"summary": "SUSE Bug 1218917",
"url": "https://bugzilla.suse.com/1218917"
},
{
"category": "self",
"summary": "SUSE Bug 1219104",
"url": "https://bugzilla.suse.com/1219104"
},
{
"category": "self",
"summary": "SUSE Bug 1219170",
"url": "https://bugzilla.suse.com/1219170"
},
{
"category": "self",
"summary": "SUSE Bug 1219596",
"url": "https://bugzilla.suse.com/1219596"
},
{
"category": "self",
"summary": "SUSE Bug 1219623",
"url": "https://bugzilla.suse.com/1219623"
},
{
"category": "self",
"summary": "SUSE Bug 1219834",
"url": "https://bugzilla.suse.com/1219834"
},
{
"category": "self",
"summary": "SUSE Bug 1220021",
"url": "https://bugzilla.suse.com/1220021"
},
{
"category": "self",
"summary": "SUSE Bug 1220045",
"url": "https://bugzilla.suse.com/1220045"
},
{
"category": "self",
"summary": "SUSE Bug 1220120",
"url": "https://bugzilla.suse.com/1220120"
},
{
"category": "self",
"summary": "SUSE Bug 1220148",
"url": "https://bugzilla.suse.com/1220148"
},
{
"category": "self",
"summary": "SUSE Bug 1220328",
"url": "https://bugzilla.suse.com/1220328"
},
{
"category": "self",
"summary": "SUSE Bug 1220342",
"url": "https://bugzilla.suse.com/1220342"
},
{
"category": "self",
"summary": "SUSE Bug 1220428",
"url": "https://bugzilla.suse.com/1220428"
},
{
"category": "self",
"summary": "SUSE Bug 1220430",
"url": "https://bugzilla.suse.com/1220430"
},
{
"category": "self",
"summary": "SUSE Bug 1220569",
"url": "https://bugzilla.suse.com/1220569"
},
{
"category": "self",
"summary": "SUSE Bug 1220587",
"url": "https://bugzilla.suse.com/1220587"
},
{
"category": "self",
"summary": "SUSE Bug 1220738",
"url": "https://bugzilla.suse.com/1220738"
},
{
"category": "self",
"summary": "SUSE Bug 1220783",
"url": "https://bugzilla.suse.com/1220783"
},
{
"category": "self",
"summary": "SUSE Bug 1220915",
"url": "https://bugzilla.suse.com/1220915"
},
{
"category": "self",
"summary": "SUSE Bug 1221044",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "self",
"summary": "SUSE Bug 1221276",
"url": "https://bugzilla.suse.com/1221276"
},
{
"category": "self",
"summary": "SUSE Bug 1221293",
"url": "https://bugzilla.suse.com/1221293"
},
{
"category": "self",
"summary": "SUSE Bug 1221303",
"url": "https://bugzilla.suse.com/1221303"
},
{
"category": "self",
"summary": "SUSE Bug 1221375",
"url": "https://bugzilla.suse.com/1221375"
},
{
"category": "self",
"summary": "SUSE Bug 1221504",
"url": "https://bugzilla.suse.com/1221504"
},
{
"category": "self",
"summary": "SUSE Bug 1221612",
"url": "https://bugzilla.suse.com/1221612"
},
{
"category": "self",
"summary": "SUSE Bug 1221615",
"url": "https://bugzilla.suse.com/1221615"
},
{
"category": "self",
"summary": "SUSE Bug 1221635",
"url": "https://bugzilla.suse.com/1221635"
},
{
"category": "self",
"summary": "SUSE Bug 1221645",
"url": "https://bugzilla.suse.com/1221645"
},
{
"category": "self",
"summary": "SUSE Bug 1221649",
"url": "https://bugzilla.suse.com/1221649"
},
{
"category": "self",
"summary": "SUSE Bug 1221765",
"url": "https://bugzilla.suse.com/1221765"
},
{
"category": "self",
"summary": "SUSE Bug 1221777",
"url": "https://bugzilla.suse.com/1221777"
},
{
"category": "self",
"summary": "SUSE Bug 1221783",
"url": "https://bugzilla.suse.com/1221783"
},
{
"category": "self",
"summary": "SUSE Bug 1221816",
"url": "https://bugzilla.suse.com/1221816"
},
{
"category": "self",
"summary": "SUSE Bug 1221829",
"url": "https://bugzilla.suse.com/1221829"
},
{
"category": "self",
"summary": "SUSE Bug 1221830",
"url": "https://bugzilla.suse.com/1221830"
},
{
"category": "self",
"summary": "SUSE Bug 1221858",
"url": "https://bugzilla.suse.com/1221858"
},
{
"category": "self",
"summary": "SUSE Bug 1222115",
"url": "https://bugzilla.suse.com/1222115"
},
{
"category": "self",
"summary": "SUSE Bug 1222173",
"url": "https://bugzilla.suse.com/1222173"
},
{
"category": "self",
"summary": "SUSE Bug 1222264",
"url": "https://bugzilla.suse.com/1222264"
},
{
"category": "self",
"summary": "SUSE Bug 1222273",
"url": "https://bugzilla.suse.com/1222273"
},
{
"category": "self",
"summary": "SUSE Bug 1222294",
"url": "https://bugzilla.suse.com/1222294"
},
{
"category": "self",
"summary": "SUSE Bug 1222301",
"url": "https://bugzilla.suse.com/1222301"
},
{
"category": "self",
"summary": "SUSE Bug 1222303",
"url": "https://bugzilla.suse.com/1222303"
},
{
"category": "self",
"summary": "SUSE Bug 1222304",
"url": "https://bugzilla.suse.com/1222304"
},
{
"category": "self",
"summary": "SUSE Bug 1222307",
"url": "https://bugzilla.suse.com/1222307"
},
{
"category": "self",
"summary": "SUSE Bug 1222357",
"url": "https://bugzilla.suse.com/1222357"
},
{
"category": "self",
"summary": "SUSE Bug 1222366",
"url": "https://bugzilla.suse.com/1222366"
},
{
"category": "self",
"summary": "SUSE Bug 1222368",
"url": "https://bugzilla.suse.com/1222368"
},
{
"category": "self",
"summary": "SUSE Bug 1222371",
"url": "https://bugzilla.suse.com/1222371"
},
{
"category": "self",
"summary": "SUSE Bug 1222378",
"url": "https://bugzilla.suse.com/1222378"
},
{
"category": "self",
"summary": "SUSE Bug 1222379",
"url": "https://bugzilla.suse.com/1222379"
},
{
"category": "self",
"summary": "SUSE Bug 1222385",
"url": "https://bugzilla.suse.com/1222385"
},
{
"category": "self",
"summary": "SUSE Bug 1222422",
"url": "https://bugzilla.suse.com/1222422"
},
{
"category": "self",
"summary": "SUSE Bug 1222426",
"url": "https://bugzilla.suse.com/1222426"
},
{
"category": "self",
"summary": "SUSE Bug 1222428",
"url": "https://bugzilla.suse.com/1222428"
},
{
"category": "self",
"summary": "SUSE Bug 1222437",
"url": "https://bugzilla.suse.com/1222437"
},
{
"category": "self",
"summary": "SUSE Bug 1222445",
"url": "https://bugzilla.suse.com/1222445"
},
{
"category": "self",
"summary": "SUSE Bug 1222459",
"url": "https://bugzilla.suse.com/1222459"
},
{
"category": "self",
"summary": "SUSE Bug 1222464",
"url": "https://bugzilla.suse.com/1222464"
},
{
"category": "self",
"summary": "SUSE Bug 1222489",
"url": "https://bugzilla.suse.com/1222489"
},
{
"category": "self",
"summary": "SUSE Bug 1222522",
"url": "https://bugzilla.suse.com/1222522"
},
{
"category": "self",
"summary": "SUSE Bug 1222525",
"url": "https://bugzilla.suse.com/1222525"
},
{
"category": "self",
"summary": "SUSE Bug 1222527",
"url": "https://bugzilla.suse.com/1222527"
},
{
"category": "self",
"summary": "SUSE Bug 1222531",
"url": "https://bugzilla.suse.com/1222531"
},
{
"category": "self",
"summary": "SUSE Bug 1222532",
"url": "https://bugzilla.suse.com/1222532"
},
{
"category": "self",
"summary": "SUSE Bug 1222549",
"url": "https://bugzilla.suse.com/1222549"
},
{
"category": "self",
"summary": "SUSE Bug 1222550",
"url": "https://bugzilla.suse.com/1222550"
},
{
"category": "self",
"summary": "SUSE Bug 1222557",
"url": "https://bugzilla.suse.com/1222557"
},
{
"category": "self",
"summary": "SUSE Bug 1222559",
"url": "https://bugzilla.suse.com/1222559"
},
{
"category": "self",
"summary": "SUSE Bug 1222563",
"url": "https://bugzilla.suse.com/1222563"
},
{
"category": "self",
"summary": "SUSE Bug 1222585",
"url": "https://bugzilla.suse.com/1222585"
},
{
"category": "self",
"summary": "SUSE Bug 1222586",
"url": "https://bugzilla.suse.com/1222586"
},
{
"category": "self",
"summary": "SUSE Bug 1222596",
"url": "https://bugzilla.suse.com/1222596"
},
{
"category": "self",
"summary": "SUSE Bug 1222606",
"url": "https://bugzilla.suse.com/1222606"
},
{
"category": "self",
"summary": "SUSE Bug 1222608",
"url": "https://bugzilla.suse.com/1222608"
},
{
"category": "self",
"summary": "SUSE Bug 1222613",
"url": "https://bugzilla.suse.com/1222613"
},
{
"category": "self",
"summary": "SUSE Bug 1222615",
"url": "https://bugzilla.suse.com/1222615"
},
{
"category": "self",
"summary": "SUSE Bug 1222618",
"url": "https://bugzilla.suse.com/1222618"
},
{
"category": "self",
"summary": "SUSE Bug 1222622",
"url": "https://bugzilla.suse.com/1222622"
},
{
"category": "self",
"summary": "SUSE Bug 1222624",
"url": "https://bugzilla.suse.com/1222624"
},
{
"category": "self",
"summary": "SUSE Bug 1222627",
"url": "https://bugzilla.suse.com/1222627"
},
{
"category": "self",
"summary": "SUSE Bug 1222630",
"url": "https://bugzilla.suse.com/1222630"
},
{
"category": "self",
"summary": "SUSE Bug 1222635",
"url": "https://bugzilla.suse.com/1222635"
},
{
"category": "self",
"summary": "SUSE Bug 1222721",
"url": "https://bugzilla.suse.com/1222721"
},
{
"category": "self",
"summary": "SUSE Bug 1222727",
"url": "https://bugzilla.suse.com/1222727"
},
{
"category": "self",
"summary": "SUSE Bug 1222769",
"url": "https://bugzilla.suse.com/1222769"
},
{
"category": "self",
"summary": "SUSE Bug 1222771",
"url": "https://bugzilla.suse.com/1222771"
},
{
"category": "self",
"summary": "SUSE Bug 1222772",
"url": "https://bugzilla.suse.com/1222772"
},
{
"category": "self",
"summary": "SUSE Bug 1222775",
"url": "https://bugzilla.suse.com/1222775"
},
{
"category": "self",
"summary": "SUSE Bug 1222777",
"url": "https://bugzilla.suse.com/1222777"
},
{
"category": "self",
"summary": "SUSE Bug 1222780",
"url": "https://bugzilla.suse.com/1222780"
},
{
"category": "self",
"summary": "SUSE Bug 1222782",
"url": "https://bugzilla.suse.com/1222782"
},
{
"category": "self",
"summary": "SUSE Bug 1222793",
"url": "https://bugzilla.suse.com/1222793"
},
{
"category": "self",
"summary": "SUSE Bug 1222799",
"url": "https://bugzilla.suse.com/1222799"
},
{
"category": "self",
"summary": "SUSE Bug 1222801",
"url": "https://bugzilla.suse.com/1222801"
},
{
"category": "self",
"summary": "SUSE Bug 1222968",
"url": "https://bugzilla.suse.com/1222968"
},
{
"category": "self",
"summary": "SUSE Bug 1223007",
"url": "https://bugzilla.suse.com/1223007"
},
{
"category": "self",
"summary": "SUSE Bug 1223011",
"url": "https://bugzilla.suse.com/1223011"
},
{
"category": "self",
"summary": "SUSE Bug 1223015",
"url": "https://bugzilla.suse.com/1223015"
},
{
"category": "self",
"summary": "SUSE Bug 1223016",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "self",
"summary": "SUSE Bug 1223020",
"url": "https://bugzilla.suse.com/1223020"
},
{
"category": "self",
"summary": "SUSE Bug 1223023",
"url": "https://bugzilla.suse.com/1223023"
},
{
"category": "self",
"summary": "SUSE Bug 1223024",
"url": "https://bugzilla.suse.com/1223024"
},
{
"category": "self",
"summary": "SUSE Bug 1223030",
"url": "https://bugzilla.suse.com/1223030"
},
{
"category": "self",
"summary": "SUSE Bug 1223033",
"url": "https://bugzilla.suse.com/1223033"
},
{
"category": "self",
"summary": "SUSE Bug 1223034",
"url": "https://bugzilla.suse.com/1223034"
},
{
"category": "self",
"summary": "SUSE Bug 1223035",
"url": "https://bugzilla.suse.com/1223035"
},
{
"category": "self",
"summary": "SUSE Bug 1223038",
"url": "https://bugzilla.suse.com/1223038"
},
{
"category": "self",
"summary": "SUSE Bug 1223039",
"url": "https://bugzilla.suse.com/1223039"
},
{
"category": "self",
"summary": "SUSE Bug 1223041",
"url": "https://bugzilla.suse.com/1223041"
},
{
"category": "self",
"summary": "SUSE Bug 1223045",
"url": "https://bugzilla.suse.com/1223045"
},
{
"category": "self",
"summary": "SUSE Bug 1223046",
"url": "https://bugzilla.suse.com/1223046"
},
{
"category": "self",
"summary": "SUSE Bug 1223051",
"url": "https://bugzilla.suse.com/1223051"
},
{
"category": "self",
"summary": "SUSE Bug 1223052",
"url": "https://bugzilla.suse.com/1223052"
},
{
"category": "self",
"summary": "SUSE Bug 1223058",
"url": "https://bugzilla.suse.com/1223058"
},
{
"category": "self",
"summary": "SUSE Bug 1223060",
"url": "https://bugzilla.suse.com/1223060"
},
{
"category": "self",
"summary": "SUSE Bug 1223061",
"url": "https://bugzilla.suse.com/1223061"
},
{
"category": "self",
"summary": "SUSE Bug 1223076",
"url": "https://bugzilla.suse.com/1223076"
},
{
"category": "self",
"summary": "SUSE Bug 1223077",
"url": "https://bugzilla.suse.com/1223077"
},
{
"category": "self",
"summary": "SUSE Bug 1223084",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "self",
"summary": "SUSE Bug 1223111",
"url": "https://bugzilla.suse.com/1223111"
},
{
"category": "self",
"summary": "SUSE Bug 1223113",
"url": "https://bugzilla.suse.com/1223113"
},
{
"category": "self",
"summary": "SUSE Bug 1223138",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "self",
"summary": "SUSE Bug 1223143",
"url": "https://bugzilla.suse.com/1223143"
},
{
"category": "self",
"summary": "SUSE Bug 1223187",
"url": "https://bugzilla.suse.com/1223187"
},
{
"category": "self",
"summary": "SUSE Bug 1223189",
"url": "https://bugzilla.suse.com/1223189"
},
{
"category": "self",
"summary": "SUSE Bug 1223190",
"url": "https://bugzilla.suse.com/1223190"
},
{
"category": "self",
"summary": "SUSE Bug 1223191",
"url": "https://bugzilla.suse.com/1223191"
},
{
"category": "self",
"summary": "SUSE Bug 1223198",
"url": "https://bugzilla.suse.com/1223198"
},
{
"category": "self",
"summary": "SUSE Bug 1223202",
"url": "https://bugzilla.suse.com/1223202"
},
{
"category": "self",
"summary": "SUSE Bug 1223285",
"url": "https://bugzilla.suse.com/1223285"
},
{
"category": "self",
"summary": "SUSE Bug 1223315",
"url": "https://bugzilla.suse.com/1223315"
},
{
"category": "self",
"summary": "SUSE Bug 1223338",
"url": "https://bugzilla.suse.com/1223338"
},
{
"category": "self",
"summary": "SUSE Bug 1223369",
"url": "https://bugzilla.suse.com/1223369"
},
{
"category": "self",
"summary": "SUSE Bug 1223380",
"url": "https://bugzilla.suse.com/1223380"
},
{
"category": "self",
"summary": "SUSE Bug 1223384",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "self",
"summary": "SUSE Bug 1223390",
"url": "https://bugzilla.suse.com/1223390"
},
{
"category": "self",
"summary": "SUSE Bug 1223439",
"url": "https://bugzilla.suse.com/1223439"
},
{
"category": "self",
"summary": "SUSE Bug 1223462",
"url": "https://bugzilla.suse.com/1223462"
},
{
"category": "self",
"summary": "SUSE Bug 1223532",
"url": "https://bugzilla.suse.com/1223532"
},
{
"category": "self",
"summary": "SUSE Bug 1223539",
"url": "https://bugzilla.suse.com/1223539"
},
{
"category": "self",
"summary": "SUSE Bug 1223575",
"url": "https://bugzilla.suse.com/1223575"
},
{
"category": "self",
"summary": "SUSE Bug 1223590",
"url": "https://bugzilla.suse.com/1223590"
},
{
"category": "self",
"summary": "SUSE Bug 1223591",
"url": "https://bugzilla.suse.com/1223591"
},
{
"category": "self",
"summary": "SUSE Bug 1223592",
"url": "https://bugzilla.suse.com/1223592"
},
{
"category": "self",
"summary": "SUSE Bug 1223593",
"url": "https://bugzilla.suse.com/1223593"
},
{
"category": "self",
"summary": "SUSE Bug 1223625",
"url": "https://bugzilla.suse.com/1223625"
},
{
"category": "self",
"summary": "SUSE Bug 1223628",
"url": "https://bugzilla.suse.com/1223628"
},
{
"category": "self",
"summary": "SUSE Bug 1223629",
"url": "https://bugzilla.suse.com/1223629"
},
{
"category": "self",
"summary": "SUSE Bug 1223633",
"url": "https://bugzilla.suse.com/1223633"
},
{
"category": "self",
"summary": "SUSE Bug 1223634",
"url": "https://bugzilla.suse.com/1223634"
},
{
"category": "self",
"summary": "SUSE Bug 1223637",
"url": "https://bugzilla.suse.com/1223637"
},
{
"category": "self",
"summary": "SUSE Bug 1223641",
"url": "https://bugzilla.suse.com/1223641"
},
{
"category": "self",
"summary": "SUSE Bug 1223643",
"url": "https://bugzilla.suse.com/1223643"
},
{
"category": "self",
"summary": "SUSE Bug 1223649",
"url": "https://bugzilla.suse.com/1223649"
},
{
"category": "self",
"summary": "SUSE Bug 1223650",
"url": "https://bugzilla.suse.com/1223650"
},
{
"category": "self",
"summary": "SUSE Bug 1223651",
"url": "https://bugzilla.suse.com/1223651"
},
{
"category": "self",
"summary": "SUSE Bug 1223652",
"url": "https://bugzilla.suse.com/1223652"
},
{
"category": "self",
"summary": "SUSE Bug 1223653",
"url": "https://bugzilla.suse.com/1223653"
},
{
"category": "self",
"summary": "SUSE Bug 1223654",
"url": "https://bugzilla.suse.com/1223654"
},
{
"category": "self",
"summary": "SUSE Bug 1223655",
"url": "https://bugzilla.suse.com/1223655"
},
{
"category": "self",
"summary": "SUSE Bug 1223660",
"url": "https://bugzilla.suse.com/1223660"
},
{
"category": "self",
"summary": "SUSE Bug 1223661",
"url": "https://bugzilla.suse.com/1223661"
},
{
"category": "self",
"summary": "SUSE Bug 1223663",
"url": "https://bugzilla.suse.com/1223663"
},
{
"category": "self",
"summary": "SUSE Bug 1223664",
"url": "https://bugzilla.suse.com/1223664"
},
{
"category": "self",
"summary": "SUSE Bug 1223665",
"url": "https://bugzilla.suse.com/1223665"
},
{
"category": "self",
"summary": "SUSE Bug 1223666",
"url": "https://bugzilla.suse.com/1223666"
},
{
"category": "self",
"summary": "SUSE Bug 1223668",
"url": "https://bugzilla.suse.com/1223668"
},
{
"category": "self",
"summary": "SUSE Bug 1223669",
"url": "https://bugzilla.suse.com/1223669"
},
{
"category": "self",
"summary": "SUSE Bug 1223670",
"url": "https://bugzilla.suse.com/1223670"
},
{
"category": "self",
"summary": "SUSE Bug 1223671",
"url": "https://bugzilla.suse.com/1223671"
},
{
"category": "self",
"summary": "SUSE Bug 1223675",
"url": "https://bugzilla.suse.com/1223675"
},
{
"category": "self",
"summary": "SUSE Bug 1223677",
"url": "https://bugzilla.suse.com/1223677"
},
{
"category": "self",
"summary": "SUSE Bug 1223678",
"url": "https://bugzilla.suse.com/1223678"
},
{
"category": "self",
"summary": "SUSE Bug 1223686",
"url": "https://bugzilla.suse.com/1223686"
},
{
"category": "self",
"summary": "SUSE Bug 1223692",
"url": "https://bugzilla.suse.com/1223692"
},
{
"category": "self",
"summary": "SUSE Bug 1223693",
"url": "https://bugzilla.suse.com/1223693"
},
{
"category": "self",
"summary": "SUSE Bug 1223695",
"url": "https://bugzilla.suse.com/1223695"
},
{
"category": "self",
"summary": "SUSE Bug 1223696",
"url": "https://bugzilla.suse.com/1223696"
},
{
"category": "self",
"summary": "SUSE Bug 1223698",
"url": "https://bugzilla.suse.com/1223698"
},
{
"category": "self",
"summary": "SUSE Bug 1223705",
"url": "https://bugzilla.suse.com/1223705"
},
{
"category": "self",
"summary": "SUSE Bug 1223712",
"url": "https://bugzilla.suse.com/1223712"
},
{
"category": "self",
"summary": "SUSE Bug 1223718",
"url": "https://bugzilla.suse.com/1223718"
},
{
"category": "self",
"summary": "SUSE Bug 1223728",
"url": "https://bugzilla.suse.com/1223728"
},
{
"category": "self",
"summary": "SUSE Bug 1223732",
"url": "https://bugzilla.suse.com/1223732"
},
{
"category": "self",
"summary": "SUSE Bug 1223735",
"url": "https://bugzilla.suse.com/1223735"
},
{
"category": "self",
"summary": "SUSE Bug 1223739",
"url": "https://bugzilla.suse.com/1223739"
},
{
"category": "self",
"summary": "SUSE Bug 1223741",
"url": "https://bugzilla.suse.com/1223741"
},
{
"category": "self",
"summary": "SUSE Bug 1223744",
"url": "https://bugzilla.suse.com/1223744"
},
{
"category": "self",
"summary": "SUSE Bug 1223745",
"url": "https://bugzilla.suse.com/1223745"
},
{
"category": "self",
"summary": "SUSE Bug 1223747",
"url": "https://bugzilla.suse.com/1223747"
},
{
"category": "self",
"summary": "SUSE Bug 1223748",
"url": "https://bugzilla.suse.com/1223748"
},
{
"category": "self",
"summary": "SUSE Bug 1223749",
"url": "https://bugzilla.suse.com/1223749"
},
{
"category": "self",
"summary": "SUSE Bug 1223750",
"url": "https://bugzilla.suse.com/1223750"
},
{
"category": "self",
"summary": "SUSE Bug 1223752",
"url": "https://bugzilla.suse.com/1223752"
},
{
"category": "self",
"summary": "SUSE Bug 1223754",
"url": "https://bugzilla.suse.com/1223754"
},
{
"category": "self",
"summary": "SUSE Bug 1223757",
"url": "https://bugzilla.suse.com/1223757"
},
{
"category": "self",
"summary": "SUSE Bug 1223759",
"url": "https://bugzilla.suse.com/1223759"
},
{
"category": "self",
"summary": "SUSE Bug 1223761",
"url": "https://bugzilla.suse.com/1223761"
},
{
"category": "self",
"summary": "SUSE Bug 1223762",
"url": "https://bugzilla.suse.com/1223762"
},
{
"category": "self",
"summary": "SUSE Bug 1223774",
"url": "https://bugzilla.suse.com/1223774"
},
{
"category": "self",
"summary": "SUSE Bug 1223782",
"url": "https://bugzilla.suse.com/1223782"
},
{
"category": "self",
"summary": "SUSE Bug 1223787",
"url": "https://bugzilla.suse.com/1223787"
},
{
"category": "self",
"summary": "SUSE Bug 1223788",
"url": "https://bugzilla.suse.com/1223788"
},
{
"category": "self",
"summary": "SUSE Bug 1223789",
"url": "https://bugzilla.suse.com/1223789"
},
{
"category": "self",
"summary": "SUSE Bug 1223790",
"url": "https://bugzilla.suse.com/1223790"
},
{
"category": "self",
"summary": "SUSE Bug 1223802",
"url": "https://bugzilla.suse.com/1223802"
},
{
"category": "self",
"summary": "SUSE Bug 1223805",
"url": "https://bugzilla.suse.com/1223805"
},
{
"category": "self",
"summary": "SUSE Bug 1223810",
"url": "https://bugzilla.suse.com/1223810"
},
{
"category": "self",
"summary": "SUSE Bug 1223822",
"url": "https://bugzilla.suse.com/1223822"
},
{
"category": "self",
"summary": "SUSE Bug 1223827",
"url": "https://bugzilla.suse.com/1223827"
},
{
"category": "self",
"summary": "SUSE Bug 1223831",
"url": "https://bugzilla.suse.com/1223831"
},
{
"category": "self",
"summary": "SUSE Bug 1223834",
"url": "https://bugzilla.suse.com/1223834"
},
{
"category": "self",
"summary": "SUSE Bug 1223838",
"url": "https://bugzilla.suse.com/1223838"
},
{
"category": "self",
"summary": "SUSE Bug 1223869",
"url": "https://bugzilla.suse.com/1223869"
},
{
"category": "self",
"summary": "SUSE Bug 1223870",
"url": "https://bugzilla.suse.com/1223870"
},
{
"category": "self",
"summary": "SUSE Bug 1223871",
"url": "https://bugzilla.suse.com/1223871"
},
{
"category": "self",
"summary": "SUSE Bug 1223872",
"url": "https://bugzilla.suse.com/1223872"
},
{
"category": "self",
"summary": "SUSE Bug 1223874",
"url": "https://bugzilla.suse.com/1223874"
},
{
"category": "self",
"summary": "SUSE Bug 1223944",
"url": "https://bugzilla.suse.com/1223944"
},
{
"category": "self",
"summary": "SUSE Bug 1223945",
"url": "https://bugzilla.suse.com/1223945"
},
{
"category": "self",
"summary": "SUSE Bug 1223946",
"url": "https://bugzilla.suse.com/1223946"
},
{
"category": "self",
"summary": "SUSE Bug 1223991",
"url": "https://bugzilla.suse.com/1223991"
},
{
"category": "self",
"summary": "SUSE Bug 1224076",
"url": "https://bugzilla.suse.com/1224076"
},
{
"category": "self",
"summary": "SUSE Bug 1224096",
"url": "https://bugzilla.suse.com/1224096"
},
{
"category": "self",
"summary": "SUSE Bug 1224098",
"url": "https://bugzilla.suse.com/1224098"
},
{
"category": "self",
"summary": "SUSE Bug 1224099",
"url": "https://bugzilla.suse.com/1224099"
},
{
"category": "self",
"summary": "SUSE Bug 1224137",
"url": "https://bugzilla.suse.com/1224137"
},
{
"category": "self",
"summary": "SUSE Bug 1224166",
"url": "https://bugzilla.suse.com/1224166"
},
{
"category": "self",
"summary": "SUSE Bug 1224174",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "self",
"summary": "SUSE Bug 1224177",
"url": "https://bugzilla.suse.com/1224177"
},
{
"category": "self",
"summary": "SUSE Bug 1224180",
"url": "https://bugzilla.suse.com/1224180"
},
{
"category": "self",
"summary": "SUSE Bug 1224181",
"url": "https://bugzilla.suse.com/1224181"
},
{
"category": "self",
"summary": "SUSE Bug 1224331",
"url": "https://bugzilla.suse.com/1224331"
},
{
"category": "self",
"summary": "SUSE Bug 1224348",
"url": "https://bugzilla.suse.com/1224348"
},
{
"category": "self",
"summary": "SUSE Bug 1224423",
"url": "https://bugzilla.suse.com/1224423"
},
{
"category": "self",
"summary": "SUSE Bug 1224429",
"url": "https://bugzilla.suse.com/1224429"
},
{
"category": "self",
"summary": "SUSE Bug 1224430",
"url": "https://bugzilla.suse.com/1224430"
},
{
"category": "self",
"summary": "SUSE Bug 1224432",
"url": "https://bugzilla.suse.com/1224432"
},
{
"category": "self",
"summary": "SUSE Bug 1224433",
"url": "https://bugzilla.suse.com/1224433"
},
{
"category": "self",
"summary": "SUSE Bug 1224437",
"url": "https://bugzilla.suse.com/1224437"
},
{
"category": "self",
"summary": "SUSE Bug 1224438",
"url": "https://bugzilla.suse.com/1224438"
},
{
"category": "self",
"summary": "SUSE Bug 1224442",
"url": "https://bugzilla.suse.com/1224442"
},
{
"category": "self",
"summary": "SUSE Bug 1224443",
"url": "https://bugzilla.suse.com/1224443"
},
{
"category": "self",
"summary": "SUSE Bug 1224445",
"url": "https://bugzilla.suse.com/1224445"
},
{
"category": "self",
"summary": "SUSE Bug 1224449",
"url": "https://bugzilla.suse.com/1224449"
},
{
"category": "self",
"summary": "SUSE Bug 1224477",
"url": "https://bugzilla.suse.com/1224477"
},
{
"category": "self",
"summary": "SUSE Bug 1224479",
"url": "https://bugzilla.suse.com/1224479"
},
{
"category": "self",
"summary": "SUSE Bug 1224480",
"url": "https://bugzilla.suse.com/1224480"
},
{
"category": "self",
"summary": "SUSE Bug 1224481",
"url": "https://bugzilla.suse.com/1224481"
},
{
"category": "self",
"summary": "SUSE Bug 1224482",
"url": "https://bugzilla.suse.com/1224482"
},
{
"category": "self",
"summary": "SUSE Bug 1224486",
"url": "https://bugzilla.suse.com/1224486"
},
{
"category": "self",
"summary": "SUSE Bug 1224487",
"url": "https://bugzilla.suse.com/1224487"
},
{
"category": "self",
"summary": "SUSE Bug 1224488",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "self",
"summary": "SUSE Bug 1224491",
"url": "https://bugzilla.suse.com/1224491"
},
{
"category": "self",
"summary": "SUSE Bug 1224492",
"url": "https://bugzilla.suse.com/1224492"
},
{
"category": "self",
"summary": "SUSE Bug 1224493",
"url": "https://bugzilla.suse.com/1224493"
},
{
"category": "self",
"summary": "SUSE Bug 1224494",
"url": "https://bugzilla.suse.com/1224494"
},
{
"category": "self",
"summary": "SUSE Bug 1224495",
"url": "https://bugzilla.suse.com/1224495"
},
{
"category": "self",
"summary": "SUSE Bug 1224500",
"url": "https://bugzilla.suse.com/1224500"
},
{
"category": "self",
"summary": "SUSE Bug 1224501",
"url": "https://bugzilla.suse.com/1224501"
},
{
"category": "self",
"summary": "SUSE Bug 1224502",
"url": "https://bugzilla.suse.com/1224502"
},
{
"category": "self",
"summary": "SUSE Bug 1224504",
"url": "https://bugzilla.suse.com/1224504"
},
{
"category": "self",
"summary": "SUSE Bug 1224505",
"url": "https://bugzilla.suse.com/1224505"
},
{
"category": "self",
"summary": "SUSE Bug 1224506",
"url": "https://bugzilla.suse.com/1224506"
},
{
"category": "self",
"summary": "SUSE Bug 1224507",
"url": "https://bugzilla.suse.com/1224507"
},
{
"category": "self",
"summary": "SUSE Bug 1224508",
"url": "https://bugzilla.suse.com/1224508"
},
{
"category": "self",
"summary": "SUSE Bug 1224509",
"url": "https://bugzilla.suse.com/1224509"
},
{
"category": "self",
"summary": "SUSE Bug 1224511",
"url": "https://bugzilla.suse.com/1224511"
},
{
"category": "self",
"summary": "SUSE Bug 1224513",
"url": "https://bugzilla.suse.com/1224513"
},
{
"category": "self",
"summary": "SUSE Bug 1224517",
"url": "https://bugzilla.suse.com/1224517"
},
{
"category": "self",
"summary": "SUSE Bug 1224519",
"url": "https://bugzilla.suse.com/1224519"
},
{
"category": "self",
"summary": "SUSE Bug 1224521",
"url": "https://bugzilla.suse.com/1224521"
},
{
"category": "self",
"summary": "SUSE Bug 1224524",
"url": "https://bugzilla.suse.com/1224524"
},
{
"category": "self",
"summary": "SUSE Bug 1224525",
"url": "https://bugzilla.suse.com/1224525"
},
{
"category": "self",
"summary": "SUSE Bug 1224526",
"url": "https://bugzilla.suse.com/1224526"
},
{
"category": "self",
"summary": "SUSE Bug 1224530",
"url": "https://bugzilla.suse.com/1224530"
},
{
"category": "self",
"summary": "SUSE Bug 1224531",
"url": "https://bugzilla.suse.com/1224531"
},
{
"category": "self",
"summary": "SUSE Bug 1224534",
"url": "https://bugzilla.suse.com/1224534"
},
{
"category": "self",
"summary": "SUSE Bug 1224537",
"url": "https://bugzilla.suse.com/1224537"
},
{
"category": "self",
"summary": "SUSE Bug 1224541",
"url": "https://bugzilla.suse.com/1224541"
},
{
"category": "self",
"summary": "SUSE Bug 1224542",
"url": "https://bugzilla.suse.com/1224542"
},
{
"category": "self",
"summary": "SUSE Bug 1224543",
"url": "https://bugzilla.suse.com/1224543"
},
{
"category": "self",
"summary": "SUSE Bug 1224546",
"url": "https://bugzilla.suse.com/1224546"
},
{
"category": "self",
"summary": "SUSE Bug 1224550",
"url": "https://bugzilla.suse.com/1224550"
},
{
"category": "self",
"summary": "SUSE Bug 1224552",
"url": "https://bugzilla.suse.com/1224552"
},
{
"category": "self",
"summary": "SUSE Bug 1224553",
"url": "https://bugzilla.suse.com/1224553"
},
{
"category": "self",
"summary": "SUSE Bug 1224555",
"url": "https://bugzilla.suse.com/1224555"
},
{
"category": "self",
"summary": "SUSE Bug 1224557",
"url": "https://bugzilla.suse.com/1224557"
},
{
"category": "self",
"summary": "SUSE Bug 1224558",
"url": "https://bugzilla.suse.com/1224558"
},
{
"category": "self",
"summary": "SUSE Bug 1224559",
"url": "https://bugzilla.suse.com/1224559"
},
{
"category": "self",
"summary": "SUSE Bug 1224562",
"url": "https://bugzilla.suse.com/1224562"
},
{
"category": "self",
"summary": "SUSE Bug 1224565",
"url": "https://bugzilla.suse.com/1224565"
},
{
"category": "self",
"summary": "SUSE Bug 1224566",
"url": "https://bugzilla.suse.com/1224566"
},
{
"category": "self",
"summary": "SUSE Bug 1224567",
"url": "https://bugzilla.suse.com/1224567"
},
{
"category": "self",
"summary": "SUSE Bug 1224568",
"url": "https://bugzilla.suse.com/1224568"
},
{
"category": "self",
"summary": "SUSE Bug 1224569",
"url": "https://bugzilla.suse.com/1224569"
},
{
"category": "self",
"summary": "SUSE Bug 1224571",
"url": "https://bugzilla.suse.com/1224571"
},
{
"category": "self",
"summary": "SUSE Bug 1224573",
"url": "https://bugzilla.suse.com/1224573"
},
{
"category": "self",
"summary": "SUSE Bug 1224576",
"url": "https://bugzilla.suse.com/1224576"
},
{
"category": "self",
"summary": "SUSE Bug 1224577",
"url": "https://bugzilla.suse.com/1224577"
},
{
"category": "self",
"summary": "SUSE Bug 1224578",
"url": "https://bugzilla.suse.com/1224578"
},
{
"category": "self",
"summary": "SUSE Bug 1224579",
"url": "https://bugzilla.suse.com/1224579"
},
{
"category": "self",
"summary": "SUSE Bug 1224580",
"url": "https://bugzilla.suse.com/1224580"
},
{
"category": "self",
"summary": "SUSE Bug 1224581",
"url": "https://bugzilla.suse.com/1224581"
},
{
"category": "self",
"summary": "SUSE Bug 1224582",
"url": "https://bugzilla.suse.com/1224582"
},
{
"category": "self",
"summary": "SUSE Bug 1224585",
"url": "https://bugzilla.suse.com/1224585"
},
{
"category": "self",
"summary": "SUSE Bug 1224586",
"url": "https://bugzilla.suse.com/1224586"
},
{
"category": "self",
"summary": "SUSE Bug 1224587",
"url": "https://bugzilla.suse.com/1224587"
},
{
"category": "self",
"summary": "SUSE Bug 1224588",
"url": "https://bugzilla.suse.com/1224588"
},
{
"category": "self",
"summary": "SUSE Bug 1224592",
"url": "https://bugzilla.suse.com/1224592"
},
{
"category": "self",
"summary": "SUSE Bug 1224596",
"url": "https://bugzilla.suse.com/1224596"
},
{
"category": "self",
"summary": "SUSE Bug 1224598",
"url": "https://bugzilla.suse.com/1224598"
},
{
"category": "self",
"summary": "SUSE Bug 1224600",
"url": "https://bugzilla.suse.com/1224600"
},
{
"category": "self",
"summary": "SUSE Bug 1224601",
"url": "https://bugzilla.suse.com/1224601"
},
{
"category": "self",
"summary": "SUSE Bug 1224602",
"url": "https://bugzilla.suse.com/1224602"
},
{
"category": "self",
"summary": "SUSE Bug 1224603",
"url": "https://bugzilla.suse.com/1224603"
},
{
"category": "self",
"summary": "SUSE Bug 1224605",
"url": "https://bugzilla.suse.com/1224605"
},
{
"category": "self",
"summary": "SUSE Bug 1224607",
"url": "https://bugzilla.suse.com/1224607"
},
{
"category": "self",
"summary": "SUSE Bug 1224608",
"url": "https://bugzilla.suse.com/1224608"
},
{
"category": "self",
"summary": "SUSE Bug 1224609",
"url": "https://bugzilla.suse.com/1224609"
},
{
"category": "self",
"summary": "SUSE Bug 1224611",
"url": "https://bugzilla.suse.com/1224611"
},
{
"category": "self",
"summary": "SUSE Bug 1224613",
"url": "https://bugzilla.suse.com/1224613"
},
{
"category": "self",
"summary": "SUSE Bug 1224615",
"url": "https://bugzilla.suse.com/1224615"
},
{
"category": "self",
"summary": "SUSE Bug 1224617",
"url": "https://bugzilla.suse.com/1224617"
},
{
"category": "self",
"summary": "SUSE Bug 1224618",
"url": "https://bugzilla.suse.com/1224618"
},
{
"category": "self",
"summary": "SUSE Bug 1224620",
"url": "https://bugzilla.suse.com/1224620"
},
{
"category": "self",
"summary": "SUSE Bug 1224621",
"url": "https://bugzilla.suse.com/1224621"
},
{
"category": "self",
"summary": "SUSE Bug 1224622",
"url": "https://bugzilla.suse.com/1224622"
},
{
"category": "self",
"summary": "SUSE Bug 1224623",
"url": "https://bugzilla.suse.com/1224623"
},
{
"category": "self",
"summary": "SUSE Bug 1224624",
"url": "https://bugzilla.suse.com/1224624"
},
{
"category": "self",
"summary": "SUSE Bug 1224626",
"url": "https://bugzilla.suse.com/1224626"
},
{
"category": "self",
"summary": "SUSE Bug 1224627",
"url": "https://bugzilla.suse.com/1224627"
},
{
"category": "self",
"summary": "SUSE Bug 1224628",
"url": "https://bugzilla.suse.com/1224628"
},
{
"category": "self",
"summary": "SUSE Bug 1224629",
"url": "https://bugzilla.suse.com/1224629"
},
{
"category": "self",
"summary": "SUSE Bug 1224630",
"url": "https://bugzilla.suse.com/1224630"
},
{
"category": "self",
"summary": "SUSE Bug 1224632",
"url": "https://bugzilla.suse.com/1224632"
},
{
"category": "self",
"summary": "SUSE Bug 1224633",
"url": "https://bugzilla.suse.com/1224633"
},
{
"category": "self",
"summary": "SUSE Bug 1224634",
"url": "https://bugzilla.suse.com/1224634"
},
{
"category": "self",
"summary": "SUSE Bug 1224636",
"url": "https://bugzilla.suse.com/1224636"
},
{
"category": "self",
"summary": "SUSE Bug 1224637",
"url": "https://bugzilla.suse.com/1224637"
},
{
"category": "self",
"summary": "SUSE Bug 1224638",
"url": "https://bugzilla.suse.com/1224638"
},
{
"category": "self",
"summary": "SUSE Bug 1224639",
"url": "https://bugzilla.suse.com/1224639"
},
{
"category": "self",
"summary": "SUSE Bug 1224640",
"url": "https://bugzilla.suse.com/1224640"
},
{
"category": "self",
"summary": "SUSE Bug 1224643",
"url": "https://bugzilla.suse.com/1224643"
},
{
"category": "self",
"summary": "SUSE Bug 1224644",
"url": "https://bugzilla.suse.com/1224644"
},
{
"category": "self",
"summary": "SUSE Bug 1224645",
"url": "https://bugzilla.suse.com/1224645"
},
{
"category": "self",
"summary": "SUSE Bug 1224646",
"url": "https://bugzilla.suse.com/1224646"
},
{
"category": "self",
"summary": "SUSE Bug 1224647",
"url": "https://bugzilla.suse.com/1224647"
},
{
"category": "self",
"summary": "SUSE Bug 1224648",
"url": "https://bugzilla.suse.com/1224648"
},
{
"category": "self",
"summary": "SUSE Bug 1224649",
"url": "https://bugzilla.suse.com/1224649"
},
{
"category": "self",
"summary": "SUSE Bug 1224650",
"url": "https://bugzilla.suse.com/1224650"
},
{
"category": "self",
"summary": "SUSE Bug 1224651",
"url": "https://bugzilla.suse.com/1224651"
},
{
"category": "self",
"summary": "SUSE Bug 1224652",
"url": "https://bugzilla.suse.com/1224652"
},
{
"category": "self",
"summary": "SUSE Bug 1224653",
"url": "https://bugzilla.suse.com/1224653"
},
{
"category": "self",
"summary": "SUSE Bug 1224654",
"url": "https://bugzilla.suse.com/1224654"
},
{
"category": "self",
"summary": "SUSE Bug 1224657",
"url": "https://bugzilla.suse.com/1224657"
},
{
"category": "self",
"summary": "SUSE Bug 1224660",
"url": "https://bugzilla.suse.com/1224660"
},
{
"category": "self",
"summary": "SUSE Bug 1224663",
"url": "https://bugzilla.suse.com/1224663"
},
{
"category": "self",
"summary": "SUSE Bug 1224664",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "self",
"summary": "SUSE Bug 1224665",
"url": "https://bugzilla.suse.com/1224665"
},
{
"category": "self",
"summary": "SUSE Bug 1224666",
"url": "https://bugzilla.suse.com/1224666"
},
{
"category": "self",
"summary": "SUSE Bug 1224667",
"url": "https://bugzilla.suse.com/1224667"
},
{
"category": "self",
"summary": "SUSE Bug 1224668",
"url": "https://bugzilla.suse.com/1224668"
},
{
"category": "self",
"summary": "SUSE Bug 1224671",
"url": "https://bugzilla.suse.com/1224671"
},
{
"category": "self",
"summary": "SUSE Bug 1224672",
"url": "https://bugzilla.suse.com/1224672"
},
{
"category": "self",
"summary": "SUSE Bug 1224674",
"url": "https://bugzilla.suse.com/1224674"
},
{
"category": "self",
"summary": "SUSE Bug 1224675",
"url": "https://bugzilla.suse.com/1224675"
},
{
"category": "self",
"summary": "SUSE Bug 1224676",
"url": "https://bugzilla.suse.com/1224676"
},
{
"category": "self",
"summary": "SUSE Bug 1224677",
"url": "https://bugzilla.suse.com/1224677"
},
{
"category": "self",
"summary": "SUSE Bug 1224678",
"url": "https://bugzilla.suse.com/1224678"
},
{
"category": "self",
"summary": "SUSE Bug 1224679",
"url": "https://bugzilla.suse.com/1224679"
},
{
"category": "self",
"summary": "SUSE Bug 1224680",
"url": "https://bugzilla.suse.com/1224680"
},
{
"category": "self",
"summary": "SUSE Bug 1224681",
"url": "https://bugzilla.suse.com/1224681"
},
{
"category": "self",
"summary": "SUSE Bug 1224682",
"url": "https://bugzilla.suse.com/1224682"
},
{
"category": "self",
"summary": "SUSE Bug 1224683",
"url": "https://bugzilla.suse.com/1224683"
},
{
"category": "self",
"summary": "SUSE Bug 1224685",
"url": "https://bugzilla.suse.com/1224685"
},
{
"category": "self",
"summary": "SUSE Bug 1224686",
"url": "https://bugzilla.suse.com/1224686"
},
{
"category": "self",
"summary": "SUSE Bug 1224687",
"url": "https://bugzilla.suse.com/1224687"
},
{
"category": "self",
"summary": "SUSE Bug 1224688",
"url": "https://bugzilla.suse.com/1224688"
},
{
"category": "self",
"summary": "SUSE Bug 1224692",
"url": "https://bugzilla.suse.com/1224692"
},
{
"category": "self",
"summary": "SUSE Bug 1224696",
"url": "https://bugzilla.suse.com/1224696"
},
{
"category": "self",
"summary": "SUSE Bug 1224697",
"url": "https://bugzilla.suse.com/1224697"
},
{
"category": "self",
"summary": "SUSE Bug 1224699",
"url": "https://bugzilla.suse.com/1224699"
},
{
"category": "self",
"summary": "SUSE Bug 1224701",
"url": "https://bugzilla.suse.com/1224701"
},
{
"category": "self",
"summary": "SUSE Bug 1224703",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "self",
"summary": "SUSE Bug 1224704",
"url": "https://bugzilla.suse.com/1224704"
},
{
"category": "self",
"summary": "SUSE Bug 1224705",
"url": "https://bugzilla.suse.com/1224705"
},
{
"category": "self",
"summary": "SUSE Bug 1224706",
"url": "https://bugzilla.suse.com/1224706"
},
{
"category": "self",
"summary": "SUSE Bug 1224707",
"url": "https://bugzilla.suse.com/1224707"
},
{
"category": "self",
"summary": "SUSE Bug 1224709",
"url": "https://bugzilla.suse.com/1224709"
},
{
"category": "self",
"summary": "SUSE Bug 1224710",
"url": "https://bugzilla.suse.com/1224710"
},
{
"category": "self",
"summary": "SUSE Bug 1224712",
"url": "https://bugzilla.suse.com/1224712"
},
{
"category": "self",
"summary": "SUSE Bug 1224714",
"url": "https://bugzilla.suse.com/1224714"
},
{
"category": "self",
"summary": "SUSE Bug 1224716",
"url": "https://bugzilla.suse.com/1224716"
},
{
"category": "self",
"summary": "SUSE Bug 1224717",
"url": "https://bugzilla.suse.com/1224717"
},
{
"category": "self",
"summary": "SUSE Bug 1224718",
"url": "https://bugzilla.suse.com/1224718"
},
{
"category": "self",
"summary": "SUSE Bug 1224719",
"url": "https://bugzilla.suse.com/1224719"
},
{
"category": "self",
"summary": "SUSE Bug 1224720",
"url": "https://bugzilla.suse.com/1224720"
},
{
"category": "self",
"summary": "SUSE Bug 1224721",
"url": "https://bugzilla.suse.com/1224721"
},
{
"category": "self",
"summary": "SUSE Bug 1224722",
"url": "https://bugzilla.suse.com/1224722"
},
{
"category": "self",
"summary": "SUSE Bug 1224723",
"url": "https://bugzilla.suse.com/1224723"
},
{
"category": "self",
"summary": "SUSE Bug 1224725",
"url": "https://bugzilla.suse.com/1224725"
},
{
"category": "self",
"summary": "SUSE Bug 1224727",
"url": "https://bugzilla.suse.com/1224727"
},
{
"category": "self",
"summary": "SUSE Bug 1224728",
"url": "https://bugzilla.suse.com/1224728"
},
{
"category": "self",
"summary": "SUSE Bug 1224729",
"url": "https://bugzilla.suse.com/1224729"
},
{
"category": "self",
"summary": "SUSE Bug 1224730",
"url": "https://bugzilla.suse.com/1224730"
},
{
"category": "self",
"summary": "SUSE Bug 1224731",
"url": "https://bugzilla.suse.com/1224731"
},
{
"category": "self",
"summary": "SUSE Bug 1224732",
"url": "https://bugzilla.suse.com/1224732"
},
{
"category": "self",
"summary": "SUSE Bug 1224733",
"url": "https://bugzilla.suse.com/1224733"
},
{
"category": "self",
"summary": "SUSE Bug 1224736",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "self",
"summary": "SUSE Bug 1224738",
"url": "https://bugzilla.suse.com/1224738"
},
{
"category": "self",
"summary": "SUSE Bug 1224739",
"url": "https://bugzilla.suse.com/1224739"
},
{
"category": "self",
"summary": "SUSE Bug 1224740",
"url": "https://bugzilla.suse.com/1224740"
},
{
"category": "self",
"summary": "SUSE Bug 1224741",
"url": "https://bugzilla.suse.com/1224741"
},
{
"category": "self",
"summary": "SUSE Bug 1224742",
"url": "https://bugzilla.suse.com/1224742"
},
{
"category": "self",
"summary": "SUSE Bug 1224747",
"url": "https://bugzilla.suse.com/1224747"
},
{
"category": "self",
"summary": "SUSE Bug 1224749",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "self",
"summary": "SUSE Bug 1224763",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "self",
"summary": "SUSE Bug 1224764",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "self",
"summary": "SUSE Bug 1224765",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "self",
"summary": "SUSE Bug 1224766",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "self",
"summary": "SUSE Bug 1224790",
"url": "https://bugzilla.suse.com/1224790"
},
{
"category": "self",
"summary": "SUSE Bug 1224792",
"url": "https://bugzilla.suse.com/1224792"
},
{
"category": "self",
"summary": "SUSE Bug 1224793",
"url": "https://bugzilla.suse.com/1224793"
},
{
"category": "self",
"summary": "SUSE Bug 1224803",
"url": "https://bugzilla.suse.com/1224803"
},
{
"category": "self",
"summary": "SUSE Bug 1224804",
"url": "https://bugzilla.suse.com/1224804"
},
{
"category": "self",
"summary": "SUSE Bug 1224866",
"url": "https://bugzilla.suse.com/1224866"
},
{
"category": "self",
"summary": "SUSE Bug 1224936",
"url": "https://bugzilla.suse.com/1224936"
},
{
"category": "self",
"summary": "SUSE Bug 1224989",
"url": "https://bugzilla.suse.com/1224989"
},
{
"category": "self",
"summary": "SUSE Bug 1225007",
"url": "https://bugzilla.suse.com/1225007"
},
{
"category": "self",
"summary": "SUSE Bug 1225053",
"url": "https://bugzilla.suse.com/1225053"
},
{
"category": "self",
"summary": "SUSE Bug 1225133",
"url": "https://bugzilla.suse.com/1225133"
},
{
"category": "self",
"summary": "SUSE Bug 1225134",
"url": "https://bugzilla.suse.com/1225134"
},
{
"category": "self",
"summary": "SUSE Bug 1225136",
"url": "https://bugzilla.suse.com/1225136"
},
{
"category": "self",
"summary": "SUSE Bug 1225172",
"url": "https://bugzilla.suse.com/1225172"
},
{
"category": "self",
"summary": "SUSE Bug 1225502",
"url": "https://bugzilla.suse.com/1225502"
},
{
"category": "self",
"summary": "SUSE Bug 1225578",
"url": "https://bugzilla.suse.com/1225578"
},
{
"category": "self",
"summary": "SUSE Bug 1225579",
"url": "https://bugzilla.suse.com/1225579"
},
{
"category": "self",
"summary": "SUSE Bug 1225580",
"url": "https://bugzilla.suse.com/1225580"
},
{
"category": "self",
"summary": "SUSE Bug 1225593",
"url": "https://bugzilla.suse.com/1225593"
},
{
"category": "self",
"summary": "SUSE Bug 1225605",
"url": "https://bugzilla.suse.com/1225605"
},
{
"category": "self",
"summary": "SUSE Bug 1225607",
"url": "https://bugzilla.suse.com/1225607"
},
{
"category": "self",
"summary": "SUSE Bug 1225610",
"url": "https://bugzilla.suse.com/1225610"
},
{
"category": "self",
"summary": "SUSE Bug 1225616",
"url": "https://bugzilla.suse.com/1225616"
},
{
"category": "self",
"summary": "SUSE Bug 1225618",
"url": "https://bugzilla.suse.com/1225618"
},
{
"category": "self",
"summary": "SUSE Bug 1225640",
"url": "https://bugzilla.suse.com/1225640"
},
{
"category": "self",
"summary": "SUSE Bug 1225642",
"url": "https://bugzilla.suse.com/1225642"
},
{
"category": "self",
"summary": "SUSE Bug 1225692",
"url": "https://bugzilla.suse.com/1225692"
},
{
"category": "self",
"summary": "SUSE Bug 1225694",
"url": "https://bugzilla.suse.com/1225694"
},
{
"category": "self",
"summary": "SUSE Bug 1225695",
"url": "https://bugzilla.suse.com/1225695"
},
{
"category": "self",
"summary": "SUSE Bug 1225696",
"url": "https://bugzilla.suse.com/1225696"
},
{
"category": "self",
"summary": "SUSE Bug 1225698",
"url": "https://bugzilla.suse.com/1225698"
},
{
"category": "self",
"summary": "SUSE Bug 1225699",
"url": "https://bugzilla.suse.com/1225699"
},
{
"category": "self",
"summary": "SUSE Bug 1225704",
"url": "https://bugzilla.suse.com/1225704"
},
{
"category": "self",
"summary": "SUSE Bug 1225705",
"url": "https://bugzilla.suse.com/1225705"
},
{
"category": "self",
"summary": "SUSE Bug 1225708",
"url": "https://bugzilla.suse.com/1225708"
},
{
"category": "self",
"summary": "SUSE Bug 1225710",
"url": "https://bugzilla.suse.com/1225710"
},
{
"category": "self",
"summary": "SUSE Bug 1225712",
"url": "https://bugzilla.suse.com/1225712"
},
{
"category": "self",
"summary": "SUSE Bug 1225714",
"url": "https://bugzilla.suse.com/1225714"
},
{
"category": "self",
"summary": "SUSE Bug 1225715",
"url": "https://bugzilla.suse.com/1225715"
},
{
"category": "self",
"summary": "SUSE Bug 1225720",
"url": "https://bugzilla.suse.com/1225720"
},
{
"category": "self",
"summary": "SUSE Bug 1225722",
"url": "https://bugzilla.suse.com/1225722"
},
{
"category": "self",
"summary": "SUSE Bug 1225728",
"url": "https://bugzilla.suse.com/1225728"
},
{
"category": "self",
"summary": "SUSE Bug 1225734",
"url": "https://bugzilla.suse.com/1225734"
},
{
"category": "self",
"summary": "SUSE Bug 1225735",
"url": "https://bugzilla.suse.com/1225735"
},
{
"category": "self",
"summary": "SUSE Bug 1225736",
"url": "https://bugzilla.suse.com/1225736"
},
{
"category": "self",
"summary": "SUSE Bug 1225747",
"url": "https://bugzilla.suse.com/1225747"
},
{
"category": "self",
"summary": "SUSE Bug 1225748",
"url": "https://bugzilla.suse.com/1225748"
},
{
"category": "self",
"summary": "SUSE Bug 1225749",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "self",
"summary": "SUSE Bug 1225750",
"url": "https://bugzilla.suse.com/1225750"
},
{
"category": "self",
"summary": "SUSE Bug 1225756",
"url": "https://bugzilla.suse.com/1225756"
},
{
"category": "self",
"summary": "SUSE Bug 1225765",
"url": "https://bugzilla.suse.com/1225765"
},
{
"category": "self",
"summary": "SUSE Bug 1225766",
"url": "https://bugzilla.suse.com/1225766"
},
{
"category": "self",
"summary": "SUSE Bug 1225769",
"url": "https://bugzilla.suse.com/1225769"
},
{
"category": "self",
"summary": "SUSE Bug 1225773",
"url": "https://bugzilla.suse.com/1225773"
},
{
"category": "self",
"summary": "SUSE Bug 1225775",
"url": "https://bugzilla.suse.com/1225775"
},
{
"category": "self",
"summary": "SUSE Bug 1225842",
"url": "https://bugzilla.suse.com/1225842"
},
{
"category": "self",
"summary": "SUSE Bug 1225945",
"url": "https://bugzilla.suse.com/1225945"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-0160 page",
"url": "https://www.suse.com/security/cve/CVE-2023-0160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-47233 page",
"url": "https://www.suse.com/security/cve/CVE-2023-47233/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52434 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52458 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52458/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52463 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52472 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52472/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52483 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52492 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52503 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52591 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52591/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52608 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52608/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52616 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52618 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52631 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52631/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52635 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52635/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52640 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52640/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52641 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52641/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52645 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52652 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52653 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52654 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52655 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52657 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52658 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52659 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52660 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52660/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52661 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52662 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52662/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52663 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52663/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52664 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52667 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52667/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52669 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52670 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52670/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52671 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52673 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52674 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52675 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52678 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52679 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52680 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52681 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52681/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52683 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52683/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52685 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52686 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52686/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52687 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52687/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52690 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52690/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52691 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52691/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52692 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52693 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52694 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52694/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52695 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52695/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52696 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52697 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52698 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52771 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52772 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52860 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-52882 page",
"url": "https://www.suse.com/security/cve/CVE-2023-52882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6238 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6238/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6270 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6270/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6531 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6531/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2023-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-0639 page",
"url": "https://www.suse.com/security/cve/CVE-2024-0639/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21823 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-22099 page",
"url": "https://www.suse.com/security/cve/CVE-2024-22099/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-23848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-23848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26601 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26601/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26611 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26611/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26614 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26632 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26638 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26638/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26642 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26642/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26643 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26643/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26652 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26654 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26656 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26657 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26671 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26673 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26674 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26675 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26675/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26679 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26684 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26684/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26685 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26692 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26696 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26697 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26704 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26714 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26714/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26726 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26731 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26733 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26733/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26736 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26736/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26737 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26737/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26739 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26739/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26740 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26740/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26742 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26742/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26756 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26757 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26760 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26760/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-267600 page",
"url": "https://www.suse.com/security/cve/CVE-2024-267600/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26761 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26761/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26764 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26764/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26769 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26769/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26772 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26772/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26773 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26773/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26774 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26774/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26775 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26775/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26779 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26779/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26783 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26786 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26793 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26802 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26802/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26805 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26807 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26807/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26815 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26816 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26832 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26832/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26836 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26844 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26844/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26846 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26848 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26848/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26853 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26854 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26855 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26855/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26856 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26857 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26858 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26866 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26881 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26882 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26884 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26884/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26899 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26899/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26900 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26900/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26923 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26923/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26925 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26934 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26934/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26943 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26948 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26948/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26957 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26957/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26962 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26979 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26979/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26983 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26988 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26988/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26989 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26991 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26992 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26993 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26993/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26994 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26994/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26996 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26996/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-26999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-26999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27000 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27000/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27001 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27001/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27003 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27003/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27004 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27008 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27008/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27022 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27022/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27027 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27027/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27028 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27030 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27031 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27031/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27036 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27046 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27046/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27056 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27056/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27057 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27057/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27062 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27062/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27067 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27080 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27388 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27388/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27389 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27389/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27393 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27393/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27395 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27395/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27396 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27398 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27398/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27399 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27400 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27400/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27401 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27401/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27405 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27408 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27408/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27410 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27410/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27411 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27412 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27412/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27413 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27416 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27416/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27417 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27417/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27418 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27418/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27431 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27431/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27432 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27432/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27434 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27435 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27435/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-27436 page",
"url": "https://www.suse.com/security/cve/CVE-2024-27436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35784 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35786 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35786/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35794 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35795 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35795/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35796 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35796/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35799 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35799/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35800 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35800/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35801 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35801/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35803 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35804 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35804/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35806 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35808 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35808/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35809 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35809/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35810 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35810/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35811 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35811/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35812 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35812/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35813 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35813/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35814 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35814/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35815 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35815/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35817 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35817/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35819 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35819/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35821 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35821/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35822 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35823 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35823/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35824 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35824/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35825 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35825/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35828 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35828/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35829 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35829/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35830 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35830/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35833 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35833/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35834 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35834/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35835 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35836 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35836/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35837 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35837/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35838 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35838/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35841 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35842 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35845 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35845/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35847 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35847/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35849 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35849/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35850 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35850/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35851 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35851/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35852 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35854 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35854/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35860 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35861 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35862 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35863 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35864 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35865 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35866 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35866/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35867 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35867/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35868 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35868/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35869 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35869/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35870 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35872 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35872/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35875 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35875/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35877 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35878 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35879 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35883 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35887 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35887/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35889 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35891 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35901 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35901/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35903 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35903/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35904 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35904/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35905 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35905/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35907 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35907/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35909 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35909/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35911 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35912 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35912/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35914 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35915 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35915/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35916 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35917 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35917/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35924 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35927 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35927/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35935 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35935/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35937 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35938 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35943 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35943/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35946 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35946/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35953 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35953/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35954 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35956 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35958 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35958/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35959 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35959/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35960 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35960/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35961 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35963 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35964 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35965 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35966 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35966/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35967 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35969 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35969/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35971 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35971/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35972 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35972/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35973 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35973/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35974 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35975 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35975/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35977 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35977/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35978 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35978/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35981 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35981/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35982 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35982/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35984 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35986 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35989 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35989/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35990 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35990/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35991 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35991/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35992 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35992/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35995 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35995/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35997 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-35999 page",
"url": "https://www.suse.com/security/cve/CVE-2024-35999/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36002 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36002/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36006 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36007 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36007/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36009 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36009/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36013 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36014 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36014/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36015 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36015/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36016 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36016/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36018 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36018/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36019 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36020 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36020/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36021 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36025 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36026 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36029 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36029/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36030 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36032 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36032/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36880 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36885 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36885/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36890 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36891 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36891/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36893 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36893/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36894 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36895 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36895/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36896 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36897 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36898 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36898/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36906 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36906/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36918 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36922 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36922/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36928 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36928/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36930 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36931 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36931/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36936 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36936/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36940 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36941 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36941/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36942 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36942/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36944 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36944/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36947 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36947/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36949 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36949/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36950 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36950/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36951 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36955 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36955/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-36959 page",
"url": "https://www.suse.com/security/cve/CVE-2024-36959/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2024-06-21T11:03:42Z",
"generator": {
"date": "2024-06-21T11:03:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:2135-1",
"initial_release_date": "2024-06-21T11:03:42Z",
"revision_history": [
{
"date": "2024-06-21T11:03:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.5.4.aarch64",
"product_id": "kernel-azure-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"product_id": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"product": {
"name": "kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"product_id": "kernel-devel-azure-6.4.0-150600.8.5.4.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"product": {
"name": "kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"product_id": "kernel-source-azure-6.4.0-150600.8.5.4.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product_id": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product_id": "dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product_id": "gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "kernel-azure-6.4.0-150600.8.5.4.x86_64",
"product_id": "kernel-azure-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"product_id": "kernel-azure-devel-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"product_id": "kernel-azure-extra-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"product_id": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"product_id": "kernel-azure-optional-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"product_id": "kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"product": {
"name": "kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"product_id": "kernel-syms-azure-6.4.0-150600.8.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product_id": "kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product_id": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64"
}
},
{
"category": "product_version",
"name": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"product_id": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.5.4.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.5.4.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.5.4.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.5.4.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.5.4.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.5.4.noarch as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.5.1.aarch64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.5.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kernel-azure-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-devel-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-extra-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-optional-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-azure-6.4.0-150600.8.5.4.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch"
},
"product_reference": "kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-azure-6.4.0-150600.8.5.4.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch"
},
"product_reference": "kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.5.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-azure-6.4.0-150600.8.5.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64"
},
"product_reference": "kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
},
"product_reference": "reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-0160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-0160"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock flaw was found in the Linux kernel\u0027s BPF subsystem. This flaw allows a local user to potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-0160",
"url": "https://www.suse.com/security/cve/CVE-2023-0160"
},
{
"category": "external",
"summary": "SUSE Bug 1209657 for CVE-2023-0160",
"url": "https://bugzilla.suse.com/1209657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-0160"
},
{
"cve": "CVE-2023-47233",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-47233"
}
],
"notes": [
{
"category": "general",
"text": "The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this \"could be exploited in a real world scenario.\" This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-47233",
"url": "https://www.suse.com/security/cve/CVE-2023-47233"
},
{
"category": "external",
"summary": "SUSE Bug 1216702 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1216702"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2023-47233",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-47233"
},
{
"cve": "CVE-2023-52434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52434"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential OOBs in smb2_parse_contexts()\n\nValidate offsets and lengths before dereferencing create contexts in\nsmb2_parse_contexts().\n\nThis fixes following oops when accessing invalid create contexts from\nserver:\n\n BUG: unable to handle page fault for address: ffff8881178d8cc3\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 4a01067 P4D 4a01067 PUD 0\n Oops: 0000 [#1] PREEMPT SMP NOPTI\n CPU: 3 PID: 1736 Comm: mount.cifs Not tainted 6.7.0-rc4 #1\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS\n rel-1.16.2-3-gd478f380-rebuilt.opensuse.org 04/01/2014\n RIP: 0010:smb2_parse_contexts+0xa0/0x3a0 [cifs]\n Code: f8 10 75 13 48 b8 93 ad 25 50 9c b4 11 e7 49 39 06 0f 84 d2 00\n 00 00 8b 45 00 85 c0 74 61 41 29 c5 48 01 c5 41 83 fd 0f 76 55 \u003c0f\u003e b7\n 7d 04 0f b7 45 06 4c 8d 74 3d 00 66 83 f8 04 75 bc ba 04 00\n RSP: 0018:ffffc900007939e0 EFLAGS: 00010216\n RAX: ffffc90000793c78 RBX: ffff8880180cc000 RCX: ffffc90000793c90\n RDX: ffffc90000793cc0 RSI: ffff8880178d8cc0 RDI: ffff8880180cc000\n RBP: ffff8881178d8cbf R08: ffffc90000793c22 R09: 0000000000000000\n R10: ffff8880180cc000 R11: 0000000000000024 R12: 0000000000000000\n R13: 0000000000000020 R14: 0000000000000000 R15: ffffc90000793c22\n FS: 00007f873753cbc0(0000) GS:ffff88806bc00000(0000)\n knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: ffff8881178d8cc3 CR3: 00000000181ca000 CR4: 0000000000750ef0\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __die+0x23/0x70\n ? page_fault_oops+0x181/0x480\n ? search_module_extables+0x19/0x60\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? exc_page_fault+0x1b6/0x1c0\n ? asm_exc_page_fault+0x26/0x30\n ? smb2_parse_contexts+0xa0/0x3a0 [cifs]\n SMB2_open+0x38d/0x5f0 [cifs]\n ? smb2_is_path_accessible+0x138/0x260 [cifs]\n smb2_is_path_accessible+0x138/0x260 [cifs]\n cifs_is_path_remote+0x8d/0x230 [cifs]\n cifs_mount+0x7e/0x350 [cifs]\n cifs_smb3_do_mount+0x128/0x780 [cifs]\n smb3_get_tree+0xd9/0x290 [cifs]\n vfs_get_tree+0x2c/0x100\n ? capable+0x37/0x70\n path_mount+0x2d7/0xb80\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? _raw_spin_unlock_irqrestore+0x44/0x60\n __x64_sys_mount+0x11a/0x150\n do_syscall_64+0x47/0xf0\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n RIP: 0033:0x7f8737657b1e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52434",
"url": "https://www.suse.com/security/cve/CVE-2023-52434"
},
{
"category": "external",
"summary": "SUSE Bug 1220148 for CVE-2023-52434",
"url": "https://bugzilla.suse.com/1220148"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52434"
},
{
"cve": "CVE-2023-52458",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52458"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: add check that partition length needs to be aligned with block size\n\nBefore calling add partition or resize partition, there is no check\non whether the length is aligned with the logical block size.\nIf the logical block size of the disk is larger than 512 bytes,\nthen the partition size maybe not the multiple of the logical block size,\nand when the last sector is read, bio_truncate() will adjust the bio size,\nresulting in an IO error if the size of the read command is smaller than\nthe logical block size.If integrity data is supported, this will also\nresult in a null pointer dereference when calling bio_integrity_free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52458",
"url": "https://www.suse.com/security/cve/CVE-2023-52458"
},
{
"category": "external",
"summary": "SUSE Bug 1220428 for CVE-2023-52458",
"url": "https://bugzilla.suse.com/1220428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52458"
},
{
"cve": "CVE-2023-52463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52463"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: force RO when remounting if SetVariable is not supported\n\nIf SetVariable at runtime is not supported by the firmware we never assign\na callback for that function. At the same time mount the efivarfs as\nRO so no one can call that. However, we never check the permission flags\nwhen someone remounts the filesystem as RW. As a result this leads to a\ncrash looking like this:\n\n$ mount -o remount,rw /sys/firmware/efi/efivars\n$ efi-updatevar -f PK.auth PK\n\n[ 303.279166] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n[ 303.280482] Mem abort info:\n[ 303.280854] ESR = 0x0000000086000004\n[ 303.281338] EC = 0x21: IABT (current EL), IL = 32 bits\n[ 303.282016] SET = 0, FnV = 0\n[ 303.282414] EA = 0, S1PTW = 0\n[ 303.282821] FSC = 0x04: level 0 translation fault\n[ 303.283771] user pgtable: 4k pages, 48-bit VAs, pgdp=000000004258c000\n[ 303.284913] [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n[ 303.286076] Internal error: Oops: 0000000086000004 [#1] PREEMPT SMP\n[ 303.286936] Modules linked in: qrtr tpm_tis tpm_tis_core crct10dif_ce arm_smccc_trng rng_core drm fuse ip_tables x_tables ipv6\n[ 303.288586] CPU: 1 PID: 755 Comm: efi-updatevar Not tainted 6.3.0-rc1-00108-gc7d0c4695c68 #1\n[ 303.289748] Hardware name: Unknown Unknown Product/Unknown Product, BIOS 2023.04-00627-g88336918701d 04/01/2023\n[ 303.291150] pstate: 60400005 (nZCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 303.292123] pc : 0x0\n[ 303.292443] lr : efivar_set_variable_locked+0x74/0xec\n[ 303.293156] sp : ffff800008673c10\n[ 303.293619] x29: ffff800008673c10 x28: ffff0000037e8000 x27: 0000000000000000\n[ 303.294592] x26: 0000000000000800 x25: ffff000002467400 x24: 0000000000000027\n[ 303.295572] x23: ffffd49ea9832000 x22: ffff0000020c9800 x21: ffff000002467000\n[ 303.296566] x20: 0000000000000001 x19: 00000000000007fc x18: 0000000000000000\n[ 303.297531] x17: 0000000000000000 x16: 0000000000000000 x15: 0000aaaac807ab54\n[ 303.298495] x14: ed37489f673633c0 x13: 71c45c606de13f80 x12: 47464259e219acf4\n[ 303.299453] x11: ffff000002af7b01 x10: 0000000000000003 x9 : 0000000000000002\n[ 303.300431] x8 : 0000000000000010 x7 : ffffd49ea8973230 x6 : 0000000000a85201\n[ 303.301412] x5 : 0000000000000000 x4 : ffff0000020c9800 x3 : 00000000000007fc\n[ 303.302370] x2 : 0000000000000027 x1 : ffff000002467400 x0 : ffff000002467000\n[ 303.303341] Call trace:\n[ 303.303679] 0x0\n[ 303.303938] efivar_entry_set_get_size+0x98/0x16c\n[ 303.304585] efivarfs_file_write+0xd0/0x1a4\n[ 303.305148] vfs_write+0xc4/0x2e4\n[ 303.305601] ksys_write+0x70/0x104\n[ 303.306073] __arm64_sys_write+0x1c/0x28\n[ 303.306622] invoke_syscall+0x48/0x114\n[ 303.307156] el0_svc_common.constprop.0+0x44/0xec\n[ 303.307803] do_el0_svc+0x38/0x98\n[ 303.308268] el0_svc+0x2c/0x84\n[ 303.308702] el0t_64_sync_handler+0xf4/0x120\n[ 303.309293] el0t_64_sync+0x190/0x194\n[ 303.309794] Code: ???????? ???????? ???????? ???????? (????????)\n[ 303.310612] ---[ end trace 0000000000000000 ]---\n\nFix this by adding a .reconfigure() function to the fs operations which\nwe can use to check the requested flags and deny anything that\u0027s not RO\nif the firmware doesn\u0027t implement SetVariable at runtime.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52463",
"url": "https://www.suse.com/security/cve/CVE-2023-52463"
},
{
"category": "external",
"summary": "SUSE Bug 1220328 for CVE-2023-52463",
"url": "https://bugzilla.suse.com/1220328"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52463"
},
{
"cve": "CVE-2023-52472",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52472"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: rsa - add a check for allocation failure\n\nStatic checkers insist that the mpi_alloc() allocation can fail so add\na check to prevent a NULL dereference. Small allocations like this\ncan\u0027t actually fail in current kernels, but adding a check is very\nsimple and makes the static checkers happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52472",
"url": "https://www.suse.com/security/cve/CVE-2023-52472"
},
{
"category": "external",
"summary": "SUSE Bug 1220427 for CVE-2023-52472",
"url": "https://bugzilla.suse.com/1220427"
},
{
"category": "external",
"summary": "SUSE Bug 1220430 for CVE-2023-52472",
"url": "https://bugzilla.suse.com/1220430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "low"
}
],
"title": "CVE-2023-52472"
},
{
"cve": "CVE-2023-52483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmctp: perform route lookups under a RCU read-side lock\n\nOur current route lookups (mctp_route_lookup and mctp_route_lookup_null)\ntraverse the net\u0027s route list without the RCU read lock held. This means\nthe route lookup is subject to preemption, resulting in an potential\ngrace period expiry, and so an eventual kfree() while we still have the\nroute pointer.\n\nAdd the proper read-side critical section locks around the route\nlookups, preventing premption and a possible parallel kfree.\n\nThe remaining net-\u003emctp.routes accesses are already under a\nrcu_read_lock, or protected by the RTNL for updates.\n\nBased on an analysis from Sili Luo \u003crootlab@huawei.com\u003e, where\nintroducing a delay in the route lookup could cause a UAF on\nsimultaneous sendmsg() and route deletion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52483",
"url": "https://www.suse.com/security/cve/CVE-2023-52483"
},
{
"category": "external",
"summary": "SUSE Bug 1220738 for CVE-2023-52483",
"url": "https://bugzilla.suse.com/1220738"
},
{
"category": "external",
"summary": "SUSE Bug 1223291 for CVE-2023-52483",
"url": "https://bugzilla.suse.com/1223291"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2023-52483"
},
{
"cve": "CVE-2023-52492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fix NULL pointer in channel unregistration function\n\n__dma_async_device_channel_register() can fail. In case of failure,\nchan-\u003elocal is freed (with free_percpu()), and chan-\u003elocal is nullified.\nWhen dma_async_device_unregister() is called (because of managed API or\nintentionally by DMA controller driver), channels are unconditionally\nunregistered, leading to this NULL pointer:\n[ 1.318693] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000d0\n[...]\n[ 1.484499] Call trace:\n[ 1.486930] device_del+0x40/0x394\n[ 1.490314] device_unregister+0x20/0x7c\n[ 1.494220] __dma_async_device_channel_unregister+0x68/0xc0\n\nLook at dma_async_device_register() function error path, channel device\nunregistration is done only if chan-\u003elocal is not NULL.\n\nThen add the same condition at the beginning of\n__dma_async_device_channel_unregister() function, to avoid NULL pointer\nissue whatever the API used to reach this function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52492",
"url": "https://www.suse.com/security/cve/CVE-2023-52492"
},
{
"category": "external",
"summary": "SUSE Bug 1221276 for CVE-2023-52492",
"url": "https://bugzilla.suse.com/1221276"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52492"
},
{
"cve": "CVE-2023-52503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntee: amdtee: fix use-after-free vulnerability in amdtee_close_session\n\nThere is a potential race condition in amdtee_close_session that may\ncause use-after-free in amdtee_open_session. For instance, if a session\nhas refcount == 1, and one thread tries to free this session via:\n\n kref_put(\u0026sess-\u003erefcount, destroy_session);\n\nthe reference count will get decremented, and the next step would be to\ncall destroy_session(). However, if in another thread,\namdtee_open_session() is called before destroy_session() has completed\nexecution, alloc_session() may return \u0027sess\u0027 that will be freed up\nlater in destroy_session() leading to use-after-free in\namdtee_open_session.\n\nTo fix this issue, treat decrement of sess-\u003erefcount and removal of\n\u0027sess\u0027 from session list in destroy_session() as a critical section, so\nthat it is executed atomically.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52503",
"url": "https://www.suse.com/security/cve/CVE-2023-52503"
},
{
"category": "external",
"summary": "SUSE Bug 1220915 for CVE-2023-52503",
"url": "https://bugzilla.suse.com/1220915"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52503"
},
{
"cve": "CVE-2023-52591",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52591"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nreiserfs: Avoid touching renamed directory if parent does not change\n\nThe VFS will not be locking moved directory if its parent does not\nchange. Change reiserfs rename code to avoid touching renamed directory\nif its parent does not change as without locking that can corrupt the\nfilesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52591",
"url": "https://www.suse.com/security/cve/CVE-2023-52591"
},
{
"category": "external",
"summary": "SUSE Bug 1221044 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221044"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-52591",
"url": "https://bugzilla.suse.com/1221598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2023-52591"
},
{
"cve": "CVE-2023-52608",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52608"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirmware: arm_scmi: Check mailbox/SMT channel for consistency\n\nOn reception of a completion interrupt the shared memory area is accessed\nto retrieve the message header at first and then, if the message sequence\nnumber identifies a transaction which is still pending, the related\npayload is fetched too.\n\nWhen an SCMI command times out the channel ownership remains with the\nplatform until eventually a late reply is received and, as a consequence,\nany further transmission attempt remains pending, waiting for the channel\nto be relinquished by the platform.\n\nOnce that late reply is received the channel ownership is given back\nto the agent and any pending request is then allowed to proceed and\noverwrite the SMT area of the just delivered late reply; then the wait\nfor the reply to the new request starts.\n\nIt has been observed that the spurious IRQ related to the late reply can\nbe wrongly associated with the freshly enqueued request: when that happens\nthe SCMI stack in-flight lookup procedure is fooled by the fact that the\nmessage header now present in the SMT area is related to the new pending\ntransaction, even though the real reply has still to arrive.\n\nThis race-condition on the A2P channel can be detected by looking at the\nchannel status bits: a genuine reply from the platform will have set the\nchannel free bit before triggering the completion IRQ.\n\nAdd a consistency check to validate such condition in the A2P ISR.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52608",
"url": "https://www.suse.com/security/cve/CVE-2023-52608"
},
{
"category": "external",
"summary": "SUSE Bug 1221375 for CVE-2023-52608",
"url": "https://bugzilla.suse.com/1221375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52608"
},
{
"cve": "CVE-2023-52616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52616"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init\n\nWhen the mpi_ec_ctx structure is initialized, some fields are not\ncleared, causing a crash when referencing the field when the\nstructure was released. Initially, this issue was ignored because\nmemory for mpi_ec_ctx is allocated with the __GFP_ZERO flag.\nFor example, this error will be triggered when calculating the\nZa value for SM2 separately.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52616",
"url": "https://www.suse.com/security/cve/CVE-2023-52616"
},
{
"category": "external",
"summary": "SUSE Bug 1221612 for CVE-2023-52616",
"url": "https://bugzilla.suse.com/1221612"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52616"
},
{
"cve": "CVE-2023-52618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52618"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock/rnbd-srv: Check for unlikely string overflow\n\nSince \"dev_search_path\" can technically be as large as PATH_MAX,\nthere was a risk of truncation when copying it and a second string\ninto \"full_path\" since it was also PATH_MAX sized. The W=1 builds were\nreporting this warning:\n\ndrivers/block/rnbd/rnbd-srv.c: In function \u0027process_msg_open.isra\u0027:\ndrivers/block/rnbd/rnbd-srv.c:616:51: warning: \u0027%s\u0027 directive output may be truncated writing up to 254 bytes into a region of size between 0 and 4095 [-Wformat-truncation=]\n 616 | snprintf(full_path, PATH_MAX, \"%s/%s\",\n | ^~\nIn function \u0027rnbd_srv_get_full_path\u0027,\n inlined from \u0027process_msg_open.isra\u0027 at drivers/block/rnbd/rnbd-srv.c:721:14: drivers/block/rnbd/rnbd-srv.c:616:17: note: \u0027snprintf\u0027 output between 2 and 4351 bytes into a destination of size 4096\n 616 | snprintf(full_path, PATH_MAX, \"%s/%s\",\n | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n 617 | dev_search_path, dev_name);\n | ~~~~~~~~~~~~~~~~~~~~~~~~~~\n\nTo fix this, unconditionally check for truncation (as was already done\nfor the case where \"%SESSNAME%\" was present).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52618",
"url": "https://www.suse.com/security/cve/CVE-2023-52618"
},
{
"category": "external",
"summary": "SUSE Bug 1221615 for CVE-2023-52618",
"url": "https://bugzilla.suse.com/1221615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52618"
},
{
"cve": "CVE-2023-52631",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52631"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix an NULL dereference bug\n\nThe issue here is when this is called from ntfs_load_attr_list(). The\n\"size\" comes from le32_to_cpu(attr-\u003eres.data_size) so it can\u0027t overflow\non a 64bit systems but on 32bit systems the \"+ 1023\" can overflow and\nthe result is zero. This means that the kmalloc will succeed by\nreturning the ZERO_SIZE_PTR and then the memcpy() will crash with an\nOops on the next line.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52631",
"url": "https://www.suse.com/security/cve/CVE-2023-52631"
},
{
"category": "external",
"summary": "SUSE Bug 1222264 for CVE-2023-52631",
"url": "https://bugzilla.suse.com/1222264"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52631"
},
{
"cve": "CVE-2023-52635",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52635"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPM / devfreq: Synchronize devfreq_monitor_[start/stop]\n\nThere is a chance if a frequent switch of the governor\ndone in a loop result in timer list corruption where\ntimer cancel being done from two place one from\ncancel_delayed_work_sync() and followed by expire_timers()\ncan be seen from the traces[1].\n\nwhile true\ndo\n echo \"simple_ondemand\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\n echo \"performance\" \u003e /sys/class/devfreq/1d84000.ufshc/governor\ndone\n\nIt looks to be issue with devfreq driver where\ndevice_monitor_[start/stop] need to synchronized so that\ndelayed work should get corrupted while it is either\nbeing queued or running or being cancelled.\n\nLet\u0027s use polling flag and devfreq lock to synchronize the\nqueueing the timer instance twice and work data being\ncorrupted.\n\n[1]\n...\n..\n\u003cidle\u003e-0 [003] 9436.209662: timer_cancel timer=0xffffff80444f0428\n\u003cidle\u003e-0 [003] 9436.209664: timer_expire_entry timer=0xffffff80444f0428 now=0x10022da1c function=__typeid__ZTSFvP10timer_listE_global_addr baseclk=0x10022da1c\n\u003cidle\u003e-0 [003] 9436.209718: timer_expire_exit timer=0xffffff80444f0428\nkworker/u16:6-14217 [003] 9436.209863: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2b now=0x10022da1c flags=182452227\nvendor.xxxyyy.ha-1593 [004] 9436.209888: timer_cancel timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216390: timer_init timer=0xffffff80444f0428\nvendor.xxxyyy.ha-1593 [004] 9436.216392: timer_start timer=0xffffff80444f0428 function=__typeid__ZTSFvP10timer_listE_global_addr expires=0x10022da2c now=0x10022da1d flags=186646532\nvendor.xxxyyy.ha-1593 [005] 9436.220992: timer_cancel timer=0xffffff80444f0428\nxxxyyyTraceManag-7795 [004] 9436.261641: timer_cancel timer=0xffffff80444f0428\n\n[2]\n\n 9436.261653][ C4] Unable to handle kernel paging request at virtual address dead00000000012a\n[ 9436.261664][ C4] Mem abort info:\n[ 9436.261666][ C4] ESR = 0x96000044\n[ 9436.261669][ C4] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 9436.261671][ C4] SET = 0, FnV = 0\n[ 9436.261673][ C4] EA = 0, S1PTW = 0\n[ 9436.261675][ C4] Data abort info:\n[ 9436.261677][ C4] ISV = 0, ISS = 0x00000044\n[ 9436.261680][ C4] CM = 0, WnR = 1\n[ 9436.261682][ C4] [dead00000000012a] address between user and kernel address ranges\n[ 9436.261685][ C4] Internal error: Oops: 96000044 [#1] PREEMPT SMP\n[ 9436.261701][ C4] Skip md ftrace buffer dump for: 0x3a982d0\n...\n\n[ 9436.262138][ C4] CPU: 4 PID: 7795 Comm: TraceManag Tainted: G S W O 5.10.149-android12-9-o-g17f915d29d0c #1\n[ 9436.262141][ C4] Hardware name: Qualcomm Technologies, Inc. (DT)\n[ 9436.262144][ C4] pstate: 22400085 (nzCv daIf +PAN -UAO +TCO BTYPE=--)\n[ 9436.262161][ C4] pc : expire_timers+0x9c/0x438\n[ 9436.262164][ C4] lr : expire_timers+0x2a4/0x438\n[ 9436.262168][ C4] sp : ffffffc010023dd0\n[ 9436.262171][ C4] x29: ffffffc010023df0 x28: ffffffd0636fdc18\n[ 9436.262178][ C4] x27: ffffffd063569dd0 x26: ffffffd063536008\n[ 9436.262182][ C4] x25: 0000000000000001 x24: ffffff88f7c69280\n[ 9436.262185][ C4] x23: 00000000000000e0 x22: dead000000000122\n[ 9436.262188][ C4] x21: 000000010022da29 x20: ffffff8af72b4e80\n[ 9436.262191][ C4] x19: ffffffc010023e50 x18: ffffffc010025038\n[ 9436.262195][ C4] x17: 0000000000000240 x16: 0000000000000201\n[ 9436.262199][ C4] x15: ffffffffffffffff x14: ffffff889f3c3100\n[ 9436.262203][ C4] x13: ffffff889f3c3100 x12: 00000000049f56b8\n[ 9436.262207][ C4] x11: 00000000049f56b8 x10: 00000000ffffffff\n[ 9436.262212][ C4] x9 : ffffffc010023e50 x8 : dead000000000122\n[ 9436.262216][ C4] x7 : ffffffffffffffff x6 : ffffffc0100239d8\n[ 9436.262220][ C4] x5 : 0000000000000000 x4 : 0000000000000101\n[ 9436.262223][ C4] x3 : 0000000000000080 x2 : ffffff8\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52635",
"url": "https://www.suse.com/security/cve/CVE-2023-52635"
},
{
"category": "external",
"summary": "SUSE Bug 1222294 for CVE-2023-52635",
"url": "https://bugzilla.suse.com/1222294"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52635"
},
{
"cve": "CVE-2023-52640",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52640"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Fix oob in ntfs_listxattr\n\nThe length of name cannot exceed the space occupied by ea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52640",
"url": "https://www.suse.com/security/cve/CVE-2023-52640"
},
{
"category": "external",
"summary": "SUSE Bug 1222301 for CVE-2023-52640",
"url": "https://bugzilla.suse.com/1222301"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52640"
},
{
"cve": "CVE-2023-52641",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52641"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame()\n\nIt is preferable to exit through the out: label because\ninternal debugging functions are located there.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52641",
"url": "https://www.suse.com/security/cve/CVE-2023-52641"
},
{
"category": "external",
"summary": "SUSE Bug 1222303 for CVE-2023-52641",
"url": "https://bugzilla.suse.com/1222303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52641"
},
{
"cve": "CVE-2023-52645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52645"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: mediatek: fix race conditions with genpd\n\nIf the power domains are registered first with genpd and *after that*\nthe driver attempts to power them on in the probe sequence, then it is\npossible that a race condition occurs if genpd tries to power them on\nin the same time.\nThe same is valid for powering them off before unregistering them\nfrom genpd.\nAttempt to fix race conditions by first removing the domains from genpd\nand *after that* powering down domains.\nAlso first power up the domains and *after that* register them\nto genpd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52645",
"url": "https://www.suse.com/security/cve/CVE-2023-52645"
},
{
"category": "external",
"summary": "SUSE Bug 1223033 for CVE-2023-52645",
"url": "https://bugzilla.suse.com/1223033"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52645"
},
{
"cve": "CVE-2023-52652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNTB: fix possible name leak in ntb_register_device()\n\nIf device_register() fails in ntb_register_device(), the device name\nallocated by dev_set_name() should be freed. As per the comment in\ndevice_register(), callers should use put_device() to give up the\nreference in the error path. So fix this by calling put_device() in the\nerror path so that the name can be freed in kobject_cleanup().\n\nAs a result of this, put_device() in the error path of\nntb_register_device() is removed and the actual error is returned.\n\n[mani: reworded commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52652",
"url": "https://www.suse.com/security/cve/CVE-2023-52652"
},
{
"category": "external",
"summary": "SUSE Bug 1223686 for CVE-2023-52652",
"url": "https://bugzilla.suse.com/1223686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52652"
},
{
"cve": "CVE-2023-52653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52653"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix a memleak in gss_import_v2_context\n\nThe ctx-\u003emech_used.data allocated by kmemdup is not freed in neither\ngss_import_v2_context nor it only caller gss_krb5_import_sec_context,\nwhich frees ctx on error.\n\nThus, this patch reform the last call of gss_import_v2_context to the\ngss_krb5_import_ctx_v2, preventing the memleak while keepping the return\nformation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52653",
"url": "https://www.suse.com/security/cve/CVE-2023-52653"
},
{
"category": "external",
"summary": "SUSE Bug 1223712 for CVE-2023-52653",
"url": "https://bugzilla.suse.com/1223712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52653"
},
{
"cve": "CVE-2023-52654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52654"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring/af_unix: disable sending io_uring over sockets\n\nFile reference cycles have caused lots of problems for io_uring\nin the past, and it still doesn\u0027t work exactly right and races with\nunix_stream_read_generic(). The safest fix would be to completely\ndisallow sending io_uring files via sockets via SCM_RIGHT, so there\nare no possible cycles invloving registered files and thus rendering\nSCM accounting on the io_uring side unnecessary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52654",
"url": "https://www.suse.com/security/cve/CVE-2023-52654"
},
{
"category": "external",
"summary": "SUSE Bug 1224099 for CVE-2023-52654",
"url": "https://bugzilla.suse.com/1224099"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52654"
},
{
"cve": "CVE-2023-52655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: aqc111: check packet for fixup for true limit\n\nIf a device sends a packet that is inbetween 0\nand sizeof(u64) the value passed to skb_trim()\nas length will wrap around ending up as some very\nlarge value.\n\nThe driver will then proceed to parse the header\nlocated at that position, which will either oops or\nprocess some random value.\n\nThe fix is to check against sizeof(u64) rather than\n0, which the driver currently does. The issue exists\nsince the introduction of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52655",
"url": "https://www.suse.com/security/cve/CVE-2023-52655"
},
{
"category": "external",
"summary": "SUSE Bug 1217169 for CVE-2023-52655",
"url": "https://bugzilla.suse.com/1217169"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52655"
},
{
"cve": "CVE-2023-52657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52657"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"drm/amd/pm: resolve reboot exception for si oland\"\n\nThis reverts commit e490d60a2f76bff636c68ce4fe34c1b6c34bbd86.\n\nThis causes hangs on SI when DC is enabled and errors on driver\nreboot and power off cycles.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52657",
"url": "https://www.suse.com/security/cve/CVE-2023-52657"
},
{
"category": "external",
"summary": "SUSE Bug 1224722 for CVE-2023-52657",
"url": "https://bugzilla.suse.com/1224722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52657"
},
{
"cve": "CVE-2023-52658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52658"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRevert \"net/mlx5: Block entering switchdev mode with ns inconsistency\"\n\nThis reverts commit 662404b24a4c4d839839ed25e3097571f5938b9b.\nThe revert is required due to the suspicion it is not good for anything\nand cause crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52658",
"url": "https://www.suse.com/security/cve/CVE-2023-52658"
},
{
"category": "external",
"summary": "SUSE Bug 1224719 for CVE-2023-52658",
"url": "https://bugzilla.suse.com/1224719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52658"
},
{
"cve": "CVE-2023-52659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52659"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type\n\nOn 64-bit platforms, the pfn_to_kaddr() macro requires that the input\nvalue is 64 bits in order to ensure that valid address bits don\u0027t get\nlost when shifting that input by PAGE_SHIFT to calculate the physical\naddress to provide a virtual address for.\n\nOne such example is in pvalidate_pages() (used by SEV-SNP guests), where\nthe GFN in the struct used for page-state change requests is a 40-bit\nbit-field, so attempts to pass this GFN field directly into\npfn_to_kaddr() ends up causing guest crashes when dealing with addresses\nabove the 1TB range due to the above.\n\nFix this issue with SEV-SNP guests, as well as any similar cases that\nmight cause issues in current/future code, by using an inline function,\ninstead of a macro, so that the input is implicitly cast to the\nexpected 64-bit input type prior to performing the shift operation.\n\nWhile it might be argued that the issue is on the caller side, other\narchs/macros have taken similar approaches to deal with instances like\nthis, such as ARM explicitly casting the input to phys_addr_t:\n\n e48866647b48 (\"ARM: 8396/1: use phys_addr_t in pfn_to_kaddr()\")\n\nA C inline function is even better though.\n\n[ mingo: Refined the changelog some more \u0026 added __always_inline. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52659",
"url": "https://www.suse.com/security/cve/CVE-2023-52659"
},
{
"category": "external",
"summary": "SUSE Bug 1224442 for CVE-2023-52659",
"url": "https://bugzilla.suse.com/1224442"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52659"
},
{
"cve": "CVE-2023-52660",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52660"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rkisp1: Fix IRQ handling due to shared interrupts\n\nThe driver requests the interrupts as IRQF_SHARED, so the interrupt\nhandlers can be called at any time. If such a call happens while the ISP\nis powered down, the SoC will hang as the driver tries to access the\nISP registers.\n\nThis can be reproduced even without the platform sharing the IRQ line:\nEnable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will\nhang.\n\nFix this by adding a new field, \u0027irqs_enabled\u0027, which is used to bail\nout from the interrupt handler when the ISP is not operational.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52660",
"url": "https://www.suse.com/security/cve/CVE-2023-52660"
},
{
"category": "external",
"summary": "SUSE Bug 1224443 for CVE-2023-52660",
"url": "https://bugzilla.suse.com/1224443"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52660"
},
{
"cve": "CVE-2023-52661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52661"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe()\n\nIf clk_get_sys(..., \"pll_d2_out0\") fails, the clk_get_sys() call must be\nundone.\n\nAdd the missing clk_put and a new \u0027put_pll_d_out0\u0027 label in the error\nhandling path, and use it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52661",
"url": "https://www.suse.com/security/cve/CVE-2023-52661"
},
{
"category": "external",
"summary": "SUSE Bug 1224445 for CVE-2023-52661",
"url": "https://bugzilla.suse.com/1224445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "low"
}
],
"title": "CVE-2023-52661"
},
{
"cve": "CVE-2023-52662",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52662"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node\n\nWhen ida_alloc_max fails, resources allocated before should be freed,\nincluding *res allocated by kmalloc and ttm_resource_init.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52662",
"url": "https://www.suse.com/security/cve/CVE-2023-52662"
},
{
"category": "external",
"summary": "SUSE Bug 1224449 for CVE-2023-52662",
"url": "https://bugzilla.suse.com/1224449"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52662"
},
{
"cve": "CVE-2023-52663",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52663"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe()\n\nDriver uses kasprintf() to initialize fw_{code,data}_bin members of\nstruct acp_dev_data, but kfree() is never called to deallocate the\nmemory, which results in a memory leak.\n\nFix the issue by switching to devm_kasprintf(). Additionally, ensure the\nallocation was successful by checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52663",
"url": "https://www.suse.com/security/cve/CVE-2023-52663"
},
{
"category": "external",
"summary": "SUSE Bug 1224630 for CVE-2023-52663",
"url": "https://bugzilla.suse.com/1224630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52663"
},
{
"cve": "CVE-2023-52664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: atlantic: eliminate double free in error handling logic\n\nDriver has a logic leak in ring data allocation/free,\nwhere aq_ring_free could be called multiple times on same ring,\nif system is under stress and got memory allocation error.\n\nRing pointer was used as an indicator of failure, but this is\nnot correct since only ring data is allocated/deallocated.\nRing itself is an array member.\n\nChanging ring allocation functions to return error code directly.\nThis simplifies error handling and eliminates aq_ring_free\non higher layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52664",
"url": "https://www.suse.com/security/cve/CVE-2023-52664"
},
{
"category": "external",
"summary": "SUSE Bug 1224747 for CVE-2023-52664",
"url": "https://bugzilla.suse.com/1224747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52664"
},
{
"cve": "CVE-2023-52667",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52667"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a potential double-free in fs_any_create_groups\n\nWhen kcalloc() for ft-\u003eg succeeds but kvzalloc() for in fails,\nfs_any_create_groups() will free ft-\u003eg. However, its caller\nfs_any_create_table() will free ft-\u003eg again through calling\nmlx5e_destroy_flow_table(), which will lead to a double-free.\nFix this by setting ft-\u003eg to NULL in fs_any_create_groups().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52667",
"url": "https://www.suse.com/security/cve/CVE-2023-52667"
},
{
"category": "external",
"summary": "SUSE Bug 1224603 for CVE-2023-52667",
"url": "https://bugzilla.suse.com/1224603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52667"
},
{
"cve": "CVE-2023-52669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52669"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: s390/aes - Fix buffer overread in CTR mode\n\nWhen processing the last block, the s390 ctr code will always read\na whole block, even if there isn\u0027t a whole block of data left. Fix\nthis by using the actual length left and copy it into a buffer first\nfor processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52669",
"url": "https://www.suse.com/security/cve/CVE-2023-52669"
},
{
"category": "external",
"summary": "SUSE Bug 1224637 for CVE-2023-52669",
"url": "https://bugzilla.suse.com/1224637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52669"
},
{
"cve": "CVE-2023-52670",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52670"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrpmsg: virtio: Free driver_override when rpmsg_remove()\n\nFree driver_override when rpmsg_remove(), otherwise\nthe following memory leak will occur:\n\nunreferenced object 0xffff0000d55d7080 (size 128):\n comm \"kworker/u8:2\", pid 56, jiffies 4294893188 (age 214.272s)\n hex dump (first 32 bytes):\n 72 70 6d 73 67 5f 6e 73 00 00 00 00 00 00 00 00 rpmsg_ns........\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c000000009c94c9c1\u003e] __kmem_cache_alloc_node+0x1f8/0x320\n [\u003c000000002300d89b\u003e] __kmalloc_node_track_caller+0x44/0x70\n [\u003c00000000228a60c3\u003e] kstrndup+0x4c/0x90\n [\u003c0000000077158695\u003e] driver_set_override+0xd0/0x164\n [\u003c000000003e9c4ea5\u003e] rpmsg_register_device_override+0x98/0x170\n [\u003c000000001c0c89a8\u003e] rpmsg_ns_register_device+0x24/0x30\n [\u003c000000008bbf8fa2\u003e] rpmsg_probe+0x2e0/0x3ec\n [\u003c00000000e65a68df\u003e] virtio_dev_probe+0x1c0/0x280\n [\u003c00000000443331cc\u003e] really_probe+0xbc/0x2dc\n [\u003c00000000391064b1\u003e] __driver_probe_device+0x78/0xe0\n [\u003c00000000a41c9a5b\u003e] driver_probe_device+0xd8/0x160\n [\u003c000000009c3bd5df\u003e] __device_attach_driver+0xb8/0x140\n [\u003c0000000043cd7614\u003e] bus_for_each_drv+0x7c/0xd4\n [\u003c000000003b929a36\u003e] __device_attach+0x9c/0x19c\n [\u003c00000000a94e0ba8\u003e] device_initial_probe+0x14/0x20\n [\u003c000000003c999637\u003e] bus_probe_device+0xa0/0xac",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52670",
"url": "https://www.suse.com/security/cve/CVE-2023-52670"
},
{
"category": "external",
"summary": "SUSE Bug 1224696 for CVE-2023-52670",
"url": "https://bugzilla.suse.com/1224696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52670"
},
{
"cve": "CVE-2023-52671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix hang/underflow when transitioning to ODM4:1\n\n[Why]\nUnder some circumstances, disabling an OPTC and attempting to reclaim\nits OPP(s) for a different OPTC could cause a hang/underflow due to OPPs\nnot being properly disconnected from the disabled OPTC.\n\n[How]\nEnsure that all OPPs are unassigned from an OPTC when it gets disabled.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52671",
"url": "https://www.suse.com/security/cve/CVE-2023-52671"
},
{
"category": "external",
"summary": "SUSE Bug 1224729 for CVE-2023-52671",
"url": "https://bugzilla.suse.com/1224729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52671"
},
{
"cve": "CVE-2023-52673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Fix a debugfs null pointer error\n\n[WHY \u0026 HOW]\nCheck whether get_subvp_en() callback exists before calling it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52673",
"url": "https://www.suse.com/security/cve/CVE-2023-52673"
},
{
"category": "external",
"summary": "SUSE Bug 1224741 for CVE-2023-52673",
"url": "https://bugzilla.suse.com/1224741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52673"
},
{
"cve": "CVE-2023-52674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put()\n\nEnsure the value passed to scarlett2_mixer_ctl_put() is between 0 and\nSCARLETT2_MIXER_MAX_VALUE so we don\u0027t attempt to access outside\nscarlett2_mixer_values[].",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52674",
"url": "https://www.suse.com/security/cve/CVE-2023-52674"
},
{
"category": "external",
"summary": "SUSE Bug 1224727 for CVE-2023-52674",
"url": "https://bugzilla.suse.com/1224727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52674"
},
{
"cve": "CVE-2023-52675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/imc-pmu: Add a null pointer check in update_events_in_group()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52675",
"url": "https://www.suse.com/security/cve/CVE-2023-52675"
},
{
"category": "external",
"summary": "SUSE Bug 1224504 for CVE-2023-52675",
"url": "https://bugzilla.suse.com/1224504"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52675"
},
{
"cve": "CVE-2023-52676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52676"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Guard stack limits against 32bit overflow\n\nThis patch promotes the arithmetic around checking stack bounds to be\ndone in the 64-bit domain, instead of the current 32bit. The arithmetic\nimplies adding together a 64-bit register with a int offset. The\nregister was checked to be below 1\u003c\u003c29 when it was variable, but not\nwhen it was fixed. The offset either comes from an instruction (in which\ncase it is 16 bit), from another register (in which case the caller\nchecked it to be below 1\u003c\u003c29 [1]), or from the size of an argument to a\nkfunc (in which case it can be a u32 [2]). Between the register being\ninconsistently checked to be below 1\u003c\u003c29, and the offset being up to an\nu32, it appears that we were open to overflowing the `int`s which were\ncurrently used for arithmetic.\n\n[1] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L7494-L7498\n[2] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L11904",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52676",
"url": "https://www.suse.com/security/cve/CVE-2023-52676"
},
{
"category": "external",
"summary": "SUSE Bug 1224730 for CVE-2023-52676",
"url": "https://bugzilla.suse.com/1224730"
},
{
"category": "external",
"summary": "SUSE Bug 1226336 for CVE-2023-52676",
"url": "https://bugzilla.suse.com/1226336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2023-52676"
},
{
"cve": "CVE-2023-52678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c\n\nBefore using list_first_entry, make sure to check that list is not\nempty, if list is empty return -ENODATA.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1347 kfd_create_indirect_link_prop() warn: can \u0027gpu_link\u0027 even be NULL?\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1428 kfd_add_peer_prop() warn: can \u0027iolink1\u0027 even be NULL?\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_topology.c:1433 kfd_add_peer_prop() warn: can \u0027iolink2\u0027 even be NULL?",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52678",
"url": "https://www.suse.com/security/cve/CVE-2023-52678"
},
{
"category": "external",
"summary": "SUSE Bug 1224617 for CVE-2023-52678",
"url": "https://bugzilla.suse.com/1224617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52678"
},
{
"cve": "CVE-2023-52679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: Fix double free in of_parse_phandle_with_args_map\n\nIn of_parse_phandle_with_args_map() the inner loop that\niterates through the map entries calls of_node_put(new)\nto free the reference acquired by the previous iteration\nof the inner loop. This assumes that the value of \"new\" is\nNULL on the first iteration of the inner loop.\n\nMake sure that this is true in all iterations of the outer\nloop by setting \"new\" to NULL after its value is assigned to \"cur\".\n\nExtend the unittest to detect the double free and add an additional\ntest case that actually triggers this path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52679",
"url": "https://www.suse.com/security/cve/CVE-2023-52679"
},
{
"category": "external",
"summary": "SUSE Bug 1224508 for CVE-2023-52679",
"url": "https://bugzilla.suse.com/1224508"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52679"
},
{
"cve": "CVE-2023-52680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add missing error checks to *_ctl_get()\n\nThe *_ctl_get() functions which call scarlett2_update_*() were not\nchecking the return value. Fix to check the return value and pass to\nthe caller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52680",
"url": "https://www.suse.com/security/cve/CVE-2023-52680"
},
{
"category": "external",
"summary": "SUSE Bug 1224608 for CVE-2023-52680",
"url": "https://bugzilla.suse.com/1224608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52680"
},
{
"cve": "CVE-2023-52681",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52681"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Free s_fs_info on unmount\n\nNow that we allocate a s_fs_info struct on fs context creation, we\nshould ensure that we free it again when the superblock goes away.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52681",
"url": "https://www.suse.com/security/cve/CVE-2023-52681"
},
{
"category": "external",
"summary": "SUSE Bug 1224505 for CVE-2023-52681",
"url": "https://bugzilla.suse.com/1224505"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52681"
},
{
"cve": "CVE-2023-52683",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52683"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: LPIT: Avoid u32 multiplication overflow\n\nIn lpit_update_residency() there is a possibility of overflow\nin multiplication, if tsc_khz is large enough (\u003e UINT_MAX/1000).\n\nChange multiplication to mul_u32_u32().\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52683",
"url": "https://www.suse.com/security/cve/CVE-2023-52683"
},
{
"category": "external",
"summary": "SUSE Bug 1224627 for CVE-2023-52683",
"url": "https://bugzilla.suse.com/1224627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52683"
},
{
"cve": "CVE-2023-52685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52685"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52685",
"url": "https://www.suse.com/security/cve/CVE-2023-52685"
},
{
"category": "external",
"summary": "SUSE Bug 1224728 for CVE-2023-52685",
"url": "https://bugzilla.suse.com/1224728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52685"
},
{
"cve": "CVE-2023-52686",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52686"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_event_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52686",
"url": "https://www.suse.com/security/cve/CVE-2023-52686"
},
{
"category": "external",
"summary": "SUSE Bug 1224682 for CVE-2023-52686",
"url": "https://bugzilla.suse.com/1224682"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52686"
},
{
"cve": "CVE-2023-52687",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52687"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: safexcel - Add error handling for dma_map_sg() calls\n\nMacro dma_map_sg() may return 0 on error. This patch enables\nchecks in case of the macro failure and ensures unmapping of\npreviously mapped buffers with dma_unmap_sg().\n\nFound by Linux Verification Center (linuxtesting.org) with static\nanalysis tool SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52687",
"url": "https://www.suse.com/security/cve/CVE-2023-52687"
},
{
"category": "external",
"summary": "SUSE Bug 1224501 for CVE-2023-52687",
"url": "https://bugzilla.suse.com/1224501"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52687"
},
{
"cve": "CVE-2023-52690",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52690"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check to scom_debug_init_one()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.\nAdd a null pointer check, and release \u0027ent\u0027 to avoid memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52690",
"url": "https://www.suse.com/security/cve/CVE-2023-52690"
},
{
"category": "external",
"summary": "SUSE Bug 1224611 for CVE-2023-52690",
"url": "https://bugzilla.suse.com/1224611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52690"
},
{
"cve": "CVE-2023-52691",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52691"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fix a double-free in si_dpm_init\n\nWhen the allocation of\nadev-\u003epm.dpm.dyn_state.vddc_dependency_on_dispclk.entries fails,\namdgpu_free_extended_power_table is called to free some fields of adev.\nHowever, when the control flow returns to si_dpm_sw_init, it goes to\nlabel dpm_failed and calls si_dpm_fini, which calls\namdgpu_free_extended_power_table again and free those fields again. Thus\na double-free is triggered.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52691",
"url": "https://www.suse.com/security/cve/CVE-2023-52691"
},
{
"category": "external",
"summary": "SUSE Bug 1224607 for CVE-2023-52691",
"url": "https://bugzilla.suse.com/1224607"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52691"
},
{
"cve": "CVE-2023-52692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: scarlett2: Add missing error check to scarlett2_usb_set_config()\n\nscarlett2_usb_set_config() calls scarlett2_usb_get() but was not\nchecking the result. Return the error if it fails rather than\ncontinuing with an invalid value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52692",
"url": "https://www.suse.com/security/cve/CVE-2023-52692"
},
{
"category": "external",
"summary": "SUSE Bug 1224628 for CVE-2023-52692",
"url": "https://bugzilla.suse.com/1224628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52692"
},
{
"cve": "CVE-2023-52693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: video: check for error while searching for backlight device parent\n\nIf acpi_get_parent() called in acpi_video_dev_register_backlight()\nfails, for example, because acpi_ut_acquire_mutex() fails inside\nacpi_get_parent), this can lead to incorrect (uninitialized)\nacpi_parent handle being passed to acpi_get_pci_dev() for detecting\nthe parent pci device.\n\nCheck acpi_get_parent() result and set parent device only in case of success.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52693",
"url": "https://www.suse.com/security/cve/CVE-2023-52693"
},
{
"category": "external",
"summary": "SUSE Bug 1224686 for CVE-2023-52693",
"url": "https://bugzilla.suse.com/1224686"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52693"
},
{
"cve": "CVE-2023-52694",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52694"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/bridge: tpd12s015: Drop buggy __exit annotation for remove function\n\nWith tpd12s015_remove() marked with __exit this function is discarded\nwhen the driver is compiled as a built-in. The result is that when the\ndriver unbinds there is no cleanup done which results in resource\nleakage or worse.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52694",
"url": "https://www.suse.com/security/cve/CVE-2023-52694"
},
{
"category": "external",
"summary": "SUSE Bug 1224598 for CVE-2023-52694",
"url": "https://bugzilla.suse.com/1224598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52694"
},
{
"cve": "CVE-2023-52695",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52695"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Check writeback connectors in create_validate_stream_for_sink\n\n[WHY \u0026 HOW]\nThis is to check connector type to avoid\nunhandled null pointer for writeback connectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52695",
"url": "https://www.suse.com/security/cve/CVE-2023-52695"
},
{
"category": "external",
"summary": "SUSE Bug 1224506 for CVE-2023-52695",
"url": "https://bugzilla.suse.com/1224506"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52695"
},
{
"cve": "CVE-2023-52696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npowerpc/powernv: Add a null pointer check in opal_powercap_init()\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52696",
"url": "https://www.suse.com/security/cve/CVE-2023-52696"
},
{
"category": "external",
"summary": "SUSE Bug 1224601 for CVE-2023-52696",
"url": "https://bugzilla.suse.com/1224601"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52696"
},
{
"cve": "CVE-2023-52697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx-\u003eheadset_codec_dev = NULL\n\nsof_sdw_rt_sdca_jack_exit() are used by different codecs, and some of\nthem use the same dai name.\nFor example, rt712 and rt713 both use \"rt712-sdca-aif1\" and\nsof_sdw_rt_sdca_jack_exit().\nAs a result, sof_sdw_rt_sdca_jack_exit() will be called twice by\nmc_dailink_exit_loop(). Set ctx-\u003eheadset_codec_dev = NULL; after\nput_device(ctx-\u003eheadset_codec_dev); to avoid ctx-\u003eheadset_codec_dev\nbeing put twice.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52697",
"url": "https://www.suse.com/security/cve/CVE-2023-52697"
},
{
"category": "external",
"summary": "SUSE Bug 1224596 for CVE-2023-52697",
"url": "https://bugzilla.suse.com/1224596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52697"
},
{
"cve": "CVE-2023-52698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncalipso: fix memory leak in netlbl_calipso_add_pass()\n\nIf IPv6 support is disabled at boot (ipv6.disable=1),\nthe calipso_init() -\u003e netlbl_calipso_ops_register() function isn\u0027t called,\nand the netlbl_calipso_ops_get() function always returns NULL.\nIn this case, the netlbl_calipso_add_pass() function allocates memory\nfor the doi_def variable but doesn\u0027t free it with the calipso_doi_free().\n\nBUG: memory leak\nunreferenced object 0xffff888011d68180 (size 64):\n comm \"syz-executor.1\", pid 10746, jiffies 4295410986 (age 17.928s)\n hex dump (first 32 bytes):\n 00 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace:\n [\u003c...\u003e] kmalloc include/linux/slab.h:552 [inline]\n [\u003c...\u003e] netlbl_calipso_add_pass net/netlabel/netlabel_calipso.c:76 [inline]\n [\u003c...\u003e] netlbl_calipso_add+0x22e/0x4f0 net/netlabel/netlabel_calipso.c:111\n [\u003c...\u003e] genl_family_rcv_msg_doit+0x22f/0x330 net/netlink/genetlink.c:739\n [\u003c...\u003e] genl_family_rcv_msg net/netlink/genetlink.c:783 [inline]\n [\u003c...\u003e] genl_rcv_msg+0x341/0x5a0 net/netlink/genetlink.c:800\n [\u003c...\u003e] netlink_rcv_skb+0x14d/0x440 net/netlink/af_netlink.c:2515\n [\u003c...\u003e] genl_rcv+0x29/0x40 net/netlink/genetlink.c:811\n [\u003c...\u003e] netlink_unicast_kernel net/netlink/af_netlink.c:1313 [inline]\n [\u003c...\u003e] netlink_unicast+0x54b/0x800 net/netlink/af_netlink.c:1339\n [\u003c...\u003e] netlink_sendmsg+0x90a/0xdf0 net/netlink/af_netlink.c:1934\n [\u003c...\u003e] sock_sendmsg_nosec net/socket.c:651 [inline]\n [\u003c...\u003e] sock_sendmsg+0x157/0x190 net/socket.c:671\n [\u003c...\u003e] ____sys_sendmsg+0x712/0x870 net/socket.c:2342\n [\u003c...\u003e] ___sys_sendmsg+0xf8/0x170 net/socket.c:2396\n [\u003c...\u003e] __sys_sendmsg+0xea/0x1b0 net/socket.c:2429\n [\u003c...\u003e] do_syscall_64+0x30/0x40 arch/x86/entry/common.c:46\n [\u003c...\u003e] entry_SYSCALL_64_after_hwframe+0x61/0xc6\n\nFound by InfoTeCS on behalf of Linux Verification Center\n(linuxtesting.org) with Syzkaller\n\n[PM: merged via the LSM tree at Jakub Kicinski request]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52698",
"url": "https://www.suse.com/security/cve/CVE-2023-52698"
},
{
"category": "external",
"summary": "SUSE Bug 1224621 for CVE-2023-52698",
"url": "https://bugzilla.suse.com/1224621"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.4,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52698"
},
{
"cve": "CVE-2023-52771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/port: Fix delete_endpoint() vs parent unregistration race\n\nThe CXL subsystem, at cxl_mem -\u003eprobe() time, establishes a lineage of\nports (struct cxl_port objects) between an endpoint and the root of a\nCXL topology. Each port including the endpoint port is attached to the\ncxl_port driver.\n\nGiven that setup, it follows that when either any port in that lineage\ngoes through a cxl_port -\u003eremove() event, or the memdev goes through a\ncxl_mem -\u003eremove() event. The hierarchy below the removed port, or the\nentire hierarchy if the memdev is removed needs to come down.\n\nThe delete_endpoint() callback is careful to check whether it is being\ncalled to tear down the hierarchy, or if it is only being called to\nteardown the memdev because an ancestor port is going through\n-\u003eremove().\n\nThat care needs to take the device_lock() of the endpoint\u0027s parent.\nWhich requires 2 bugs to be fixed:\n\n1/ A reference on the parent is needed to prevent use-after-free\n scenarios like this signature:\n\n BUG: spinlock bad magic on CPU#0, kworker/u56:0/11\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS edk2-20230524-3.fc38 05/24/2023\n Workqueue: cxl_port detach_memdev [cxl_core]\n RIP: 0010:spin_bug+0x65/0xa0\n Call Trace:\n do_raw_spin_lock+0x69/0xa0\n __mutex_lock+0x695/0xb80\n delete_endpoint+0xad/0x150 [cxl_core]\n devres_release_all+0xb8/0x110\n device_unbind_cleanup+0xe/0x70\n device_release_driver_internal+0x1d2/0x210\n detach_memdev+0x15/0x20 [cxl_core]\n process_one_work+0x1e3/0x4c0\n worker_thread+0x1dd/0x3d0\n\n2/ In the case of RCH topologies, the parent device that needs to be\n locked is not always @port-\u003edev as returned by cxl_mem_find_port(), use\n endpoint-\u003edev.parent instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52771",
"url": "https://www.suse.com/security/cve/CVE-2023-52771"
},
{
"category": "external",
"summary": "SUSE Bug 1225007 for CVE-2023-52771",
"url": "https://bugzilla.suse.com/1225007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52771"
},
{
"cve": "CVE-2023-52772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: fix use-after-free in unix_stream_read_actor()\n\nsyzbot reported the following crash [1]\n\nAfter releasing unix socket lock, u-\u003eoob_skb can be changed\nby another thread. We must temporarily increase skb refcount\nto make sure this other thread will not free the skb under us.\n\n[1]\n\nBUG: KASAN: slab-use-after-free in unix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nRead of size 4 at addr ffff88801f3b9cc4 by task syz-executor107/5297\n\nCPU: 1 PID: 5297 Comm: syz-executor107 Not tainted 6.6.0-syzkaller-15910-gb8e3a87a627b #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/09/2023\nCall Trace:\n\u003cTASK\u003e\n__dump_stack lib/dump_stack.c:88 [inline]\ndump_stack_lvl+0xd9/0x1b0 lib/dump_stack.c:106\nprint_address_description mm/kasan/report.c:364 [inline]\nprint_report+0xc4/0x620 mm/kasan/report.c:475\nkasan_report+0xda/0x110 mm/kasan/report.c:588\nunix_stream_read_actor+0xa7/0xc0 net/unix/af_unix.c:2866\nunix_stream_recv_urg net/unix/af_unix.c:2587 [inline]\nunix_stream_read_generic+0x19a5/0x2480 net/unix/af_unix.c:2666\nunix_stream_recvmsg+0x189/0x1b0 net/unix/af_unix.c:2903\nsock_recvmsg_nosec net/socket.c:1044 [inline]\nsock_recvmsg+0xe2/0x170 net/socket.c:1066\n____sys_recvmsg+0x21f/0x5c0 net/socket.c:2803\n___sys_recvmsg+0x115/0x1a0 net/socket.c:2845\n__sys_recvmsg+0x114/0x1e0 net/socket.c:2875\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\nRIP: 0033:0x7fc67492c559\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 51 18 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fc6748ab228 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 000000000000001c RCX: 00007fc67492c559\nRDX: 0000000040010083 RSI: 0000000020000140 RDI: 0000000000000004\nRBP: 00007fc6749b6348 R08: 00007fc6748ab6c0 R09: 00007fc6748ab6c0\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007fc6749b6340\nR13: 00007fc6749b634c R14: 00007ffe9fac52a0 R15: 00007ffe9fac5388\n\u003c/TASK\u003e\n\nAllocated by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\n__kasan_slab_alloc+0x81/0x90 mm/kasan/common.c:328\nkasan_slab_alloc include/linux/kasan.h:188 [inline]\nslab_post_alloc_hook mm/slab.h:763 [inline]\nslab_alloc_node mm/slub.c:3478 [inline]\nkmem_cache_alloc_node+0x180/0x3c0 mm/slub.c:3523\n__alloc_skb+0x287/0x330 net/core/skbuff.c:641\nalloc_skb include/linux/skbuff.h:1286 [inline]\nalloc_skb_with_frags+0xe4/0x710 net/core/skbuff.c:6331\nsock_alloc_send_pskb+0x7e4/0x970 net/core/sock.c:2780\nsock_alloc_send_skb include/net/sock.h:1884 [inline]\nqueue_oob net/unix/af_unix.c:2147 [inline]\nunix_stream_sendmsg+0xb5f/0x10a0 net/unix/af_unix.c:2301\nsock_sendmsg_nosec net/socket.c:730 [inline]\n__sock_sendmsg+0xd5/0x180 net/socket.c:745\n____sys_sendmsg+0x6ac/0x940 net/socket.c:2584\n___sys_sendmsg+0x135/0x1d0 net/socket.c:2638\n__sys_sendmsg+0x117/0x1e0 net/socket.c:2667\ndo_syscall_x64 arch/x86/entry/common.c:51 [inline]\ndo_syscall_64+0x3f/0x110 arch/x86/entry/common.c:82\nentry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nFreed by task 5295:\nkasan_save_stack+0x33/0x50 mm/kasan/common.c:45\nkasan_set_track+0x25/0x30 mm/kasan/common.c:52\nkasan_save_free_info+0x2b/0x40 mm/kasan/generic.c:522\n____kasan_slab_free mm/kasan/common.c:236 [inline]\n____kasan_slab_free+0x15b/0x1b0 mm/kasan/common.c:200\nkasan_slab_free include/linux/kasan.h:164 [inline]\nslab_free_hook mm/slub.c:1800 [inline]\nslab_free_freelist_hook+0x114/0x1e0 mm/slub.c:1826\nslab_free mm/slub.c:3809 [inline]\nkmem_cache_free+0xf8/0x340 mm/slub.c:3831\nkfree_skbmem+0xef/0x1b0 net/core/skbuff.c:1015\n__kfree_skb net/core/skbuff.c:1073 [inline]\nconsume_skb net/core/skbuff.c:1288 [inline]\nconsume_skb+0xdf/0x170 net/core/skbuff.c:1282\nqueue_oob net/unix/af_unix.c:2178 [inline]\nu\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52772",
"url": "https://www.suse.com/security/cve/CVE-2023-52772"
},
{
"category": "external",
"summary": "SUSE Bug 1224989 for CVE-2023-52772",
"url": "https://bugzilla.suse.com/1224989"
},
{
"category": "external",
"summary": "SUSE Bug 1224991 for CVE-2023-52772",
"url": "https://bugzilla.suse.com/1224991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2023-52772"
},
{
"cve": "CVE-2023-52860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process\n\nWhen tearing down a \u0027hisi_hns3\u0027 PMU, we mistakenly run the CPU hotplug\ncallbacks after the device has been unregistered, leading to fireworks\nwhen we try to execute empty function callbacks within the driver:\n\n | Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n | CPU: 0 PID: 15 Comm: cpuhp/0 Tainted: G W O 5.12.0-rc4+ #1\n | Hardware name: , BIOS KpxxxFPGA 1P B600 V143 04/22/2021\n | pstate: 80400009 (Nzcv daif +PAN -UAO -TCO BTYPE=--)\n | pc : perf_pmu_migrate_context+0x98/0x38c\n | lr : perf_pmu_migrate_context+0x94/0x38c\n |\n | Call trace:\n | perf_pmu_migrate_context+0x98/0x38c\n | hisi_hns3_pmu_offline_cpu+0x104/0x12c [hisi_hns3_pmu]\n\nUse cpuhp_state_remove_instance_nocalls() instead of\ncpuhp_state_remove_instance() so that the notifiers don\u0027t execute after\nthe PMU device has been unregistered.\n\n[will: Rewrote commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52860",
"url": "https://www.suse.com/security/cve/CVE-2023-52860"
},
{
"category": "external",
"summary": "SUSE Bug 1224936 for CVE-2023-52860",
"url": "https://bugzilla.suse.com/1224936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52860"
},
{
"cve": "CVE-2023-52882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-52882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change\n\nWhile PLL CPUX clock rate change when CPU is running from it works in\nvast majority of cases, now and then it causes instability. This leads\nto system crashes and other undefined behaviour. After a lot of testing\n(30+ hours) while also doing a lot of frequency switches, we can\u0027t\nobserve any instability issues anymore when doing reparenting to stable\nclock like 24 MHz oscillator.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-52882",
"url": "https://www.suse.com/security/cve/CVE-2023-52882"
},
{
"category": "external",
"summary": "SUSE Bug 1225692 for CVE-2023-52882",
"url": "https://bugzilla.suse.com/1225692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-52882"
},
{
"cve": "CVE-2023-6238",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6238"
}
],
"notes": [
{
"category": "general",
"text": "A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6238",
"url": "https://www.suse.com/security/cve/CVE-2023-6238"
},
{
"category": "external",
"summary": "SUSE Bug 1217384 for CVE-2023-6238",
"url": "https://bugzilla.suse.com/1217384"
},
{
"category": "external",
"summary": "SUSE Bug 1217388 for CVE-2023-6238",
"url": "https://bugzilla.suse.com/1217388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-6238"
},
{
"cve": "CVE-2023-6270",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6270"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential code execution.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6270",
"url": "https://www.suse.com/security/cve/CVE-2023-6270"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1218813 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1218813"
},
{
"category": "external",
"summary": "SUSE Bug 1221578 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221578"
},
{
"category": "external",
"summary": "SUSE Bug 1221598 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1221598"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1227675 for CVE-2023-6270",
"url": "https://bugzilla.suse.com/1227675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-6270"
},
{
"cve": "CVE-2023-6531",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6531"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector\u0027s deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6531",
"url": "https://www.suse.com/security/cve/CVE-2023-6531"
},
{
"category": "external",
"summary": "SUSE Bug 1218447 for CVE-2023-6531",
"url": "https://bugzilla.suse.com/1218447"
},
{
"category": "external",
"summary": "SUSE Bug 1218487 for CVE-2023-6531",
"url": "https://bugzilla.suse.com/1218487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2023-6531"
},
{
"cve": "CVE-2023-7042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-7042"
}
],
"notes": [
{
"category": "general",
"text": "A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-7042",
"url": "https://www.suse.com/security/cve/CVE-2023-7042"
},
{
"category": "external",
"summary": "SUSE Bug 1218336 for CVE-2023-7042",
"url": "https://bugzilla.suse.com/1218336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2023-7042"
},
{
"cve": "CVE-2024-0639",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-0639"
}
],
"notes": [
{
"category": "general",
"text": "A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel\u0027s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-0639",
"url": "https://www.suse.com/security/cve/CVE-2024-0639"
},
{
"category": "external",
"summary": "SUSE Bug 1218917 for CVE-2024-0639",
"url": "https://bugzilla.suse.com/1218917"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-0639"
},
{
"cve": "CVE-2024-21823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21823"
}
],
"notes": [
{
"category": "general",
"text": "Hardware logic with insecure de-synchronization in Intel(R) DSA and Intel(R) IAA for some Intel(R) 4th or 5th generation Xeon(R) processors may allow an authorized user to potentially enable escalation of privilege local access",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21823",
"url": "https://www.suse.com/security/cve/CVE-2024-21823"
},
{
"category": "external",
"summary": "SUSE Bug 1223625 for CVE-2024-21823",
"url": "https://bugzilla.suse.com/1223625"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-21823"
},
{
"cve": "CVE-2024-22099",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-22099"
}
],
"notes": [
{
"category": "general",
"text": "NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C.\n\nThis issue affects Linux kernel: v2.6.12-rc2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-22099",
"url": "https://www.suse.com/security/cve/CVE-2024-22099"
},
{
"category": "external",
"summary": "SUSE Bug 1219170 for CVE-2024-22099",
"url": "https://bugzilla.suse.com/1219170"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-22099"
},
{
"cve": "CVE-2024-23848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-23848"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-23848",
"url": "https://www.suse.com/security/cve/CVE-2024-23848"
},
{
"category": "external",
"summary": "SUSE Bug 1219104 for CVE-2024-23848",
"url": "https://bugzilla.suse.com/1219104"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-23848"
},
{
"cve": "CVE-2024-24861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24861"
}
],
"notes": [
{
"category": "general",
"text": "A race condition was found in the Linux kernel\u0027s media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24861",
"url": "https://www.suse.com/security/cve/CVE-2024-24861"
},
{
"category": "external",
"summary": "SUSE Bug 1219623 for CVE-2024-24861",
"url": "https://bugzilla.suse.com/1219623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-24861"
},
{
"cve": "CVE-2024-25739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25739"
}
],
"notes": [
{
"category": "general",
"text": "create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-\u003eleb_size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25739",
"url": "https://www.suse.com/security/cve/CVE-2024-25739"
},
{
"category": "external",
"summary": "SUSE Bug 1219834 for CVE-2024-25739",
"url": "https://bugzilla.suse.com/1219834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-25739"
},
{
"cve": "CVE-2024-26601",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26601"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: regenerate buddy after block freeing failed if under fc replay\n\nThis mostly reverts commit 6bd97bf273bd (\"ext4: remove redundant\nmb_regenerate_buddy()\") and reintroduces mb_regenerate_buddy(). Based on\ncode in mb_free_blocks(), fast commit replay can end up marking as free\nblocks that are already marked as such. This causes corruption of the\nbuddy bitmap so we need to regenerate it in that case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26601",
"url": "https://www.suse.com/security/cve/CVE-2024-26601"
},
{
"category": "external",
"summary": "SUSE Bug 1220342 for CVE-2024-26601",
"url": "https://bugzilla.suse.com/1220342"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26601"
},
{
"cve": "CVE-2024-26611",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26611"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: fix usage of multi-buffer BPF helpers for ZC XDP\n\nCurrently when packet is shrunk via bpf_xdp_adjust_tail() and memory\ntype is set to MEM_TYPE_XSK_BUFF_POOL, null ptr dereference happens:\n\n[1136314.192256] BUG: kernel NULL pointer dereference, address:\n0000000000000034\n[1136314.203943] #PF: supervisor read access in kernel mode\n[1136314.213768] #PF: error_code(0x0000) - not-present page\n[1136314.223550] PGD 0 P4D 0\n[1136314.230684] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[1136314.239621] CPU: 8 PID: 54203 Comm: xdpsock Not tainted 6.6.0+ #257\n[1136314.250469] Hardware name: Intel Corporation S2600WFT/S2600WFT,\nBIOS SE5C620.86B.02.01.0008.031920191559 03/19/2019\n[1136314.265615] RIP: 0010:__xdp_return+0x6c/0x210\n[1136314.274653] Code: ad 00 48 8b 47 08 49 89 f8 a8 01 0f 85 9b 01 00 00 0f 1f 44 00 00 f0 41 ff 48 34 75 32 4c 89 c7 e9 79 cd 80 ff 83 fe 03 75 17 \u003cf6\u003e 41 34 01 0f 85 02 01 00 00 48 89 cf e9 22 cc 1e 00 e9 3d d2 86\n[1136314.302907] RSP: 0018:ffffc900089f8db0 EFLAGS: 00010246\n[1136314.312967] RAX: ffffc9003168aed0 RBX: ffff8881c3300000 RCX:\n0000000000000000\n[1136314.324953] RDX: 0000000000000000 RSI: 0000000000000003 RDI:\nffffc9003168c000\n[1136314.336929] RBP: 0000000000000ae0 R08: 0000000000000002 R09:\n0000000000010000\n[1136314.348844] R10: ffffc9000e495000 R11: 0000000000000040 R12:\n0000000000000001\n[1136314.360706] R13: 0000000000000524 R14: ffffc9003168aec0 R15:\n0000000000000001\n[1136314.373298] FS: 00007f8df8bbcb80(0000) GS:ffff8897e0e00000(0000)\nknlGS:0000000000000000\n[1136314.386105] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1136314.396532] CR2: 0000000000000034 CR3: 00000001aa912002 CR4:\n00000000007706f0\n[1136314.408377] DR0: 0000000000000000 DR1: 0000000000000000 DR2:\n0000000000000000\n[1136314.420173] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:\n0000000000000400\n[1136314.431890] PKRU: 55555554\n[1136314.439143] Call Trace:\n[1136314.446058] \u003cIRQ\u003e\n[1136314.452465] ? __die+0x20/0x70\n[1136314.459881] ? page_fault_oops+0x15b/0x440\n[1136314.468305] ? exc_page_fault+0x6a/0x150\n[1136314.476491] ? asm_exc_page_fault+0x22/0x30\n[1136314.484927] ? __xdp_return+0x6c/0x210\n[1136314.492863] bpf_xdp_adjust_tail+0x155/0x1d0\n[1136314.501269] bpf_prog_ccc47ae29d3b6570_xdp_sock_prog+0x15/0x60\n[1136314.511263] ice_clean_rx_irq_zc+0x206/0xc60 [ice]\n[1136314.520222] ? ice_xmit_zc+0x6e/0x150 [ice]\n[1136314.528506] ice_napi_poll+0x467/0x670 [ice]\n[1136314.536858] ? ttwu_do_activate.constprop.0+0x8f/0x1a0\n[1136314.546010] __napi_poll+0x29/0x1b0\n[1136314.553462] net_rx_action+0x133/0x270\n[1136314.561619] __do_softirq+0xbe/0x28e\n[1136314.569303] do_softirq+0x3f/0x60\n\nThis comes from __xdp_return() call with xdp_buff argument passed as\nNULL which is supposed to be consumed by xsk_buff_free() call.\n\nTo address this properly, in ZC case, a node that represents the frag\nbeing removed has to be pulled out of xskb_list. Introduce\nappropriate xsk helpers to do such node operation and use them\naccordingly within bpf_xdp_adjust_tail().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26611",
"url": "https://www.suse.com/security/cve/CVE-2024-26611"
},
{
"category": "external",
"summary": "SUSE Bug 1221303 for CVE-2024-26611",
"url": "https://bugzilla.suse.com/1221303"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26611"
},
{
"cve": "CVE-2024-26614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: make sure init the accept_queue\u0027s spinlocks once\n\nWhen I run syz\u0027s reproduction C program locally, it causes the following\nissue:\npvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!\nWARNING: CPU: 19 PID: 21160 at __pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nHardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011\nRIP: 0010:__pv_queued_spin_unlock_slowpath (kernel/locking/qspinlock_paravirt.h:508)\nCode: 73 56 3a ff 90 c3 cc cc cc cc 8b 05 bb 1f 48 01 85 c0 74 05 c3 cc cc cc cc 8b 17 48 89 fe 48 c7 c7\n30 20 ce 8f e8 ad 56 42 ff \u003c0f\u003e 0b c3 cc cc cc cc 0f 0b 0f 1f 40 00 90 90 90 90 90 90 90 90 90\nRSP: 0018:ffffa8d200604cb8 EFLAGS: 00010282\nRAX: 0000000000000000 RBX: 0000000000000000 RCX: ffff9d1ef60e0908\nRDX: 00000000ffffffd8 RSI: 0000000000000027 RDI: ffff9d1ef60e0900\nRBP: ffff9d181cd5c280 R08: 0000000000000000 R09: 00000000ffff7fff\nR10: ffffa8d200604b68 R11: ffffffff907dcdc8 R12: 0000000000000000\nR13: ffff9d181cd5c660 R14: ffff9d1813a3f330 R15: 0000000000001000\nFS: 00007fa110184640(0000) GS:ffff9d1ef60c0000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000020000000 CR3: 000000011f65e000 CR4: 00000000000006f0\nCall Trace:\n\u003cIRQ\u003e\n _raw_spin_unlock (kernel/locking/spinlock.c:186)\n inet_csk_reqsk_queue_add (net/ipv4/inet_connection_sock.c:1321)\n inet_csk_complete_hashdance (net/ipv4/inet_connection_sock.c:1358)\n tcp_check_req (net/ipv4/tcp_minisocks.c:868)\n tcp_v4_rcv (net/ipv4/tcp_ipv4.c:2260)\n ip_protocol_deliver_rcu (net/ipv4/ip_input.c:205)\n ip_local_deliver_finish (net/ipv4/ip_input.c:234)\n __netif_receive_skb_one_core (net/core/dev.c:5529)\n process_backlog (./include/linux/rcupdate.h:779)\n __napi_poll (net/core/dev.c:6533)\n net_rx_action (net/core/dev.c:6604)\n __do_softirq (./arch/x86/include/asm/jump_label.h:27)\n do_softirq (kernel/softirq.c:454 kernel/softirq.c:441)\n\u003c/IRQ\u003e\n\u003cTASK\u003e\n __local_bh_enable_ip (kernel/softirq.c:381)\n __dev_queue_xmit (net/core/dev.c:4374)\n ip_finish_output2 (./include/net/neighbour.h:540 net/ipv4/ip_output.c:235)\n __ip_queue_xmit (net/ipv4/ip_output.c:535)\n __tcp_transmit_skb (net/ipv4/tcp_output.c:1462)\n tcp_rcv_synsent_state_process (net/ipv4/tcp_input.c:6469)\n tcp_rcv_state_process (net/ipv4/tcp_input.c:6657)\n tcp_v4_do_rcv (net/ipv4/tcp_ipv4.c:1929)\n __release_sock (./include/net/sock.h:1121 net/core/sock.c:2968)\n release_sock (net/core/sock.c:3536)\n inet_wait_for_connect (net/ipv4/af_inet.c:609)\n __inet_stream_connect (net/ipv4/af_inet.c:702)\n inet_stream_connect (net/ipv4/af_inet.c:748)\n __sys_connect (./include/linux/file.h:45 net/socket.c:2064)\n __x64_sys_connect (net/socket.c:2073 net/socket.c:2070 net/socket.c:2070)\n do_syscall_64 (arch/x86/entry/common.c:51 arch/x86/entry/common.c:82)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:129)\n RIP: 0033:0x7fa10ff05a3d\n Code: 5b 41 5c c3 66 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89\n c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d ab a3 0e 00 f7 d8 64 89 01 48\n RSP: 002b:00007fa110183de8 EFLAGS: 00000202 ORIG_RAX: 000000000000002a\n RAX: ffffffffffffffda RBX: 0000000020000054 RCX: 00007fa10ff05a3d\n RDX: 000000000000001c RSI: 0000000020000040 RDI: 0000000000000003\n RBP: 00007fa110183e20 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000202 R12: 00007fa110184640\n R13: 0000000000000000 R14: 00007fa10fe8b060 R15: 00007fff73e23b20\n\u003c/TASK\u003e\n\nThe issue triggering process is analyzed as follows:\nThread A Thread B\ntcp_v4_rcv\t//receive ack TCP packet inet_shutdown\n tcp_check_req tcp_disconnect //disconnect sock\n ... tcp_set_state(sk, TCP_CLOSE)\n inet_csk_complete_hashdance ...\n inet_csk_reqsk_queue_add \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26614",
"url": "https://www.suse.com/security/cve/CVE-2024-26614"
},
{
"category": "external",
"summary": "SUSE Bug 1221293 for CVE-2024-26614",
"url": "https://bugzilla.suse.com/1221293"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26614"
},
{
"cve": "CVE-2024-26632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26632"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix iterating over an empty bio with bio_for_each_folio_all\n\nIf the bio contains no data, bio_first_folio() calls page_folio() on a\nNULL pointer and oopses. Move the test that we\u0027ve reached the end of\nthe bio from bio_next_folio() to bio_first_folio().\n\n[axboe: add unlikely() to error case]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26632",
"url": "https://www.suse.com/security/cve/CVE-2024-26632"
},
{
"category": "external",
"summary": "SUSE Bug 1221635 for CVE-2024-26632",
"url": "https://bugzilla.suse.com/1221635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26632"
},
{
"cve": "CVE-2024-26638",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26638"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnbd: always initialize struct msghdr completely\n\nsyzbot complains that msg-\u003emsg_get_inq value can be uninitialized [1]\n\nstruct msghdr got many new fields recently, we should always make\nsure their values is zero by default.\n\n[1]\n BUG: KMSAN: uninit-value in tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571\n tcp_recvmsg+0x686/0xac0 net/ipv4/tcp.c:2571\n inet_recvmsg+0x131/0x580 net/ipv4/af_inet.c:879\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg+0x12b/0x1e0 net/socket.c:1066\n __sock_xmit+0x236/0x5c0 drivers/block/nbd.c:538\n nbd_read_reply drivers/block/nbd.c:732 [inline]\n recv_work+0x262/0x3100 drivers/block/nbd.c:863\n process_one_work kernel/workqueue.c:2627 [inline]\n process_scheduled_works+0x104e/0x1e70 kernel/workqueue.c:2700\n worker_thread+0xf45/0x1490 kernel/workqueue.c:2781\n kthread+0x3ed/0x540 kernel/kthread.c:388\n ret_from_fork+0x66/0x80 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:242\n\nLocal variable msg created at:\n __sock_xmit+0x4c/0x5c0 drivers/block/nbd.c:513\n nbd_read_reply drivers/block/nbd.c:732 [inline]\n recv_work+0x262/0x3100 drivers/block/nbd.c:863\n\nCPU: 1 PID: 7465 Comm: kworker/u5:1 Not tainted 6.7.0-rc7-syzkaller-00041-gf016f7547aee #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: nbd5-recv recv_work",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26638",
"url": "https://www.suse.com/security/cve/CVE-2024-26638"
},
{
"category": "external",
"summary": "SUSE Bug 1221649 for CVE-2024-26638",
"url": "https://bugzilla.suse.com/1221649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26638"
},
{
"cve": "CVE-2024-26642",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26642"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26642",
"url": "https://www.suse.com/security/cve/CVE-2024-26642"
},
{
"category": "external",
"summary": "SUSE Bug 1221830 for CVE-2024-26642",
"url": "https://bugzilla.suse.com/1221830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26642"
},
{
"cve": "CVE-2024-26643",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26643"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout\n\nWhile the rhashtable set gc runs asynchronously, a race allows it to\ncollect elements from anonymous sets with timeouts while it is being\nreleased from the commit path.\n\nMingi Cho originally reported this issue in a different path in 6.1.x\nwith a pipapo set with low timeouts which is not possible upstream since\n7395dfacfff6 (\"netfilter: nf_tables: use timestamp to check for set\nelement timeout\").\n\nFix this by setting on the dead flag for anonymous sets to skip async gc\nin this case.\n\nAccording to 08e4c8c5919f (\"netfilter: nf_tables: mark newset as dead on\ntransaction abort\"), Florian plans to accelerate abort path by releasing\nobjects via workqueue, therefore, this sets on the dead flag for abort\npath too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26643",
"url": "https://www.suse.com/security/cve/CVE-2024-26643"
},
{
"category": "external",
"summary": "SUSE Bug 1221829 for CVE-2024-26643",
"url": "https://bugzilla.suse.com/1221829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26643"
},
{
"cve": "CVE-2024-26652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26652"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: pds_core: Fix possible double free in error handling path\n\nWhen auxiliary_device_add() returns error and then calls\nauxiliary_device_uninit(), Callback function pdsc_auxbus_dev_release\ncalls kfree(padev) to free memory. We shouldn\u0027t call kfree(padev)\nagain in the error handling path.\n\nFix this by cleaning up the redundant kfree() and putting\nthe error handling back to where the errors happened.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26652",
"url": "https://www.suse.com/security/cve/CVE-2024-26652"
},
{
"category": "external",
"summary": "SUSE Bug 1222115 for CVE-2024-26652",
"url": "https://bugzilla.suse.com/1222115"
},
{
"category": "external",
"summary": "SUSE Bug 1222116 for CVE-2024-26652",
"url": "https://bugzilla.suse.com/1222116"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-26652"
},
{
"cve": "CVE-2024-26654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26654"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: sh: aica: reorder cleanup operations to avoid UAF bugs\n\nThe dreamcastcard-\u003etimer could schedule the spu_dma_work and the\nspu_dma_work could also arm the dreamcastcard-\u003etimer.\n\nWhen the snd_pcm_substream is closing, the aica_channel will be\ndeallocated. But it could still be dereferenced in the worker\nthread. The reason is that del_timer() will return directly\nregardless of whether the timer handler is running or not and\nthe worker could be rescheduled in the timer handler. As a result,\nthe UAF bug will happen. The racy situation is shown below:\n\n (Thread 1) | (Thread 2)\nsnd_aicapcm_pcm_close() |\n ... | run_spu_dma() //worker\n | mod_timer()\n flush_work() |\n del_timer() | aica_period_elapsed() //timer\n kfree(dreamcastcard-\u003echannel) | schedule_work()\n | run_spu_dma() //worker\n ... | dreamcastcard-\u003echannel-\u003e //USE\n\nIn order to mitigate this bug and other possible corner cases,\ncall mod_timer() conditionally in run_spu_dma(), then implement\nPCM sync_stop op to cancel both the timer and worker. The sync_stop\nop will be called from PCM core appropriately when needed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26654",
"url": "https://www.suse.com/security/cve/CVE-2024-26654"
},
{
"category": "external",
"summary": "SUSE Bug 1222304 for CVE-2024-26654",
"url": "https://bugzilla.suse.com/1222304"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26654"
},
{
"cve": "CVE-2024-26656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26656"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix use-after-free bug\n\nThe bug can be triggered by sending a single amdgpu_gem_userptr_ioctl\nto the AMDGPU DRM driver on any ASICs with an invalid address and size.\nThe bug was reported by Joonkyo Jung \u003cjoonkyoj@yonsei.ac.kr\u003e.\nFor example the following code:\n\nstatic void Syzkaller1(int fd)\n{\n\tstruct drm_amdgpu_gem_userptr arg;\n\tint ret;\n\n\targ.addr = 0xffffffffffff0000;\n\targ.size = 0x80000000; /*2 Gb*/\n\targ.flags = 0x7;\n\tret = drmIoctl(fd, 0xc1186451/*amdgpu_gem_userptr_ioctl*/, \u0026arg);\n}\n\nDue to the address and size are not valid there is a failure in\namdgpu_hmm_register-\u003emmu_interval_notifier_insert-\u003e__mmu_interval_notifier_insert-\u003e\ncheck_shl_overflow, but we even the amdgpu_hmm_register failure we still call\namdgpu_hmm_unregister into amdgpu_gem_object_free which causes access to a bad address.\nThe following stack is below when the issue is reproduced when Kazan is enabled:\n\n[ +0.000014] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020\n[ +0.000009] RIP: 0010:mmu_interval_notifier_remove+0x327/0x340\n[ +0.000017] Code: ff ff 49 89 44 24 08 48 b8 00 01 00 00 00 00 ad de 4c 89 f7 49 89 47 40 48 83 c0 22 49 89 47 48 e8 ce d1 2d 01 e9 32 ff ff ff \u003c0f\u003e 0b e9 16 ff ff ff 4c 89 ef e8 fa 14 b3 ff e9 36 ff ff ff e8 80\n[ +0.000014] RSP: 0018:ffffc90002657988 EFLAGS: 00010246\n[ +0.000013] RAX: 0000000000000000 RBX: 1ffff920004caf35 RCX: ffffffff8160565b\n[ +0.000011] RDX: dffffc0000000000 RSI: 0000000000000004 RDI: ffff8881a9f78260\n[ +0.000010] RBP: ffffc90002657a70 R08: 0000000000000001 R09: fffff520004caf25\n[ +0.000010] R10: 0000000000000003 R11: ffffffff8161d1d6 R12: ffff88810e988c00\n[ +0.000010] R13: ffff888126fb5a00 R14: ffff88810e988c0c R15: ffff8881a9f78260\n[ +0.000011] FS: 00007ff9ec848540(0000) GS:ffff8883cc880000(0000) knlGS:0000000000000000\n[ +0.000012] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.000010] CR2: 000055b3f7e14328 CR3: 00000001b5770000 CR4: 0000000000350ef0\n[ +0.000010] Call Trace:\n[ +0.000006] \u003cTASK\u003e\n[ +0.000007] ? show_regs+0x6a/0x80\n[ +0.000018] ? __warn+0xa5/0x1b0\n[ +0.000019] ? mmu_interval_notifier_remove+0x327/0x340\n[ +0.000018] ? report_bug+0x24a/0x290\n[ +0.000022] ? handle_bug+0x46/0x90\n[ +0.000015] ? exc_invalid_op+0x19/0x50\n[ +0.000016] ? asm_exc_invalid_op+0x1b/0x20\n[ +0.000017] ? kasan_save_stack+0x26/0x50\n[ +0.000017] ? mmu_interval_notifier_remove+0x23b/0x340\n[ +0.000019] ? mmu_interval_notifier_remove+0x327/0x340\n[ +0.000019] ? mmu_interval_notifier_remove+0x23b/0x340\n[ +0.000020] ? __pfx_mmu_interval_notifier_remove+0x10/0x10\n[ +0.000017] ? kasan_save_alloc_info+0x1e/0x30\n[ +0.000018] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? __kasan_kmalloc+0xb1/0xc0\n[ +0.000018] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? __kasan_check_read+0x11/0x20\n[ +0.000020] amdgpu_hmm_unregister+0x34/0x50 [amdgpu]\n[ +0.004695] amdgpu_gem_object_free+0x66/0xa0 [amdgpu]\n[ +0.004534] ? __pfx_amdgpu_gem_object_free+0x10/0x10 [amdgpu]\n[ +0.004291] ? do_syscall_64+0x5f/0xe0\n[ +0.000023] ? srso_return_thunk+0x5/0x5f\n[ +0.000017] drm_gem_object_free+0x3b/0x50 [drm]\n[ +0.000489] amdgpu_gem_userptr_ioctl+0x306/0x500 [amdgpu]\n[ +0.004295] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004270] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? __this_cpu_preempt_check+0x13/0x20\n[ +0.000015] ? srso_return_thunk+0x5/0x5f\n[ +0.000013] ? sysvec_apic_timer_interrupt+0x57/0xc0\n[ +0.000020] ? srso_return_thunk+0x5/0x5f\n[ +0.000014] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20\n[ +0.000022] ? drm_ioctl_kernel+0x17b/0x1f0 [drm]\n[ +0.000496] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004272] ? drm_ioctl_kernel+0x190/0x1f0 [drm]\n[ +0.000492] drm_ioctl_kernel+0x140/0x1f0 [drm]\n[ +0.000497] ? __pfx_amdgpu_gem_userptr_ioctl+0x10/0x10 [amdgpu]\n[ +0.004297] ? __pfx_drm_ioctl_kernel+0x10/0x10 [d\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26656",
"url": "https://www.suse.com/security/cve/CVE-2024-26656"
},
{
"category": "external",
"summary": "SUSE Bug 1222307 for CVE-2024-26656",
"url": "https://bugzilla.suse.com/1222307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26656"
},
{
"cve": "CVE-2024-26657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26657"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/sched: fix null-ptr-deref in init entity\n\nThe bug can be triggered by sending an amdgpu_cs_wait_ioctl\nto the AMDGPU DRM driver on any ASICs with valid context.\nThe bug was reported by Joonkyo Jung \u003cjoonkyoj@yonsei.ac.kr\u003e.\nFor example the following code:\n\n static void Syzkaller2(int fd)\n {\n\tunion drm_amdgpu_ctx arg1;\n\tunion drm_amdgpu_wait_cs arg2;\n\n\targ1.in.op = AMDGPU_CTX_OP_ALLOC_CTX;\n\tret = drmIoctl(fd, 0x140106442 /* amdgpu_ctx_ioctl */, \u0026arg1);\n\n\targ2.in.handle = 0x0;\n\targ2.in.timeout = 0x2000000000000;\n\targ2.in.ip_type = AMD_IP_VPE /* 0x9 */;\n\targ2-\u003ein.ip_instance = 0x0;\n\targ2.in.ring = 0x0;\n\targ2.in.ctx_id = arg1.out.alloc.ctx_id;\n\n\tdrmIoctl(fd, 0xc0206449 /* AMDGPU_WAIT_CS * /, \u0026arg2);\n }\n\nThe ioctl AMDGPU_WAIT_CS without previously submitted job could be assumed that\nthe error should be returned, but the following commit 1decbf6bb0b4dc56c9da6c5e57b994ebfc2be3aa\nmodified the logic and allowed to have sched_rq equal to NULL.\n\nAs a result when there is no job the ioctl AMDGPU_WAIT_CS returns success.\nThe change fixes null-ptr-deref in init entity and the stack below demonstrates\nthe error condition:\n\n[ +0.000007] BUG: kernel NULL pointer dereference, address: 0000000000000028\n[ +0.007086] #PF: supervisor read access in kernel mode\n[ +0.005234] #PF: error_code(0x0000) - not-present page\n[ +0.005232] PGD 0 P4D 0\n[ +0.002501] Oops: 0000 [#1] PREEMPT SMP KASAN NOPTI\n[ +0.005034] CPU: 10 PID: 9229 Comm: amd_basic Tainted: G B W L 6.7.0+ #4\n[ +0.007797] Hardware name: ASUS System Product Name/ROG STRIX B550-F GAMING (WI-FI), BIOS 1401 12/03/2020\n[ +0.009798] RIP: 0010:drm_sched_entity_init+0x2d3/0x420 [gpu_sched]\n[ +0.006426] Code: 80 00 00 00 00 00 00 00 e8 1a 81 82 e0 49 89 9c 24 c0 00 00 00 4c 89 ef e8 4a 80 82 e0 49 8b 5d 00 48 8d 7b 28 e8 3d 80 82 e0 \u003c48\u003e 83 7b 28 00 0f 84 28 01 00 00 4d 8d ac 24 98 00 00 00 49 8d 5c\n[ +0.019094] RSP: 0018:ffffc90014c1fa40 EFLAGS: 00010282\n[ +0.005237] RAX: 0000000000000001 RBX: 0000000000000000 RCX: ffffffff8113f3fa\n[ +0.007326] RDX: fffffbfff0a7889d RSI: 0000000000000008 RDI: ffffffff853c44e0\n[ +0.007264] RBP: ffffc90014c1fa80 R08: 0000000000000001 R09: fffffbfff0a7889c\n[ +0.007266] R10: ffffffff853c44e7 R11: 0000000000000001 R12: ffff8881a719b010\n[ +0.007263] R13: ffff88810d412748 R14: 0000000000000002 R15: 0000000000000000\n[ +0.007264] FS: 00007ffff7045540(0000) GS:ffff8883cc900000(0000) knlGS:0000000000000000\n[ +0.008236] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ +0.005851] CR2: 0000000000000028 CR3: 000000011912e000 CR4: 0000000000350ef0\n[ +0.007175] Call Trace:\n[ +0.002561] \u003cTASK\u003e\n[ +0.002141] ? show_regs+0x6a/0x80\n[ +0.003473] ? __die+0x25/0x70\n[ +0.003124] ? page_fault_oops+0x214/0x720\n[ +0.004179] ? preempt_count_sub+0x18/0xc0\n[ +0.004093] ? __pfx_page_fault_oops+0x10/0x10\n[ +0.004590] ? srso_return_thunk+0x5/0x5f\n[ +0.004000] ? vprintk_default+0x1d/0x30\n[ +0.004063] ? srso_return_thunk+0x5/0x5f\n[ +0.004087] ? vprintk+0x5c/0x90\n[ +0.003296] ? drm_sched_entity_init+0x2d3/0x420 [gpu_sched]\n[ +0.005807] ? srso_return_thunk+0x5/0x5f\n[ +0.004090] ? _printk+0xb3/0xe0\n[ +0.003293] ? __pfx__printk+0x10/0x10\n[ +0.003735] ? asm_sysvec_apic_timer_interrupt+0x1b/0x20\n[ +0.005482] ? do_user_addr_fault+0x345/0x770\n[ +0.004361] ? exc_page_fault+0x64/0xf0\n[ +0.003972] ? asm_exc_page_fault+0x27/0x30\n[ +0.004271] ? add_taint+0x2a/0xa0\n[ +0.003476] ? drm_sched_entity_init+0x2d3/0x420 [gpu_sched]\n[ +0.005812] amdgpu_ctx_get_entity+0x3f9/0x770 [amdgpu]\n[ +0.009530] ? finish_task_switch.isra.0+0x129/0x470\n[ +0.005068] ? __pfx_amdgpu_ctx_get_entity+0x10/0x10 [amdgpu]\n[ +0.010063] ? __kasan_check_write+0x14/0x20\n[ +0.004356] ? srso_return_thunk+0x5/0x5f\n[ +0.004001] ? mutex_unlock+0x81/0xd0\n[ +0.003802] ? srso_return_thunk+0x5/0x5f\n[ +0.004096] amdgpu_cs_wait_ioctl+0xf6/0x270 [amdgpu]\n[ +0.009355] ? __pfx_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26657",
"url": "https://www.suse.com/security/cve/CVE-2024-26657"
},
{
"category": "external",
"summary": "SUSE Bug 1222273 for CVE-2024-26657",
"url": "https://bugzilla.suse.com/1222273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26657"
},
{
"cve": "CVE-2024-26671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-mq: fix IO hang from sbitmap wakeup race\n\nIn blk_mq_mark_tag_wait(), __add_wait_queue() may be re-ordered\nwith the following blk_mq_get_driver_tag() in case of getting driver\ntag failure.\n\nThen in __sbitmap_queue_wake_up(), waitqueue_active() may not observe\nthe added waiter in blk_mq_mark_tag_wait() and wake up nothing, meantime\nblk_mq_mark_tag_wait() can\u0027t get driver tag successfully.\n\nThis issue can be reproduced by running the following test in loop, and\nfio hang can be observed in \u003c 30min when running it on my test VM\nin laptop.\n\n\tmodprobe -r scsi_debug\n\tmodprobe scsi_debug delay=0 dev_size_mb=4096 max_queue=1 host_max_queue=1 submit_queues=4\n\tdev=`ls -d /sys/bus/pseudo/drivers/scsi_debug/adapter*/host*/target*/*/block/* | head -1 | xargs basename`\n\tfio --filename=/dev/\"$dev\" --direct=1 --rw=randrw --bs=4k --iodepth=1 \\\n \t\t--runtime=100 --numjobs=40 --time_based --name=test \\\n \t--ioengine=libaio\n\nFix the issue by adding one explicit barrier in blk_mq_mark_tag_wait(), which\nis just fine in case of running out of tag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26671",
"url": "https://www.suse.com/security/cve/CVE-2024-26671"
},
{
"category": "external",
"summary": "SUSE Bug 1222357 for CVE-2024-26671",
"url": "https://bugzilla.suse.com/1222357"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26671"
},
{
"cve": "CVE-2024-26673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations\n\n- Disallow families other than NFPROTO_{IPV4,IPV6,INET}.\n- Disallow layer 4 protocol with no ports, since destination port is a\n mandatory attribute for this object.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26673",
"url": "https://www.suse.com/security/cve/CVE-2024-26673"
},
{
"category": "external",
"summary": "SUSE Bug 1222368 for CVE-2024-26673",
"url": "https://bugzilla.suse.com/1222368"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26673"
},
{
"cve": "CVE-2024-26674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/lib: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups\n\nDuring memory error injection test on kernels \u003e= v6.4, the kernel panics\nlike below. However, this issue couldn\u0027t be reproduced on kernels \u003c= v6.3.\n\n mce: [Hardware Error]: CPU 296: Machine Check Exception: f Bank 1: bd80000000100134\n mce: [Hardware Error]: RIP 10:\u003cffffffff821b9776\u003e {__get_user_nocheck_4+0x6/0x20}\n mce: [Hardware Error]: TSC 411a93533ed ADDR 346a8730040 MISC 86\n mce: [Hardware Error]: PROCESSOR 0:a06d0 TIME 1706000767 SOCKET 1 APIC 211 microcode 80001490\n mce: [Hardware Error]: Run the above through \u0027mcelog --ascii\u0027\n mce: [Hardware Error]: Machine check: Data load in unrecoverable area of kernel\n Kernel panic - not syncing: Fatal local machine check\n\nThe MCA code can recover from an in-kernel #MC if the fixup type is\nEX_TYPE_UACCESS, explicitly indicating that the kernel is attempting to\naccess userspace memory. However, if the fixup type is EX_TYPE_DEFAULT\nthe only thing that is raised for an in-kernel #MC is a panic.\n\nex_handler_uaccess() would warn if users gave a non-canonical addresses\n(with bit 63 clear) to {get, put}_user(), which was unexpected.\n\nTherefore, commit\n\n b19b74bc99b1 (\"x86/mm: Rework address range check in get_user() and put_user()\")\n\nreplaced _ASM_EXTABLE_UA() with _ASM_EXTABLE() for {get, put}_user()\nfixups. However, the new fixup type EX_TYPE_DEFAULT results in a panic.\n\nCommit\n\n 6014bc27561f (\"x86-64: make access_ok() independent of LAM\")\n\nadded the check gp_fault_address_ok() right before the WARN_ONCE() in\nex_handler_uaccess() to not warn about non-canonical user addresses due\nto LAM.\n\nWith that in place, revert back to _ASM_EXTABLE_UA() for {get,put}_user()\nexception fixups in order to be able to handle in-kernel MCEs correctly\nagain.\n\n [ bp: Massage commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26674",
"url": "https://www.suse.com/security/cve/CVE-2024-26674"
},
{
"category": "external",
"summary": "SUSE Bug 1222378 for CVE-2024-26674",
"url": "https://bugzilla.suse.com/1222378"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26674"
},
{
"cve": "CVE-2024-26675",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26675"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppp_async: limit MRU to 64K\n\nsyzbot triggered a warning [1] in __alloc_pages():\n\nWARN_ON_ONCE_GFP(order \u003e MAX_PAGE_ORDER, gfp)\n\nWillem fixed a similar issue in commit c0a2a1b0d631 (\"ppp: limit MRU to 64K\")\n\nAdopt the same sanity check for ppp_async_ioctl(PPPIOCSMRU)\n\n[1]:\n\n WARNING: CPU: 1 PID: 11 at mm/page_alloc.c:4543 __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\nModules linked in:\nCPU: 1 PID: 11 Comm: kworker/u4:0 Not tainted 6.8.0-rc2-syzkaller-g41bccc98fb79 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/17/2023\nWorkqueue: events_unbound flush_to_ldisc\npstate: 204000c5 (nzCv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n lr : __alloc_pages+0xc8/0x698 mm/page_alloc.c:4537\nsp : ffff800093967580\nx29: ffff800093967660 x28: ffff8000939675a0 x27: dfff800000000000\nx26: ffff70001272ceb4 x25: 0000000000000000 x24: ffff8000939675c0\nx23: 0000000000000000 x22: 0000000000060820 x21: 1ffff0001272ceb8\nx20: ffff8000939675e0 x19: 0000000000000010 x18: ffff800093967120\nx17: ffff800083bded5c x16: ffff80008ac97500 x15: 0000000000000005\nx14: 1ffff0001272cebc x13: 0000000000000000 x12: 0000000000000000\nx11: ffff70001272cec1 x10: 1ffff0001272cec0 x9 : 0000000000000001\nx8 : ffff800091c91000 x7 : 0000000000000000 x6 : 000000000000003f\nx5 : 00000000ffffffff x4 : 0000000000000000 x3 : 0000000000000020\nx2 : 0000000000000008 x1 : 0000000000000000 x0 : ffff8000939675e0\nCall trace:\n __alloc_pages+0x308/0x698 mm/page_alloc.c:4543\n __alloc_pages_node include/linux/gfp.h:238 [inline]\n alloc_pages_node include/linux/gfp.h:261 [inline]\n __kmalloc_large_node+0xbc/0x1fc mm/slub.c:3926\n __do_kmalloc_node mm/slub.c:3969 [inline]\n __kmalloc_node_track_caller+0x418/0x620 mm/slub.c:4001\n kmalloc_reserve+0x17c/0x23c net/core/skbuff.c:590\n __alloc_skb+0x1c8/0x3d8 net/core/skbuff.c:651\n __netdev_alloc_skb+0xb8/0x3e8 net/core/skbuff.c:715\n netdev_alloc_skb include/linux/skbuff.h:3235 [inline]\n dev_alloc_skb include/linux/skbuff.h:3248 [inline]\n ppp_async_input drivers/net/ppp/ppp_async.c:863 [inline]\n ppp_asynctty_receive+0x588/0x186c drivers/net/ppp/ppp_async.c:341\n tty_ldisc_receive_buf+0x12c/0x15c drivers/tty/tty_buffer.c:390\n tty_port_default_receive_buf+0x74/0xac drivers/tty/tty_port.c:37\n receive_buf drivers/tty/tty_buffer.c:444 [inline]\n flush_to_ldisc+0x284/0x6e4 drivers/tty/tty_buffer.c:494\n process_one_work+0x694/0x1204 kernel/workqueue.c:2633\n process_scheduled_works kernel/workqueue.c:2706 [inline]\n worker_thread+0x938/0xef4 kernel/workqueue.c:2787\n kthread+0x288/0x310 kernel/kthread.c:388\n ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:860",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26675",
"url": "https://www.suse.com/security/cve/CVE-2024-26675"
},
{
"category": "external",
"summary": "SUSE Bug 1222379 for CVE-2024-26675",
"url": "https://bugzilla.suse.com/1222379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26675"
},
{
"cve": "CVE-2024-26679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26679"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: read sk-\u003esk_family once in inet_recv_error()\n\ninet_recv_error() is called without holding the socket lock.\n\nIPv6 socket could mutate to IPv4 with IPV6_ADDRFORM\nsocket option and trigger a KCSAN warning.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26679",
"url": "https://www.suse.com/security/cve/CVE-2024-26679"
},
{
"category": "external",
"summary": "SUSE Bug 1222385 for CVE-2024-26679",
"url": "https://bugzilla.suse.com/1222385"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26679"
},
{
"cve": "CVE-2024-26684",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26684"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: xgmac: fix handling of DPP safety error for DMA channels\n\nCommit 56e58d6c8a56 (\"net: stmmac: Implement Safety Features in\nXGMAC core\") checks and reports safety errors, but leaves the\nData Path Parity Errors for each channel in DMA unhandled at all, lead to\na storm of interrupt.\nFix it by checking and clearing the DMA_DPP_Interrupt_Status register.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26684",
"url": "https://www.suse.com/security/cve/CVE-2024-26684"
},
{
"category": "external",
"summary": "SUSE Bug 1222445 for CVE-2024-26684",
"url": "https://bugzilla.suse.com/1222445"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26684"
},
{
"cve": "CVE-2024-26685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26685"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential bug in end_buffer_async_write\n\nAccording to a syzbot report, end_buffer_async_write(), which handles the\ncompletion of block device writes, may detect abnormal condition of the\nbuffer async_write flag and cause a BUG_ON failure when using nilfs2.\n\nNilfs2 itself does not use end_buffer_async_write(). But, the async_write\nflag is now used as a marker by commit 7f42ec394156 (\"nilfs2: fix issue\nwith race condition of competition between segments for dirty blocks\") as\na means of resolving double list insertion of dirty blocks in\nnilfs_lookup_dirty_data_buffers() and nilfs_lookup_node_buffers() and the\nresulting crash.\n\nThis modification is safe as long as it is used for file data and b-tree\nnode blocks where the page caches are independent. However, it was\nirrelevant and redundant to also introduce async_write for segment summary\nand super root blocks that share buffers with the backing device. This\nled to the possibility that the BUG_ON check in end_buffer_async_write\nwould fail as described above, if independent writebacks of the backing\ndevice occurred in parallel.\n\nThe use of async_write for segment summary buffers has already been\nremoved in a previous change.\n\nFix this issue by removing the manipulation of the async_write flag for\nthe remaining super root block buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26685",
"url": "https://www.suse.com/security/cve/CVE-2024-26685"
},
{
"category": "external",
"summary": "SUSE Bug 1222437 for CVE-2024-26685",
"url": "https://bugzilla.suse.com/1222437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26685"
},
{
"cve": "CVE-2024-26692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26692"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: Fix regression in writes when non-standard maximum write size negotiated\n\nThe conversion to netfs in the 6.3 kernel caused a regression when\nmaximum write size is set by the server to an unexpected value which is\nnot a multiple of 4096 (similarly if the user overrides the maximum\nwrite size by setting mount parm \"wsize\", but sets it to a value that\nis not a multiple of 4096). When negotiated write size is not a\nmultiple of 4096 the netfs code can skip the end of the final\npage when doing large sequential writes, causing data corruption.\n\nThis section of code is being rewritten/removed due to a large\nnetfs change, but until that point (ie for the 6.3 kernel until now)\nwe can not support non-standard maximum write sizes.\n\nAdd a warning if a user specifies a wsize on mount that is not\na multiple of 4096 (and round down), also add a change where we\nround down the maximum write size if the server negotiates a value\nthat is not a multiple of 4096 (we also have to check to make sure that\nwe do not round it down to zero).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26692",
"url": "https://www.suse.com/security/cve/CVE-2024-26692"
},
{
"category": "external",
"summary": "SUSE Bug 1222464 for CVE-2024-26692",
"url": "https://bugzilla.suse.com/1222464"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26692"
},
{
"cve": "CVE-2024-26696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26696"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix hang in nilfs_lookup_dirty_data_buffers()\n\nSyzbot reported a hang issue in migrate_pages_batch() called by mbind()\nand nilfs_lookup_dirty_data_buffers() called in the log writer of nilfs2.\n\nWhile migrate_pages_batch() locks a folio and waits for the writeback to\ncomplete, the log writer thread that should bring the writeback to\ncompletion picks up the folio being written back in\nnilfs_lookup_dirty_data_buffers() that it calls for subsequent log\ncreation and was trying to lock the folio. Thus causing a deadlock.\n\nIn the first place, it is unexpected that folios/pages in the middle of\nwriteback will be updated and become dirty. Nilfs2 adds a checksum to\nverify the validity of the log being written and uses it for recovery at\nmount, so data changes during writeback are suppressed. Since this is\nbroken, an unclean shutdown could potentially cause recovery to fail.\n\nInvestigation revealed that the root cause is that the wait for writeback\ncompletion in nilfs_page_mkwrite() is conditional, and if the backing\ndevice does not require stable writes, data may be modified without\nwaiting.\n\nFix these issues by making nilfs_page_mkwrite() wait for writeback to\nfinish regardless of the stable write requirement of the backing device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26696",
"url": "https://www.suse.com/security/cve/CVE-2024-26696"
},
{
"category": "external",
"summary": "SUSE Bug 1222549 for CVE-2024-26696",
"url": "https://bugzilla.suse.com/1222549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26696"
},
{
"cve": "CVE-2024-26697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix data corruption in dsync block recovery for small block sizes\n\nThe helper function nilfs_recovery_copy_block() of\nnilfs_recovery_dsync_blocks(), which recovers data from logs created by\ndata sync writes during a mount after an unclean shutdown, incorrectly\ncalculates the on-page offset when copying repair data to the file\u0027s page\ncache. In environments where the block size is smaller than the page\nsize, this flaw can cause data corruption and leak uninitialized memory\nbytes during the recovery process.\n\nFix these issues by correcting this byte offset calculation on the page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26697",
"url": "https://www.suse.com/security/cve/CVE-2024-26697"
},
{
"category": "external",
"summary": "SUSE Bug 1222550 for CVE-2024-26697",
"url": "https://bugzilla.suse.com/1222550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26697"
},
{
"cve": "CVE-2024-26704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26704"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix double-free of blocks due to wrong extents moved_len\n\nIn ext4_move_extents(), moved_len is only updated when all moves are\nsuccessfully executed, and only discards orig_inode and donor_inode\npreallocations when moved_len is not zero. When the loop fails to exit\nafter successfully moving some extents, moved_len is not updated and\nremains at 0, so it does not discard the preallocations.\n\nIf the moved extents overlap with the preallocated extents, the\noverlapped extents are freed twice in ext4_mb_release_inode_pa() and\next4_process_freed_data() (as described in commit 94d7c16cbbbd (\"ext4:\nFix double-free of blocks with EXT4_IOC_MOVE_EXT\")), and bb_free is\nincremented twice. Hence when trim is executed, a zero-division bug is\ntriggered in mb_update_avg_fragment_size() because bb_free is not zero\nand bb_fragments is zero.\n\nTherefore, update move_len after each extent move to avoid the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26704",
"url": "https://www.suse.com/security/cve/CVE-2024-26704"
},
{
"category": "external",
"summary": "SUSE Bug 1222422 for CVE-2024-26704",
"url": "https://bugzilla.suse.com/1222422"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26704"
},
{
"cve": "CVE-2024-26714",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26714"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninterconnect: qcom: sc8180x: Mark CO0 BCM keepalive\n\nThe CO0 BCM needs to be up at all times, otherwise some hardware (like\nthe UFS controller) loses its connection to the rest of the SoC,\nresulting in a hang of the platform, accompanied by a spectacular\nlogspam.\n\nMark it as keepalive to prevent such cases.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26714",
"url": "https://www.suse.com/security/cve/CVE-2024-26714"
},
{
"category": "external",
"summary": "SUSE Bug 1222489 for CVE-2024-26714",
"url": "https://bugzilla.suse.com/1222489"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26714"
},
{
"cve": "CVE-2024-26726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26726"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: don\u0027t drop extent_map for free space inode on write error\n\nWhile running the CI for an unrelated change I hit the following panic\nwith generic/648 on btrfs_holes_spacecache.\n\nassertion failed: block_start != EXTENT_MAP_HOLE, in fs/btrfs/extent_io.c:1385\n------------[ cut here ]------------\nkernel BUG at fs/btrfs/extent_io.c:1385!\ninvalid opcode: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 1 PID: 2695096 Comm: fsstress Kdump: loaded Tainted: G W 6.8.0-rc2+ #1\nRIP: 0010:__extent_writepage_io.constprop.0+0x4c1/0x5c0\nCall Trace:\n \u003cTASK\u003e\n extent_write_cache_pages+0x2ac/0x8f0\n extent_writepages+0x87/0x110\n do_writepages+0xd5/0x1f0\n filemap_fdatawrite_wbc+0x63/0x90\n __filemap_fdatawrite_range+0x5c/0x80\n btrfs_fdatawrite_range+0x1f/0x50\n btrfs_write_out_cache+0x507/0x560\n btrfs_write_dirty_block_groups+0x32a/0x420\n commit_cowonly_roots+0x21b/0x290\n btrfs_commit_transaction+0x813/0x1360\n btrfs_sync_file+0x51a/0x640\n __x64_sys_fdatasync+0x52/0x90\n do_syscall_64+0x9c/0x190\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nThis happens because we fail to write out the free space cache in one\ninstance, come back around and attempt to write it again. However on\nthe second pass through we go to call btrfs_get_extent() on the inode to\nget the extent mapping. Because this is a new block group, and with the\nfree space inode we always search the commit root to avoid deadlocking\nwith the tree, we find nothing and return a EXTENT_MAP_HOLE for the\nrequested range.\n\nThis happens because the first time we try to write the space cache out\nwe hit an error, and on an error we drop the extent mapping. This is\nnormal for normal files, but the free space cache inode is special. We\nalways expect the extent map to be correct. Thus the second time\nthrough we end up with a bogus extent map.\n\nSince we\u0027re deprecating this feature, the most straightforward way to\nfix this is to simply skip dropping the extent map range for this failed\nrange.\n\nI shortened the test by using error injection to stress the area to make\nit easier to reproduce. With this patch in place we no longer panic\nwith my error injection test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26726",
"url": "https://www.suse.com/security/cve/CVE-2024-26726"
},
{
"category": "external",
"summary": "SUSE Bug 1222532 for CVE-2024-26726",
"url": "https://bugzilla.suse.com/1222532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26726"
},
{
"cve": "CVE-2024-26731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26731"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Fix NULL pointer dereference in sk_psock_verdict_data_ready()\n\nsyzbot reported the following NULL pointer dereference issue [1]:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n [...]\n RIP: 0010:0x0\n [...]\n Call Trace:\n \u003cTASK\u003e\n sk_psock_verdict_data_ready+0x232/0x340 net/core/skmsg.c:1230\n unix_stream_sendmsg+0x9b4/0x1230 net/unix/af_unix.c:2293\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\n\nIf sk_psock_verdict_data_ready() and sk_psock_stop_verdict() are called\nconcurrently, psock-\u003esaved_data_ready can be NULL, causing the above issue.\n\nThis patch fixes this issue by calling the appropriate data ready function\nusing the sk_psock_data_ready() helper and protecting it from concurrency\nwith sk-\u003esk_callback_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26731",
"url": "https://www.suse.com/security/cve/CVE-2024-26731"
},
{
"category": "external",
"summary": "SUSE Bug 1222371 for CVE-2024-26731",
"url": "https://bugzilla.suse.com/1222371"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26731"
},
{
"cve": "CVE-2024-26733",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26733"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narp: Prevent overflow in arp_req_get().\n\nsyzkaller reported an overflown write in arp_req_get(). [0]\n\nWhen ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour\nentry and copies neigh-\u003eha to struct arpreq.arp_ha.sa_data.\n\nThe arp_ha here is struct sockaddr, not struct sockaddr_storage, so\nthe sa_data buffer is just 14 bytes.\n\nIn the splat below, 2 bytes are overflown to the next int field,\narp_flags. We initialise the field just after the memcpy(), so it\u0027s\nnot a problem.\n\nHowever, when dev-\u003eaddr_len is greater than 22 (e.g. MAX_ADDR_LEN),\narp_netmask is overwritten, which could be set as htonl(0xFFFFFFFFUL)\nin arp_ioctl() before calling arp_req_get().\n\nTo avoid the overflow, let\u0027s limit the max length of memcpy().\n\nNote that commit b5f0de6df6dc (\"net: dev: Convert sa_data to flexible\narray in struct sockaddr\") just silenced syzkaller.\n\n[0]:\nmemcpy: detected field-spanning write (size 16) of single field \"r-\u003earp_ha.sa_data\" at net/ipv4/arp.c:1128 (size 14)\nWARNING: CPU: 0 PID: 144638 at net/ipv4/arp.c:1128 arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nModules linked in:\nCPU: 0 PID: 144638 Comm: syz-executor.4 Not tainted 6.1.74 #31\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-debian-1.16.0-5 04/01/2014\nRIP: 0010:arp_req_get+0x411/0x4a0 net/ipv4/arp.c:1128\nCode: fd ff ff e8 41 42 de fb b9 0e 00 00 00 4c 89 fe 48 c7 c2 20 6d ab 87 48 c7 c7 80 6d ab 87 c6 05 25 af 72 04 01 e8 5f 8d ad fb \u003c0f\u003e 0b e9 6c fd ff ff e8 13 42 de fb be 03 00 00 00 4c 89 e7 e8 a6\nRSP: 0018:ffffc900050b7998 EFLAGS: 00010286\nRAX: 0000000000000000 RBX: ffff88803a815000 RCX: 0000000000000000\nRDX: 0000000000000000 RSI: ffffffff8641a44a RDI: 0000000000000001\nRBP: ffffc900050b7a98 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 203a7970636d656d R12: ffff888039c54000\nR13: 1ffff92000a16f37 R14: ffff88803a815084 R15: 0000000000000010\nFS: 00007f172bf306c0(0000) GS:ffff88805aa00000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007f172b3569f0 CR3: 0000000057f12005 CR4: 0000000000770ef0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n arp_ioctl+0x33f/0x4b0 net/ipv4/arp.c:1261\n inet_ioctl+0x314/0x3a0 net/ipv4/af_inet.c:981\n sock_do_ioctl+0xdf/0x260 net/socket.c:1204\n sock_ioctl+0x3ef/0x650 net/socket.c:1321\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18e/0x220 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:51 [inline]\n do_syscall_64+0x37/0x90 arch/x86/entry/common.c:81\n entry_SYSCALL_64_after_hwframe+0x64/0xce\nRIP: 0033:0x7f172b262b8d\nCode: 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007f172bf300b8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007f172b3abf80 RCX: 00007f172b262b8d\nRDX: 0000000020000000 RSI: 0000000000008954 RDI: 0000000000000003\nRBP: 00007f172b2d3493 R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 000000000000000b R14: 00007f172b3abf80 R15: 00007f172bf10000\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26733",
"url": "https://www.suse.com/security/cve/CVE-2024-26733"
},
{
"category": "external",
"summary": "SUSE Bug 1222585 for CVE-2024-26733",
"url": "https://bugzilla.suse.com/1222585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26733"
},
{
"cve": "CVE-2024-26736",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26736"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nafs: Increase buffer size in afs_update_volume_status()\n\nThe max length of volume-\u003evid value is 20 characters.\nSo increase idbuf[] size up to 24 to avoid overflow.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.\n\n[DH: Actually, it\u0027s 20 + NUL, so increase it to 24 and use snprintf()]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26736",
"url": "https://www.suse.com/security/cve/CVE-2024-26736"
},
{
"category": "external",
"summary": "SUSE Bug 1222586 for CVE-2024-26736",
"url": "https://bugzilla.suse.com/1222586"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26736"
},
{
"cve": "CVE-2024-26737",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26737"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix racing between bpf_timer_cancel_and_free and bpf_timer_cancel\n\nThe following race is possible between bpf_timer_cancel_and_free\nand bpf_timer_cancel. It will lead a UAF on the timer-\u003etimer.\n\nbpf_timer_cancel();\n\tspin_lock();\n\tt = timer-\u003etime;\n\tspin_unlock();\n\n\t\t\t\t\tbpf_timer_cancel_and_free();\n\t\t\t\t\t\tspin_lock();\n\t\t\t\t\t\tt = timer-\u003etimer;\n\t\t\t\t\t\ttimer-\u003etimer = NULL;\n\t\t\t\t\t\tspin_unlock();\n\t\t\t\t\t\thrtimer_cancel(\u0026t-\u003etimer);\n\t\t\t\t\t\tkfree(t);\n\n\t/* UAF on t */\n\thrtimer_cancel(\u0026t-\u003etimer);\n\nIn bpf_timer_cancel_and_free, this patch frees the timer-\u003etimer\nafter a rcu grace period. This requires a rcu_head addition\nto the \"struct bpf_hrtimer\". Another kfree(t) happens in bpf_timer_init,\nthis does not need a kfree_rcu because it is still under the\nspin_lock and timer-\u003etimer has not been visible by others yet.\n\nIn bpf_timer_cancel, rcu_read_lock() is added because this helper\ncan be used in a non rcu critical section context (e.g. from\na sleepable bpf prog). Other timer-\u003etimer usages in helpers.c\nhave been audited, bpf_timer_cancel() is the only place where\ntimer-\u003etimer is used outside of the spin_lock.\n\nAnother solution considered is to mark a t-\u003eflag in bpf_timer_cancel\nand clear it after hrtimer_cancel() is done. In bpf_timer_cancel_and_free,\nit busy waits for the flag to be cleared before kfree(t). This patch\ngoes with a straight forward solution and frees timer-\u003etimer after\na rcu grace period.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26737",
"url": "https://www.suse.com/security/cve/CVE-2024-26737"
},
{
"category": "external",
"summary": "SUSE Bug 1222557 for CVE-2024-26737",
"url": "https://bugzilla.suse.com/1222557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26737"
},
{
"cve": "CVE-2024-26739",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26739"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: don\u0027t override retval if we already lost the skb\n\nIf we\u0027re redirecting the skb, and haven\u0027t called tcf_mirred_forward(),\nyet, we need to tell the core to drop the skb by setting the retcode\nto SHOT. If we have called tcf_mirred_forward(), however, the skb\nis out of our hands and returning SHOT will lead to UaF.\n\nMove the retval override to the error path which actually need it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26739",
"url": "https://www.suse.com/security/cve/CVE-2024-26739"
},
{
"category": "external",
"summary": "SUSE Bug 1222559 for CVE-2024-26739",
"url": "https://bugzilla.suse.com/1222559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26739"
},
{
"cve": "CVE-2024-26740",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26740"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: act_mirred: use the backlog for mirred ingress\n\nThe test Davide added in commit ca22da2fbd69 (\"act_mirred: use the backlog\nfor nested calls to mirred ingress\") hangs our testing VMs every 10 or so\nruns, with the familiar tcp_v4_rcv -\u003e tcp_v4_rcv deadlock reported by\nlockdep.\n\nThe problem as previously described by Davide (see Link) is that\nif we reverse flow of traffic with the redirect (egress -\u003e ingress)\nwe may reach the same socket which generated the packet. And we may\nstill be holding its socket lock. The common solution to such deadlocks\nis to put the packet in the Rx backlog, rather than run the Rx path\ninline. Do that for all egress -\u003e ingress reversals, not just once\nwe started to nest mirred calls.\n\nIn the past there was a concern that the backlog indirection will\nlead to loss of error reporting / less accurate stats. But the current\nworkaround does not seem to address the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26740",
"url": "https://www.suse.com/security/cve/CVE-2024-26740"
},
{
"category": "external",
"summary": "SUSE Bug 1222563 for CVE-2024-26740",
"url": "https://bugzilla.suse.com/1222563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26740"
},
{
"cve": "CVE-2024-26742",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26742"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: smartpqi: Fix disable_managed_interrupts\n\nCorrect blk-mq registration issue with module parameter\ndisable_managed_interrupts enabled.\n\nWhen we turn off the default PCI_IRQ_AFFINITY flag, the driver needs to\nregister with blk-mq using blk_mq_map_queues(). The driver is currently\ncalling blk_mq_pci_map_queues() which results in a stack trace and possibly\nundefined behavior.\n\nStack Trace:\n[ 7.860089] scsi host2: smartpqi\n[ 7.871934] WARNING: CPU: 0 PID: 238 at block/blk-mq-pci.c:52 blk_mq_pci_map_queues+0xca/0xd0\n[ 7.889231] Modules linked in: sd_mod t10_pi sg uas smartpqi(+) crc32c_intel scsi_transport_sas usb_storage dm_mirror dm_region_hash dm_log dm_mod ipmi_devintf ipmi_msghandler fuse\n[ 7.924755] CPU: 0 PID: 238 Comm: kworker/0:3 Not tainted 4.18.0-372.88.1.el8_6_smartpqi_test.x86_64 #1\n[ 7.944336] Hardware name: HPE ProLiant DL380 Gen10/ProLiant DL380 Gen10, BIOS U30 03/08/2022\n[ 7.963026] Workqueue: events work_for_cpu_fn\n[ 7.978275] RIP: 0010:blk_mq_pci_map_queues+0xca/0xd0\n[ 7.978278] Code: 48 89 de 89 c7 e8 f6 0f 4f 00 3b 05 c4 b7 8e 01 72 e1 5b 31 c0 5d 41 5c 41 5d 41 5e 41 5f e9 7d df 73 00 31 c0 e9 76 df 73 00 \u003c0f\u003e 0b eb bc 90 90 0f 1f 44 00 00 41 57 49 89 ff 41 56 41 55 41 54\n[ 7.978280] RSP: 0018:ffffa95fc3707d50 EFLAGS: 00010216\n[ 7.978283] RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 0000000000000010\n[ 7.978284] RDX: 0000000000000004 RSI: 0000000000000000 RDI: ffff9190c32d4310\n[ 7.978286] RBP: 0000000000000000 R08: ffffa95fc3707d38 R09: ffff91929b81ac00\n[ 7.978287] R10: 0000000000000001 R11: ffffa95fc3707ac0 R12: 0000000000000000\n[ 7.978288] R13: ffff9190c32d4000 R14: 00000000ffffffff R15: ffff9190c4c950a8\n[ 7.978290] FS: 0000000000000000(0000) GS:ffff9193efc00000(0000) knlGS:0000000000000000\n[ 7.978292] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 8.172814] CR2: 000055d11166c000 CR3: 00000002dae10002 CR4: 00000000007706f0\n[ 8.172816] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 8.172817] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 8.172818] PKRU: 55555554\n[ 8.172819] Call Trace:\n[ 8.172823] blk_mq_alloc_tag_set+0x12e/0x310\n[ 8.264339] scsi_add_host_with_dma.cold.9+0x30/0x245\n[ 8.279302] pqi_ctrl_init+0xacf/0xc8e [smartpqi]\n[ 8.294085] ? pqi_pci_probe+0x480/0x4c8 [smartpqi]\n[ 8.309015] pqi_pci_probe+0x480/0x4c8 [smartpqi]\n[ 8.323286] local_pci_probe+0x42/0x80\n[ 8.337855] work_for_cpu_fn+0x16/0x20\n[ 8.351193] process_one_work+0x1a7/0x360\n[ 8.364462] ? create_worker+0x1a0/0x1a0\n[ 8.379252] worker_thread+0x1ce/0x390\n[ 8.392623] ? create_worker+0x1a0/0x1a0\n[ 8.406295] kthread+0x10a/0x120\n[ 8.418428] ? set_kthread_struct+0x50/0x50\n[ 8.431532] ret_from_fork+0x1f/0x40\n[ 8.444137] ---[ end trace 1bf0173d39354506 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26742",
"url": "https://www.suse.com/security/cve/CVE-2024-26742"
},
{
"category": "external",
"summary": "SUSE Bug 1222608 for CVE-2024-26742",
"url": "https://bugzilla.suse.com/1222608"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26742"
},
{
"cve": "CVE-2024-26756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26756"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Don\u0027t register sync_thread for reshape directly\n\nCurrently, if reshape is interrupted, then reassemble the array will\nregister sync_thread directly from pers-\u003erun(), in this case\n\u0027MD_RECOVERY_RUNNING\u0027 is set directly, however, there is no guarantee\nthat md_do_sync() will be executed, hence stop_sync_thread() will hang\nbecause \u0027MD_RECOVERY_RUNNING\u0027 can\u0027t be cleared.\n\nLast patch make sure that md_do_sync() will set MD_RECOVERY_DONE,\nhowever, following hang can still be triggered by dm-raid test\nshell/lvconvert-raid-reshape.sh occasionally:\n\n[root@fedora ~]# cat /proc/1982/stack\n[\u003c0\u003e] stop_sync_thread+0x1ab/0x270 [md_mod]\n[\u003c0\u003e] md_frozen_sync_thread+0x5c/0xa0 [md_mod]\n[\u003c0\u003e] raid_presuspend+0x1e/0x70 [dm_raid]\n[\u003c0\u003e] dm_table_presuspend_targets+0x40/0xb0 [dm_mod]\n[\u003c0\u003e] __dm_destroy+0x2a5/0x310 [dm_mod]\n[\u003c0\u003e] dm_destroy+0x16/0x30 [dm_mod]\n[\u003c0\u003e] dev_remove+0x165/0x290 [dm_mod]\n[\u003c0\u003e] ctl_ioctl+0x4bb/0x7b0 [dm_mod]\n[\u003c0\u003e] dm_ctl_ioctl+0x11/0x20 [dm_mod]\n[\u003c0\u003e] vfs_ioctl+0x21/0x60\n[\u003c0\u003e] __x64_sys_ioctl+0xb9/0xe0\n[\u003c0\u003e] do_syscall_64+0xc6/0x230\n[\u003c0\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74\n\nMeanwhile mddev-\u003erecovery is:\nMD_RECOVERY_RUNNING |\nMD_RECOVERY_INTR |\nMD_RECOVERY_RESHAPE |\nMD_RECOVERY_FROZEN\n\nFix this problem by remove the code to register sync_thread directly\nfrom raid10 and raid5. And let md_check_recovery() to register\nsync_thread.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26756",
"url": "https://www.suse.com/security/cve/CVE-2024-26756"
},
{
"category": "external",
"summary": "SUSE Bug 1222531 for CVE-2024-26756",
"url": "https://bugzilla.suse.com/1222531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26756"
},
{
"cve": "CVE-2024-26757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26757"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: Don\u0027t ignore read-only array in md_check_recovery()\n\nUsually if the array is not read-write, md_check_recovery() won\u0027t\nregister new sync_thread in the first place. And if the array is\nread-write and sync_thread is registered, md_set_readonly() will\nunregister sync_thread before setting the array read-only. md/raid\nfollow this behavior hence there is no problem.\n\nAfter commit f52f5c71f3d4 (\"md: fix stopping sync thread\"), following\nhang can be triggered by test shell/integrity-caching.sh:\n\n1) array is read-only. dm-raid update super block:\nrs_update_sbs\n ro = mddev-\u003ero\n mddev-\u003ero = 0\n -\u003e set array read-write\n md_update_sb\n\n2) register new sync thread concurrently.\n\n3) dm-raid set array back to read-only:\nrs_update_sbs\n mddev-\u003ero = ro\n\n4) stop the array:\nraid_dtr\n md_stop\n stop_sync_thread\n set_bit(MD_RECOVERY_INTR, \u0026mddev-\u003erecovery);\n md_wakeup_thread_directly(mddev-\u003esync_thread);\n wait_event(..., !test_bit(MD_RECOVERY_RUNNING, \u0026mddev-\u003erecovery))\n\n5) sync thread done:\n md_do_sync\n set_bit(MD_RECOVERY_DONE, \u0026mddev-\u003erecovery);\n md_wakeup_thread(mddev-\u003ethread);\n\n6) daemon thread can\u0027t unregister sync thread:\n md_check_recovery\n if (!md_is_rdwr(mddev) \u0026\u0026\n !test_bit(MD_RECOVERY_NEEDED, \u0026mddev-\u003erecovery))\n return;\n -\u003e -\u003e MD_RECOVERY_RUNNING can\u0027t be cleared, hence step 4 hang;\n\nThe root cause is that dm-raid manipulate \u0027mddev-\u003ero\u0027 by itself,\nhowever, dm-raid really should stop sync thread before setting the\narray read-only. Unfortunately, I need to read more code before I\ncan refacter the handler of \u0027mddev-\u003ero\u0027 in dm-raid, hence let\u0027s fix\nthe problem the easy way for now to prevent dm-raid regression.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26757",
"url": "https://www.suse.com/security/cve/CVE-2024-26757"
},
{
"category": "external",
"summary": "SUSE Bug 1222527 for CVE-2024-26757",
"url": "https://bugzilla.suse.com/1222527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26757"
},
{
"cve": "CVE-2024-26760",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26760"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: pscsi: Fix bio_put() for error case\n\nAs of commit 066ff571011d (\"block: turn bio_kmalloc into a simple kmalloc\nwrapper\"), a bio allocated by bio_kmalloc() must be freed by bio_uninit()\nand kfree(). That is not done properly for the error case, hitting WARN and\nNULL pointer dereference in bio_free().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26760",
"url": "https://www.suse.com/security/cve/CVE-2024-26760"
},
{
"category": "external",
"summary": "SUSE Bug 1222596 for CVE-2024-26760",
"url": "https://bugzilla.suse.com/1222596"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26760"
},
{
"cve": "CVE-2024-267600",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-267600"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-267600",
"url": "https://www.suse.com/security/cve/CVE-2024-267600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "not set"
}
],
"title": "CVE-2024-267600"
},
{
"cve": "CVE-2024-26761",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26761"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window\n\nThe Linux CXL subsystem is built on the assumption that HPA == SPA.\nThat is, the host physical address (HPA) the HDM decoder registers are\nprogrammed with are system physical addresses (SPA).\n\nDuring HDM decoder setup, the DVSEC CXL range registers (cxl-3.1,\n8.1.3.8) are checked if the memory is enabled and the CXL range is in\na HPA window that is described in a CFMWS structure of the CXL host\nbridge (cxl-3.1, 9.18.1.3).\n\nNow, if the HPA is not an SPA, the CXL range does not match a CFMWS\nwindow and the CXL memory range will be disabled then. The HDM decoder\nstops working which causes system memory being disabled and further a\nsystem hang during HDM decoder initialization, typically when a CXL\nenabled kernel boots.\n\nPrevent a system hang and do not disable the HDM decoder if the\ndecoder\u0027s CXL range is not found in a CFMWS window.\n\nNote the change only fixes a hardware hang, but does not implement\nHPA/SPA translation. Support for this can be added in a follow on\npatch series.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26761",
"url": "https://www.suse.com/security/cve/CVE-2024-26761"
},
{
"category": "external",
"summary": "SUSE Bug 1230375 for CVE-2024-26761",
"url": "https://bugzilla.suse.com/1230375"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26761"
},
{
"cve": "CVE-2024-26764",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26764"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Restrict kiocb_set_cancel_fn() to I/O submitted via libaio\n\nIf kiocb_set_cancel_fn() is called for I/O submitted via io_uring, the\nfollowing kernel warning appears:\n\nWARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocb_set_cancel_fn+0x9c/0xa8\nCall trace:\n kiocb_set_cancel_fn+0x9c/0xa8\n ffs_epfile_read_iter+0x144/0x1d0\n io_read+0x19c/0x498\n io_issue_sqe+0x118/0x27c\n io_submit_sqes+0x25c/0x5fc\n __arm64_sys_io_uring_enter+0x104/0xab0\n invoke_syscall+0x58/0x11c\n el0_svc_common+0xb4/0xf4\n do_el0_svc+0x2c/0xb0\n el0_svc+0x2c/0xa4\n el0t_64_sync_handler+0x68/0xb4\n el0t_64_sync+0x1a4/0x1a8\n\nFix this by setting the IOCB_AIO_RW flag for read and write I/O that is\nsubmitted by libaio.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26764",
"url": "https://www.suse.com/security/cve/CVE-2024-26764"
},
{
"category": "external",
"summary": "SUSE Bug 1222721 for CVE-2024-26764",
"url": "https://bugzilla.suse.com/1222721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26764"
},
{
"cve": "CVE-2024-26769",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26769"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvmet-fc: avoid deadlock on delete association path\n\nWhen deleting an association the shutdown path is deadlocking because we\ntry to flush the nvmet_wq nested. Avoid this by deadlock by deferring\nthe put work into its own work item.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26769",
"url": "https://www.suse.com/security/cve/CVE-2024-26769"
},
{
"category": "external",
"summary": "SUSE Bug 1222727 for CVE-2024-26769",
"url": "https://bugzilla.suse.com/1222727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26769"
},
{
"cve": "CVE-2024-26772",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26772"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()\n\nPlaces the logic for checking if the group\u0027s block bitmap is corrupt under\nthe protection of the group lock to avoid allocating blocks from the group\nwith a corrupted block bitmap.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26772",
"url": "https://www.suse.com/security/cve/CVE-2024-26772"
},
{
"category": "external",
"summary": "SUSE Bug 1222613 for CVE-2024-26772",
"url": "https://bugzilla.suse.com/1222613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26772"
},
{
"cve": "CVE-2024-26773",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26773"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocating blocks from corrupted group in ext4_mb_try_best_found()\n\nDetermine if the group block bitmap is corrupted before using ac_b_ex in\next4_mb_try_best_found() to avoid allocating blocks from a group with a\ncorrupted block bitmap in the following concurrency and making the\nsituation worse.\n\next4_mb_regular_allocator\n ext4_lock_group(sb, group)\n ext4_mb_good_group\n // check if the group bbitmap is corrupted\n ext4_mb_complex_scan_group\n // Scan group gets ac_b_ex but doesn\u0027t use it\n ext4_unlock_group(sb, group)\n ext4_mark_group_bitmap_corrupted(group)\n // The block bitmap was corrupted during\n // the group unlock gap.\n ext4_mb_try_best_found\n ext4_lock_group(ac-\u003eac_sb, group)\n ext4_mb_use_best_found\n mb_mark_used\n // Allocating blocks in block bitmap corrupted group",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26773",
"url": "https://www.suse.com/security/cve/CVE-2024-26773"
},
{
"category": "external",
"summary": "SUSE Bug 1222618 for CVE-2024-26773",
"url": "https://bugzilla.suse.com/1222618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26773"
},
{
"cve": "CVE-2024-26774",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26774"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt\n\nDetermine if bb_fragments is 0 instead of determining bb_free to eliminate\nthe risk of dividing by zero when the block bitmap is corrupted.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26774",
"url": "https://www.suse.com/security/cve/CVE-2024-26774"
},
{
"category": "external",
"summary": "SUSE Bug 1222622 for CVE-2024-26774",
"url": "https://bugzilla.suse.com/1222622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26774"
},
{
"cve": "CVE-2024-26775",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26775"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: avoid potential deadlock at set_capacity\n\nMove set_capacity() outside of the section procected by (\u0026d-\u003elock).\nTo avoid possible interrupt unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n[1] lock(\u0026bdev-\u003ebd_size_lock);\n local_irq_disable();\n [2] lock(\u0026d-\u003elock);\n [3] lock(\u0026bdev-\u003ebd_size_lock);\n \u003cInterrupt\u003e\n[4] lock(\u0026d-\u003elock);\n\n *** DEADLOCK ***\n\nWhere [1](\u0026bdev-\u003ebd_size_lock) hold by zram_add()-\u003eset_capacity().\n[2]lock(\u0026d-\u003elock) hold by aoeblk_gdalloc(). And aoeblk_gdalloc()\nis trying to acquire [3](\u0026bdev-\u003ebd_size_lock) at set_capacity() call.\nIn this situation an attempt to acquire [4]lock(\u0026d-\u003elock) from\naoecmd_cfg_rsp() will lead to deadlock.\n\nSo the simplest solution is breaking lock dependency\n[2](\u0026d-\u003elock) -\u003e [3](\u0026bdev-\u003ebd_size_lock) by moving set_capacity()\noutside.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26775",
"url": "https://www.suse.com/security/cve/CVE-2024-26775"
},
{
"category": "external",
"summary": "SUSE Bug 1222627 for CVE-2024-26775",
"url": "https://bugzilla.suse.com/1222627"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26775"
},
{
"cve": "CVE-2024-26779",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26779"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix race condition on enabling fast-xmit\n\nfast-xmit must only be enabled after the sta has been uploaded to the driver,\notherwise it could end up passing the not-yet-uploaded sta via drv_tx calls\nto the driver, leading to potential crashes because of uninitialized drv_priv\ndata.\nAdd a missing sta-\u003euploaded check and re-check fast xmit after inserting a sta.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26779",
"url": "https://www.suse.com/security/cve/CVE-2024-26779"
},
{
"category": "external",
"summary": "SUSE Bug 1222772 for CVE-2024-26779",
"url": "https://bugzilla.suse.com/1222772"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26779"
},
{
"cve": "CVE-2024-26783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26783"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/vmscan: fix a bug calling wakeup_kswapd() with a wrong zone index\n\nWith numa balancing on, when a numa system is running where a numa node\ndoesn\u0027t have its local memory so it has no managed zones, the following\noops has been observed. It\u0027s because wakeup_kswapd() is called with a\nwrong zone index, -1. Fixed it by checking the index before calling\nwakeup_kswapd().\n\n\u003e BUG: unable to handle page fault for address: 00000000000033f3\n\u003e #PF: supervisor read access in kernel mode\n\u003e #PF: error_code(0x0000) - not-present page\n\u003e PGD 0 P4D 0\n\u003e Oops: 0000 [#1] PREEMPT SMP NOPTI\n\u003e CPU: 2 PID: 895 Comm: masim Not tainted 6.6.0-dirty #255\n\u003e Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS\n\u003e rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014\n\u003e RIP: 0010:wakeup_kswapd (./linux/mm/vmscan.c:7812)\n\u003e Code: (omitted)\n\u003e RSP: 0000:ffffc90004257d58 EFLAGS: 00010286\n\u003e RAX: ffffffffffffffff RBX: ffff88883fff0480 RCX: 0000000000000003\n\u003e RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffff88883fff0480\n\u003e RBP: ffffffffffffffff R08: ff0003ffffffffff R09: ffffffffffffffff\n\u003e R10: ffff888106c95540 R11: 0000000055555554 R12: 0000000000000003\n\u003e R13: 0000000000000000 R14: 0000000000000000 R15: ffff88883fff0940\n\u003e FS: 00007fc4b8124740(0000) GS:ffff888827c00000(0000) knlGS:0000000000000000\n\u003e CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\u003e CR2: 00000000000033f3 CR3: 000000026cc08004 CR4: 0000000000770ee0\n\u003e DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n\u003e DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n\u003e PKRU: 55555554\n\u003e Call Trace:\n\u003e \u003cTASK\u003e\n\u003e ? __die\n\u003e ? page_fault_oops\n\u003e ? __pte_offset_map_lock\n\u003e ? exc_page_fault\n\u003e ? asm_exc_page_fault\n\u003e ? wakeup_kswapd\n\u003e migrate_misplaced_page\n\u003e __handle_mm_fault\n\u003e handle_mm_fault\n\u003e do_user_addr_fault\n\u003e exc_page_fault\n\u003e asm_exc_page_fault\n\u003e RIP: 0033:0x55b897ba0808\n\u003e Code: (omitted)\n\u003e RSP: 002b:00007ffeefa821a0 EFLAGS: 00010287\n\u003e RAX: 000055b89983acd0 RBX: 00007ffeefa823f8 RCX: 000055b89983acd0\n\u003e RDX: 00007fc2f8122010 RSI: 0000000000020000 RDI: 000055b89983acd0\n\u003e RBP: 00007ffeefa821a0 R08: 0000000000000037 R09: 0000000000000075\n\u003e R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000\n\u003e R13: 00007ffeefa82410 R14: 000055b897ba5dd8 R15: 00007fc4b8340000\n\u003e \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26783",
"url": "https://www.suse.com/security/cve/CVE-2024-26783"
},
{
"category": "external",
"summary": "SUSE Bug 1222615 for CVE-2024-26783",
"url": "https://bugzilla.suse.com/1222615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26783"
},
{
"cve": "CVE-2024-26786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommufd: Fix iopt_access_list_id overwrite bug\n\nSyzkaller reported the following WARN_ON:\n WARNING: CPU: 1 PID: 4738 at drivers/iommu/iommufd/io_pagetable.c:1360\n\n Call Trace:\n iommufd_access_change_ioas+0x2fe/0x4e0\n iommufd_access_destroy_object+0x50/0xb0\n iommufd_object_remove+0x2a3/0x490\n iommufd_object_destroy_user\n iommufd_access_destroy+0x71/0xb0\n iommufd_test_staccess_release+0x89/0xd0\n __fput+0x272/0xb50\n __fput_sync+0x4b/0x60\n __do_sys_close\n __se_sys_close\n __x64_sys_close+0x8b/0x110\n do_syscall_x64\n\nThe mismatch between the access pointer in the list and the passed-in\npointer is resulting from an overwrite of access-\u003eiopt_access_list_id, in\niopt_add_access(). Called from iommufd_access_change_ioas() when\nxa_alloc() succeeds but iopt_calculate_iova_alignment() fails.\n\nAdd a new_id in iopt_add_access() and only update iopt_access_list_id when\nreturning successfully.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26786",
"url": "https://www.suse.com/security/cve/CVE-2024-26786"
},
{
"category": "external",
"summary": "SUSE Bug 1222780 for CVE-2024-26786",
"url": "https://bugzilla.suse.com/1222780"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26786"
},
{
"cve": "CVE-2024-26791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: dev-replace: properly validate device names\n\nThere\u0027s a syzbot report that device name buffers passed to device\nreplace are not properly checked for string termination which could lead\nto a read out of bounds in getname_kernel().\n\nAdd a helper that validates both source and target device name buffers.\nFor devid as the source initialize the buffer to empty string in case\nsomething tries to read it later.\n\nThis was originally analyzed and fixed in a different way by Edward Adam\nDavis (see links).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26791",
"url": "https://www.suse.com/security/cve/CVE-2024-26791"
},
{
"category": "external",
"summary": "SUSE Bug 1222793 for CVE-2024-26791",
"url": "https://bugzilla.suse.com/1222793"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26791"
},
{
"cve": "CVE-2024-26793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26793"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngtp: fix use-after-free and null-ptr-deref in gtp_newlink()\n\nThe gtp_link_ops operations structure for the subsystem must be\nregistered after registering the gtp_net_ops pernet operations structure.\n\nSyzkaller hit \u0027general protection fault in gtp_genl_dump_pdp\u0027 bug:\n\n[ 1010.702740] gtp: GTP module unloaded\n[ 1010.715877] general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] SMP KASAN NOPTI\n[ 1010.715888] KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]\n[ 1010.715895] CPU: 1 PID: 128616 Comm: a.out Not tainted 6.8.0-rc6-std-def-alt1 #1\n[ 1010.715899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.0-alt1 04/01/2014\n[ 1010.715908] RIP: 0010:gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.715915] Code: 80 3c 02 00 0f 85 41 04 00 00 48 8b bb d8 05 00 00 e8 ed f6 ff ff 48 89 c2 48 89 c5 48 b8 00 00 00 00 00 fc ff df 48 c1 ea 03 \u003c80\u003e 3c 02 00 0f 85 4f 04 00 00 4c 89 e2 4c 8b 6d 00 48 b8 00 00 00\n[ 1010.715920] RSP: 0018:ffff888020fbf180 EFLAGS: 00010203\n[ 1010.715929] RAX: dffffc0000000000 RBX: ffff88800399c000 RCX: 0000000000000000\n[ 1010.715933] RDX: 0000000000000001 RSI: ffffffff84805280 RDI: 0000000000000282\n[ 1010.715938] RBP: 000000000000000d R08: 0000000000000001 R09: 0000000000000000\n[ 1010.715942] R10: 0000000000000001 R11: 0000000000000001 R12: ffff88800399cc80\n[ 1010.715947] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000400\n[ 1010.715953] FS: 00007fd1509ab5c0(0000) GS:ffff88805b300000(0000) knlGS:0000000000000000\n[ 1010.715958] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1010.715962] CR2: 0000000000000000 CR3: 000000001c07a000 CR4: 0000000000750ee0\n[ 1010.715968] PKRU: 55555554\n[ 1010.715972] Call Trace:\n[ 1010.715985] ? __die_body.cold+0x1a/0x1f\n[ 1010.715995] ? die_addr+0x43/0x70\n[ 1010.716002] ? exc_general_protection+0x199/0x2f0\n[ 1010.716016] ? asm_exc_general_protection+0x1e/0x30\n[ 1010.716026] ? gtp_newlink+0x4d7/0x9c0 [gtp]\n[ 1010.716034] ? gtp_net_exit+0x150/0x150 [gtp]\n[ 1010.716042] __rtnl_newlink+0x1063/0x1700\n[ 1010.716051] ? rtnl_setlink+0x3c0/0x3c0\n[ 1010.716063] ? is_bpf_text_address+0xc0/0x1f0\n[ 1010.716070] ? kernel_text_address.part.0+0xbb/0xd0\n[ 1010.716076] ? __kernel_text_address+0x56/0xa0\n[ 1010.716084] ? unwind_get_return_address+0x5a/0xa0\n[ 1010.716091] ? create_prof_cpu_mask+0x30/0x30\n[ 1010.716098] ? arch_stack_walk+0x9e/0xf0\n[ 1010.716106] ? stack_trace_save+0x91/0xd0\n[ 1010.716113] ? stack_trace_consume_entry+0x170/0x170\n[ 1010.716121] ? __lock_acquire+0x15c5/0x5380\n[ 1010.716139] ? mark_held_locks+0x9e/0xe0\n[ 1010.716148] ? kmem_cache_alloc_trace+0x35f/0x3c0\n[ 1010.716155] ? __rtnl_newlink+0x1700/0x1700\n[ 1010.716160] rtnl_newlink+0x69/0xa0\n[ 1010.716166] rtnetlink_rcv_msg+0x43b/0xc50\n[ 1010.716172] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716179] ? lock_acquire+0x1fe/0x560\n[ 1010.716188] ? netlink_deliver_tap+0x12f/0xd50\n[ 1010.716196] netlink_rcv_skb+0x14d/0x440\n[ 1010.716202] ? rtnl_fdb_dump+0x9f0/0x9f0\n[ 1010.716208] ? netlink_ack+0xab0/0xab0\n[ 1010.716213] ? netlink_deliver_tap+0x202/0xd50\n[ 1010.716220] ? netlink_deliver_tap+0x218/0xd50\n[ 1010.716226] ? __virt_addr_valid+0x30b/0x590\n[ 1010.716233] netlink_unicast+0x54b/0x800\n[ 1010.716240] ? netlink_attachskb+0x870/0x870\n[ 1010.716248] ? __check_object_size+0x2de/0x3b0\n[ 1010.716254] netlink_sendmsg+0x938/0xe40\n[ 1010.716261] ? netlink_unicast+0x800/0x800\n[ 1010.716269] ? __import_iovec+0x292/0x510\n[ 1010.716276] ? netlink_unicast+0x800/0x800\n[ 1010.716284] __sock_sendmsg+0x159/0x190\n[ 1010.716290] ____sys_sendmsg+0x712/0x880\n[ 1010.716297] ? sock_write_iter+0x3d0/0x3d0\n[ 1010.716304] ? __ia32_sys_recvmmsg+0x270/0x270\n[ 1010.716309] ? lock_acquire+0x1fe/0x560\n[ 1010.716315] ? drain_array_locked+0x90/0x90\n[ 1010.716324] ___sys_sendmsg+0xf8/0x170\n[ 1010.716331] ? sendmsg_copy_msghdr+0x170/0x170\n[ 1010.716337] ? lockdep_init_map\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26793",
"url": "https://www.suse.com/security/cve/CVE-2024-26793"
},
{
"category": "external",
"summary": "SUSE Bug 1222428 for CVE-2024-26793",
"url": "https://bugzilla.suse.com/1222428"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26793"
},
{
"cve": "CVE-2024-26794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26794"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26794",
"url": "https://www.suse.com/security/cve/CVE-2024-26794"
},
{
"category": "external",
"summary": "SUSE Bug 1222426 for CVE-2024-26794",
"url": "https://bugzilla.suse.com/1222426"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26794"
},
{
"cve": "CVE-2024-26802",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26802"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nstmmac: Clear variable when destroying workqueue\n\nCurrently when suspending driver and stopping workqueue it is checked whether\nworkqueue is not NULL and if so, it is destroyed.\nFunction destroy_workqueue() does drain queue and does clear variable, but\nit does not set workqueue variable to NULL. This can cause kernel/module\npanic if code attempts to clear workqueue that was not initialized.\n\nThis scenario is possible when resuming suspended driver in stmmac_resume(),\nbecause there is no handling for failed stmmac_hw_setup(),\nwhich can fail and return if DMA engine has failed to initialize,\nand workqueue is initialized after DMA engine.\nShould DMA engine fail to initialize, resume will proceed normally,\nbut interface won\u0027t work and TX queue will eventually timeout,\ncausing \u0027Reset adapter\u0027 error.\nThis then does destroy workqueue during reset process.\nAnd since workqueue is initialized after DMA engine and can be skipped,\nit will cause kernel/module panic.\n\nTo secure against this possible crash, set workqueue variable to NULL when\ndestroying workqueue.\n\nLog/backtrace from crash goes as follows:\n[88.031977]------------[ cut here ]------------\n[88.031985]NETDEV WATCHDOG: eth0 (sxgmac): transmit queue 1 timed out\n[88.032017]WARNING: CPU: 0 PID: 0 at net/sched/sch_generic.c:477 dev_watchdog+0x390/0x398\n \u003cSkipping backtrace for watchdog timeout\u003e\n[88.032251]---[ end trace e70de432e4d5c2c0 ]---\n[88.032282]sxgmac 16d88000.ethernet eth0: Reset adapter.\n[88.036359]------------[ cut here ]------------\n[88.036519]Call trace:\n[88.036523] flush_workqueue+0x3e4/0x430\n[88.036528] drain_workqueue+0xc4/0x160\n[88.036533] destroy_workqueue+0x40/0x270\n[88.036537] stmmac_fpe_stop_wq+0x4c/0x70\n[88.036541] stmmac_release+0x278/0x280\n[88.036546] __dev_close_many+0xcc/0x158\n[88.036551] dev_close_many+0xbc/0x190\n[88.036555] dev_close.part.0+0x70/0xc0\n[88.036560] dev_close+0x24/0x30\n[88.036564] stmmac_service_task+0x110/0x140\n[88.036569] process_one_work+0x1d8/0x4a0\n[88.036573] worker_thread+0x54/0x408\n[88.036578] kthread+0x164/0x170\n[88.036583] ret_from_fork+0x10/0x20\n[88.036588]---[ end trace e70de432e4d5c2c1 ]---\n[88.036597]Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26802",
"url": "https://www.suse.com/security/cve/CVE-2024-26802"
},
{
"category": "external",
"summary": "SUSE Bug 1222799 for CVE-2024-26802",
"url": "https://bugzilla.suse.com/1222799"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26802"
},
{
"cve": "CVE-2024-26805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26805"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetlink: Fix kernel-infoleak-after-free in __skb_datagram_iter\n\nsyzbot reported the following uninit-value access issue [1]:\n\nnetlink_to_full_skb() creates a new `skb` and puts the `skb-\u003edata`\npassed as a 1st arg of netlink_to_full_skb() onto new `skb`. The data\nsize is specified as `len` and passed to skb_put_data(). This `len`\nis based on `skb-\u003eend` that is not data offset but buffer offset. The\n`skb-\u003eend` contains data and tailroom. Since the tailroom is not\ninitialized when the new `skb` created, KMSAN detects uninitialized\nmemory area when copying the data.\n\nThis patch resolved this issue by correct the len from `skb-\u003eend` to\n`skb-\u003elen`, which is the actual data offset.\n\nBUG: KMSAN: kernel-infoleak-after-free in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in copy_to_user_iter lib/iov_iter.c:24 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_ubuf include/linux/iov_iter.h:29 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in iterate_and_advance include/linux/iov_iter.h:271 [inline]\nBUG: KMSAN: kernel-infoleak-after-free in _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n copy_to_user_iter lib/iov_iter.c:24 [inline]\n iterate_ubuf include/linux/iov_iter.h:29 [inline]\n iterate_and_advance2 include/linux/iov_iter.h:245 [inline]\n iterate_and_advance include/linux/iov_iter.h:271 [inline]\n _copy_to_iter+0x364/0x2520 lib/iov_iter.c:186\n copy_to_iter include/linux/uio.h:197 [inline]\n simple_copy_to_iter+0x68/0xa0 net/core/datagram.c:532\n __skb_datagram_iter+0x123/0xdc0 net/core/datagram.c:420\n skb_copy_datagram_iter+0x5c/0x200 net/core/datagram.c:546\n skb_copy_datagram_msg include/linux/skbuff.h:3960 [inline]\n packet_recvmsg+0xd9c/0x2000 net/packet/af_packet.c:3482\n sock_recvmsg_nosec net/socket.c:1044 [inline]\n sock_recvmsg net/socket.c:1066 [inline]\n sock_read_iter+0x467/0x580 net/socket.c:1136\n call_read_iter include/linux/fs.h:2014 [inline]\n new_sync_read fs/read_write.c:389 [inline]\n vfs_read+0x8f6/0xe00 fs/read_write.c:470\n ksys_read+0x20f/0x4c0 fs/read_write.c:613\n __do_sys_read fs/read_write.c:623 [inline]\n __se_sys_read fs/read_write.c:621 [inline]\n __x64_sys_read+0x93/0xd0 fs/read_write.c:621\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was stored to memory at:\n skb_put_data include/linux/skbuff.h:2622 [inline]\n netlink_to_full_skb net/netlink/af_netlink.c:181 [inline]\n __netlink_deliver_tap_skb net/netlink/af_netlink.c:298 [inline]\n __netlink_deliver_tap+0x5be/0xc90 net/netlink/af_netlink.c:325\n netlink_deliver_tap net/netlink/af_netlink.c:338 [inline]\n netlink_deliver_tap_kernel net/netlink/af_netlink.c:347 [inline]\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x10f1/0x1250 net/netlink/af_netlink.c:1368\n netlink_sendmsg+0x1238/0x13d0 net/netlink/af_netlink.c:1910\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n ____sys_sendmsg+0x9c2/0xd60 net/socket.c:2584\n ___sys_sendmsg+0x28d/0x3c0 net/socket.c:2638\n __sys_sendmsg net/socket.c:2667 [inline]\n __do_sys_sendmsg net/socket.c:2676 [inline]\n __se_sys_sendmsg net/socket.c:2674 [inline]\n __x64_sys_sendmsg+0x307/0x490 net/socket.c:2674\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0x44/0x110 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n free_pages_prepare mm/page_alloc.c:1087 [inline]\n free_unref_page_prepare+0xb0/0xa40 mm/page_alloc.c:2347\n free_unref_page_list+0xeb/0x1100 mm/page_alloc.c:2533\n release_pages+0x23d3/0x2410 mm/swap.c:1042\n free_pages_and_swap_cache+0xd9/0xf0 mm/swap_state.c:316\n tlb_batch_pages\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26805",
"url": "https://www.suse.com/security/cve/CVE-2024-26805"
},
{
"category": "external",
"summary": "SUSE Bug 1222630 for CVE-2024-26805",
"url": "https://bugzilla.suse.com/1222630"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26805"
},
{
"cve": "CVE-2024-26807",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26807"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBoth cadence-quadspi -\u003eruntime_suspend() and -\u003eruntime_resume()\nimplementations start with:\n\n\tstruct cqspi_st *cqspi = dev_get_drvdata(dev);\n\tstruct spi_controller *host = dev_get_drvdata(dev);\n\nThis obviously cannot be correct, unless \"struct cqspi_st\" is the\nfirst member of \" struct spi_controller\", or the other way around, but\nit is not the case. \"struct spi_controller\" is allocated by\ndevm_spi_alloc_host(), which allocates an extra amount of memory for\nprivate data, used to store \"struct cqspi_st\".\n\nThe -\u003eprobe() function of the cadence-quadspi driver then sets the\ndevice drvdata to store the address of the \"struct cqspi_st\"\nstructure. Therefore:\n\n\tstruct cqspi_st *cqspi = dev_get_drvdata(dev);\n\nis correct, but:\n\n\tstruct spi_controller *host = dev_get_drvdata(dev);\n\nis not, as it makes \"host\" point not to a \"struct spi_controller\" but\nto the same \"struct cqspi_st\" structure as above.\n\nThis obviously leads to bad things (memory corruption, kernel crashes)\ndirectly during -\u003eprobe(), as -\u003eprobe() enables the device using PM\nruntime, leading the -\u003eruntime_resume() hook being called, which in\nturns calls spi_controller_resume() with the wrong pointer.\n\nThis has at least been reported [0] to cause a kernel crash, but the\nexact behavior will depend on the memory contents.\n\n[0] https://lore.kernel.org/all/20240226121803.5a7r5wkpbbowcxgx@dhruva/\n\nThis issue potentially affects all platforms that are currently using\nthe cadence-quadspi driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26807",
"url": "https://www.suse.com/security/cve/CVE-2024-26807"
},
{
"category": "external",
"summary": "SUSE Bug 1222801 for CVE-2024-26807",
"url": "https://bugzilla.suse.com/1222801"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26807"
},
{
"cve": "CVE-2024-26815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/sched: taprio: proper TCA_TAPRIO_TC_ENTRY_INDEX check\n\ntaprio_parse_tc_entry() is not correctly checking\nTCA_TAPRIO_TC_ENTRY_INDEX attribute:\n\n\tint tc; // Signed value\n\n\ttc = nla_get_u32(tb[TCA_TAPRIO_TC_ENTRY_INDEX]);\n\tif (tc \u003e= TC_QOPT_MAX_QUEUE) {\n\t\tNL_SET_ERR_MSG_MOD(extack, \"TC entry index out of range\");\n\t\treturn -ERANGE;\n\t}\n\nsyzbot reported that it could fed arbitary negative values:\n\nUBSAN: shift-out-of-bounds in net/sched/sch_taprio.c:1722:18\nshift exponent -2147418108 is negative\nCPU: 0 PID: 5066 Comm: syz-executor367 Not tainted 6.8.0-rc7-syzkaller-00136-gc8a5c731fd12 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x1e7/0x2e0 lib/dump_stack.c:106\n ubsan_epilogue lib/ubsan.c:217 [inline]\n __ubsan_handle_shift_out_of_bounds+0x3c7/0x420 lib/ubsan.c:386\n taprio_parse_tc_entry net/sched/sch_taprio.c:1722 [inline]\n taprio_parse_tc_entries net/sched/sch_taprio.c:1768 [inline]\n taprio_change+0xb87/0x57d0 net/sched/sch_taprio.c:1877\n taprio_init+0x9da/0xc80 net/sched/sch_taprio.c:2134\n qdisc_create+0x9d4/0x1190 net/sched/sch_api.c:1355\n tc_modify_qdisc+0xa26/0x1e40 net/sched/sch_api.c:1776\n rtnetlink_rcv_msg+0x885/0x1040 net/core/rtnetlink.c:6617\n netlink_rcv_skb+0x1e3/0x430 net/netlink/af_netlink.c:2543\n netlink_unicast_kernel net/netlink/af_netlink.c:1341 [inline]\n netlink_unicast+0x7ea/0x980 net/netlink/af_netlink.c:1367\n netlink_sendmsg+0xa3b/0xd70 net/netlink/af_netlink.c:1908\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x221/0x270 net/socket.c:745\n ____sys_sendmsg+0x525/0x7d0 net/socket.c:2584\n ___sys_sendmsg net/socket.c:2638 [inline]\n __sys_sendmsg+0x2b0/0x3a0 net/socket.c:2667\n do_syscall_64+0xf9/0x240\n entry_SYSCALL_64_after_hwframe+0x6f/0x77\nRIP: 0033:0x7f1b2dea3759\nCode: 48 83 c4 28 c3 e8 d7 19 00 00 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffd4de452f8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\nRAX: ffffffffffffffda RBX: 00007f1b2def0390 RCX: 00007f1b2dea3759\nRDX: 0000000000000000 RSI: 00000000200007c0 RDI: 0000000000000004\nRBP: 0000000000000003 R08: 0000555500000000 R09: 0000555500000000\nR10: 0000555500000000 R11: 0000000000000246 R12: 00007ffd4de45340\nR13: 00007ffd4de45310 R14: 0000000000000001 R15: 00007ffd4de45340",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26815",
"url": "https://www.suse.com/security/cve/CVE-2024-26815"
},
{
"category": "external",
"summary": "SUSE Bug 1222635 for CVE-2024-26815",
"url": "https://bugzilla.suse.com/1222635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26815"
},
{
"cve": "CVE-2024-26816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26816"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86, relocs: Ignore relocations in .notes section\n\nWhen building with CONFIG_XEN_PV=y, .text symbols are emitted into\nthe .notes section so that Xen can find the \"startup_xen\" entry point.\nThis information is used prior to booting the kernel, so relocations\nare not useful. In fact, performing relocations against the .notes\nsection means that the KASLR base is exposed since /sys/kernel/notes\nis world-readable.\n\nTo avoid leaking the KASLR base without breaking unprivileged tools that\nare expecting to read /sys/kernel/notes, skip performing relocations in\nthe .notes section. The values readable in .notes are then identical to\nthose found in System.map.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26816",
"url": "https://www.suse.com/security/cve/CVE-2024-26816"
},
{
"category": "external",
"summary": "SUSE Bug 1222624 for CVE-2024-26816",
"url": "https://bugzilla.suse.com/1222624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26816"
},
{
"cve": "CVE-2024-26822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: set correct id, uid and cruid for multiuser automounts\n\nWhen uid, gid and cruid are not specified, we need to dynamically\nset them into the filesystem context used for automounting otherwise\nthey\u0027ll end up reusing the values from the parent mount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26822",
"url": "https://www.suse.com/security/cve/CVE-2024-26822"
},
{
"category": "external",
"summary": "SUSE Bug 1223011 for CVE-2024-26822",
"url": "https://bugzilla.suse.com/1223011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26822"
},
{
"cve": "CVE-2024-26828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: fix underflow in parse_server_interfaces()\n\nIn this loop, we step through the buffer and after each item we check\nif the size_left is greater than the minimum size we need. However,\nthe problem is that \"bytes_left\" is type ssize_t while sizeof() is type\nsize_t. That means that because of type promotion, the comparison is\ndone as an unsigned and if we have negative bytes left the loop\ncontinues instead of ending.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26828",
"url": "https://www.suse.com/security/cve/CVE-2024-26828"
},
{
"category": "external",
"summary": "SUSE Bug 1223084 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223084"
},
{
"category": "external",
"summary": "SUSE Bug 1223363 for CVE-2024-26828",
"url": "https://bugzilla.suse.com/1223363"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-26828"
},
{
"cve": "CVE-2024-26832",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26832"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: zswap: fix missing folio cleanup in writeback race path\n\nIn zswap_writeback_entry(), after we get a folio from\n__read_swap_cache_async(), we grab the tree lock again to check that the\nswap entry was not invalidated and recycled. If it was, we delete the\nfolio we just added to the swap cache and exit.\n\nHowever, __read_swap_cache_async() returns the folio locked when it is\nnewly allocated, which is always true for this path, and the folio is\nref\u0027d. Make sure to unlock and put the folio before returning.\n\nThis was discovered by code inspection, probably because this path handles\na race condition that should not happen often, and the bug would not crash\nthe system, it will only strand the folio indefinitely.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26832",
"url": "https://www.suse.com/security/cve/CVE-2024-26832"
},
{
"category": "external",
"summary": "SUSE Bug 1223007 for CVE-2024-26832",
"url": "https://bugzilla.suse.com/1223007"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26832"
},
{
"cve": "CVE-2024-26836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/x86: think-lmi: Fix password opcode ordering for workstations\n\nThe Lenovo workstations require the password opcode to be run before\nthe attribute value is changed (if Admin password is enabled).\n\nTested on some Thinkpads to confirm they are OK with this order too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26836",
"url": "https://www.suse.com/security/cve/CVE-2024-26836"
},
{
"category": "external",
"summary": "SUSE Bug 1222968 for CVE-2024-26836",
"url": "https://bugzilla.suse.com/1222968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26836"
},
{
"cve": "CVE-2024-26844",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26844"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: Fix WARNING in _copy_from_iter\n\nSyzkaller reports a warning in _copy_from_iter because an\niov_iter is supposedly used in the wrong direction. The reason\nis that syzcaller managed to generate a request with\na transfer direction of SG_DXFER_TO_FROM_DEV. This instructs\nthe kernel to copy user buffers into the kernel, read into\nthe copied buffers and then copy the data back to user space.\n\nThus the iovec is used in both directions.\n\nDetect this situation in the block layer and construct a new\niterator with the correct direction for the copy-in.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26844",
"url": "https://www.suse.com/security/cve/CVE-2024-26844"
},
{
"category": "external",
"summary": "SUSE Bug 1223015 for CVE-2024-26844",
"url": "https://bugzilla.suse.com/1223015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26844"
},
{
"cve": "CVE-2024-26846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme-fc: do not wait in vain when unloading module\n\nThe module exit path has race between deleting all controllers and\nfreeing \u0027left over IDs\u0027. To prevent double free a synchronization\nbetween nvme_delete_ctrl and ida_destroy has been added by the initial\ncommit.\n\nThere is some logic around trying to prevent from hanging forever in\nwait_for_completion, though it does not handling all cases. E.g.\nblktests is able to reproduce the situation where the module unload\nhangs forever.\n\nIf we completely rely on the cleanup code executed from the\nnvme_delete_ctrl path, all IDs will be freed eventually. This makes\ncalling ida_destroy unnecessary. We only have to ensure that all\nnvme_delete_ctrl code has been executed before we leave\nnvme_fc_exit_module. This is done by flushing the nvme_delete_wq\nworkqueue.\n\nWhile at it, remove the unused nvme_fc_wq workqueue too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26846",
"url": "https://www.suse.com/security/cve/CVE-2024-26846"
},
{
"category": "external",
"summary": "SUSE Bug 1223023 for CVE-2024-26846",
"url": "https://bugzilla.suse.com/1223023"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26846"
},
{
"cve": "CVE-2024-26848",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26848"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26848",
"url": "https://www.suse.com/security/cve/CVE-2024-26848"
},
{
"category": "external",
"summary": "SUSE Bug 1223030 for CVE-2024-26848",
"url": "https://bugzilla.suse.com/1223030"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26848"
},
{
"cve": "CVE-2024-26853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26853"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nigc: avoid returning frame twice in XDP_REDIRECT\n\nWhen a frame can not be transmitted in XDP_REDIRECT\n(e.g. due to a full queue), it is necessary to free\nit by calling xdp_return_frame_rx_napi.\n\nHowever, this is the responsibility of the caller of\nthe ndo_xdp_xmit (see for example bq_xmit_all in\nkernel/bpf/devmap.c) and thus calling it inside\nigc_xdp_xmit (which is the ndo_xdp_xmit of the igc\ndriver) as well will lead to memory corruption.\n\nIn fact, bq_xmit_all expects that it can return all\nframes after the last successfully transmitted one.\nTherefore, break for the first not transmitted frame,\nbut do not call xdp_return_frame_rx_napi in igc_xdp_xmit.\nThis is equally implemented in other Intel drivers\nsuch as the igb.\n\nThere are two alternatives to this that were rejected:\n1. Return num_frames as all the frames would have been\n transmitted and release them inside igc_xdp_xmit.\n While it might work technically, it is not what\n the return value is meant to represent (i.e. the\n number of SUCCESSFULLY transmitted packets).\n2. Rework kernel/bpf/devmap.c and all drivers to\n support non-consecutively dropped packets.\n Besides being complex, it likely has a negative\n performance impact without a significant gain\n since it is anyway unlikely that the next frame\n can be transmitted if the previous one was dropped.\n\nThe memory corruption can be reproduced with\nthe following script which leads to a kernel panic\nafter a few seconds. It basically generates more\ntraffic than a i225 NIC can transmit and pushes it\nvia XDP_REDIRECT from a virtual interface to the\nphysical interface where frames get dropped.\n\n #!/bin/bash\n INTERFACE=enp4s0\n INTERFACE_IDX=`cat /sys/class/net/$INTERFACE/ifindex`\n\n sudo ip link add dev veth1 type veth peer name veth2\n sudo ip link set up $INTERFACE\n sudo ip link set up veth1\n sudo ip link set up veth2\n\n cat \u003c\u003c EOF \u003e redirect.bpf.c\n\n SEC(\"prog\")\n int redirect(struct xdp_md *ctx)\n {\n return bpf_redirect($INTERFACE_IDX, 0);\n }\n\n char _license[] SEC(\"license\") = \"GPL\";\n EOF\n clang -O2 -g -Wall -target bpf -c redirect.bpf.c -o redirect.bpf.o\n sudo ip link set veth2 xdp obj redirect.bpf.o\n\n cat \u003c\u003c EOF \u003e pass.bpf.c\n\n SEC(\"prog\")\n int pass(struct xdp_md *ctx)\n {\n return XDP_PASS;\n }\n\n char _license[] SEC(\"license\") = \"GPL\";\n EOF\n clang -O2 -g -Wall -target bpf -c pass.bpf.c -o pass.bpf.o\n sudo ip link set $INTERFACE xdp obj pass.bpf.o\n\n cat \u003c\u003c EOF \u003e trafgen.cfg\n\n {\n /* Ethernet Header */\n 0xe8, 0x6a, 0x64, 0x41, 0xbf, 0x46,\n 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF,\n const16(ETH_P_IP),\n\n /* IPv4 Header */\n 0b01000101, 0, # IPv4 version, IHL, TOS\n const16(1028), # IPv4 total length (UDP length + 20 bytes (IP header))\n const16(2), # IPv4 ident\n 0b01000000, 0, # IPv4 flags, fragmentation off\n 64, # IPv4 TTL\n 17, # Protocol UDP\n csumip(14, 33), # IPv4 checksum\n\n /* UDP Header */\n 10, 0, 1, 1, # IP Src - adapt as needed\n 10, 0, 1, 2, # IP Dest - adapt as needed\n const16(6666), # UDP Src Port\n const16(6666), # UDP Dest Port\n const16(1008), # UDP length (UDP header 8 bytes + payload length)\n csumudp(14, 34), # UDP checksum\n\n /* Payload */\n fill(\u0027W\u0027, 1000),\n }\n EOF\n\n sudo trafgen -i trafgen.cfg -b3000MB -o veth1 --cpp",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26853",
"url": "https://www.suse.com/security/cve/CVE-2024-26853"
},
{
"category": "external",
"summary": "SUSE Bug 1223061 for CVE-2024-26853",
"url": "https://bugzilla.suse.com/1223061"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26853"
},
{
"cve": "CVE-2024-26854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix uninitialized dplls mutex usage\n\nThe pf-\u003edplls.lock mutex is initialized too late, after its first use.\nMove it to the top of ice_dpll_init.\nNote that the \"err_exit\" error path destroys the mutex. And the mutex is\nthe last thing destroyed in ice_dpll_deinit.\nThis fixes the following warning with CONFIG_DEBUG_MUTEXES:\n\n ice 0000:10:00.0: The DDP package was successfully loaded: ICE OS Default Package version 1.3.36.0\n ice 0000:10:00.0: 252.048 Gb/s available PCIe bandwidth (16.0 GT/s PCIe x16 link)\n ice 0000:10:00.0: PTP init successful\n ------------[ cut here ]------------\n DEBUG_LOCKS_WARN_ON(lock-\u003emagic != lock)\n WARNING: CPU: 0 PID: 410 at kernel/locking/mutex.c:587 __mutex_lock+0x773/0xd40\n Modules linked in: crct10dif_pclmul crc32_pclmul crc32c_intel polyval_clmulni polyval_generic ice(+) nvme nvme_c\u003e\n CPU: 0 PID: 410 Comm: kworker/0:4 Not tainted 6.8.0-rc5+ #3\n Hardware name: HPE ProLiant DL110 Gen10 Plus/ProLiant DL110 Gen10 Plus, BIOS U56 10/19/2023\n Workqueue: events work_for_cpu_fn\n RIP: 0010:__mutex_lock+0x773/0xd40\n Code: c0 0f 84 1d f9 ff ff 44 8b 35 0d 9c 69 01 45 85 f6 0f 85 0d f9 ff ff 48 c7 c6 12 a2 a9 85 48 c7 c7 12 f1 a\u003e\n RSP: 0018:ff7eb1a3417a7ae0 EFLAGS: 00010286\n RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000000\n RDX: 0000000000000002 RSI: ffffffff85ac2bff RDI: 00000000ffffffff\n RBP: ff7eb1a3417a7b80 R08: 0000000000000000 R09: 00000000ffffbfff\n R10: ff7eb1a3417a7978 R11: ff32b80f7fd2e568 R12: 0000000000000000\n R13: 0000000000000000 R14: 0000000000000000 R15: ff32b7f02c50e0d8\n FS: 0000000000000000(0000) GS:ff32b80efe800000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 000055b5852cc000 CR3: 000000003c43a004 CR4: 0000000000771ef0\n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n PKRU: 55555554\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x84/0x170\n ? __mutex_lock+0x773/0xd40\n ? report_bug+0x1c7/0x1d0\n ? prb_read_valid+0x1b/0x30\n ? handle_bug+0x42/0x70\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __mutex_lock+0x773/0xd40\n ? rcu_is_watching+0x11/0x50\n ? __kmalloc_node_track_caller+0x346/0x490\n ? ice_dpll_lock_status_get+0x28/0x50 [ice]\n ? __pfx_ice_dpll_lock_status_get+0x10/0x10 [ice]\n ? ice_dpll_lock_status_get+0x28/0x50 [ice]\n ice_dpll_lock_status_get+0x28/0x50 [ice]\n dpll_device_get_one+0x14f/0x2e0\n dpll_device_event_send+0x7d/0x150\n dpll_device_register+0x124/0x180\n ice_dpll_init_dpll+0x7b/0xd0 [ice]\n ice_dpll_init+0x224/0xa40 [ice]\n ? _dev_info+0x70/0x90\n ice_load+0x468/0x690 [ice]\n ice_probe+0x75b/0xa10 [ice]\n ? _raw_spin_unlock_irqrestore+0x4f/0x80\n ? process_one_work+0x1a3/0x500\n local_pci_probe+0x47/0xa0\n work_for_cpu_fn+0x17/0x30\n process_one_work+0x20d/0x500\n worker_thread+0x1df/0x3e0\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x103/0x140\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n irq event stamp: 125197\n hardirqs last enabled at (125197): [\u003cffffffff8416409d\u003e] finish_task_switch.isra.0+0x12d/0x3d0\n hardirqs last disabled at (125196): [\u003cffffffff85134044\u003e] __schedule+0xea4/0x19f0\n softirqs last enabled at (105334): [\u003cffffffff84e1e65a\u003e] napi_get_frags_check+0x1a/0x60\n softirqs last disabled at (105332): [\u003cffffffff84e1e65a\u003e] napi_get_frags_check+0x1a/0x60\n ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26854",
"url": "https://www.suse.com/security/cve/CVE-2024-26854"
},
{
"category": "external",
"summary": "SUSE Bug 1223039 for CVE-2024-26854",
"url": "https://bugzilla.suse.com/1223039"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26854"
},
{
"cve": "CVE-2024-26855",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26855"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ice: Fix potential NULL pointer dereference in ice_bridge_setlink()\n\nThe function ice_bridge_setlink() may encounter a NULL pointer dereference\nif nlmsg_find_attr() returns NULL and br_spec is dereferenced subsequently\nin nla_for_each_nested(). To address this issue, add a check to ensure that\nbr_spec is not NULL before proceeding with the nested attribute iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26855",
"url": "https://www.suse.com/security/cve/CVE-2024-26855"
},
{
"category": "external",
"summary": "SUSE Bug 1223051 for CVE-2024-26855",
"url": "https://bugzilla.suse.com/1223051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26855"
},
{
"cve": "CVE-2024-26856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sparx5: Fix use after free inside sparx5_del_mact_entry\n\nBased on the static analyzis of the code it looks like when an entry\nfrom the MAC table was removed, the entry was still used after being\nfreed. More precise the vid of the mac_entry was used after calling\ndevm_kfree on the mac_entry.\nThe fix consists in first using the vid of the mac_entry to delete the\nentry from the HW and after that to free it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26856",
"url": "https://www.suse.com/security/cve/CVE-2024-26856"
},
{
"category": "external",
"summary": "SUSE Bug 1223052 for CVE-2024-26856",
"url": "https://bugzilla.suse.com/1223052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26856"
},
{
"cve": "CVE-2024-26857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26857"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: make sure to pull inner header in geneve_rx()\n\nsyzbot triggered a bug in geneve_rx() [1]\n\nIssue is similar to the one I fixed in commit 8d975c15c0cd\n(\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\n[1]\nBUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in geneve_rx drivers/net/geneve.c:279 [inline]\n BUG: KMSAN: uninit-value in geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n geneve_rx drivers/net/geneve.c:279 [inline]\n geneve_udp_encap_recv+0x36f9/0x3c10 drivers/net/geneve.c:391\n udp_queue_rcv_one_skb+0x1d39/0x1f20 net/ipv4/udp.c:2108\n udp_queue_rcv_skb+0x6ae/0x6e0 net/ipv4/udp.c:2186\n udp_unicast_rcv_skb+0x184/0x4b0 net/ipv4/udp.c:2346\n __udp4_lib_rcv+0x1c6b/0x3010 net/ipv4/udp.c:2422\n udp_rcv+0x7d/0xa0 net/ipv4/udp.c:2604\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n process_backlog+0x480/0x8b0 net/core/dev.c:5976\n __napi_poll+0xe3/0x980 net/core/dev.c:6576\n napi_poll net/core/dev.c:6645 [inline]\n net_rx_action+0x8b8/0x1870 net/core/dev.c:6778\n __do_softirq+0x1b7/0x7c5 kernel/softirq.c:553\n do_softirq+0x9a/0xf0 kernel/softirq.c:454\n __local_bh_enable_ip+0x9b/0xa0 kernel/softirq.c:381\n local_bh_enable include/linux/bottom_half.h:33 [inline]\n rcu_read_unlock_bh include/linux/rcupdate.h:820 [inline]\n __dev_queue_xmit+0x2768/0x51c0 net/core/dev.c:4378\n dev_queue_xmit include/linux/netdevice.h:3171 [inline]\n packet_xmit+0x9c/0x6b0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8aef/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3819 [inline]\n slab_alloc_node mm/slub.c:3860 [inline]\n kmem_cache_alloc_node+0x5cb/0xbc0 mm/slub.c:3903\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:560\n __alloc_skb+0x352/0x790 net/core/skbuff.c:651\n alloc_skb include/linux/skbuff.h:1296 [inline]\n alloc_skb_with_frags+0xc8/0xbd0 net/core/skbuff.c:6394\n sock_alloc_send_pskb+0xa80/0xbf0 net/core/sock.c:2783\n packet_alloc_skb net/packet/af_packet.c:2930 [inline]\n packet_snd net/packet/af_packet.c:3024 [inline]\n packet_sendmsg+0x70c2/0x9f10 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg net/socket.c:745 [inline]\n __sys_sendto+0x735/0xa10 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1c0 net/socket.c:2199\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26857",
"url": "https://www.suse.com/security/cve/CVE-2024-26857"
},
{
"category": "external",
"summary": "SUSE Bug 1223058 for CVE-2024-26857",
"url": "https://bugzilla.suse.com/1223058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26857"
},
{
"cve": "CVE-2024-26858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26858"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map\n\nJust simply reordering the functions mlx5e_ptp_metadata_map_put and\nmlx5e_ptpsq_track_metadata in the mlx5e_txwqe_complete context is not good\nenough since both the compiler and CPU are free to reorder these two\nfunctions. If reordering does occur, the issue that was supposedly fixed by\n7e3f3ba97e6c (\"net/mlx5e: Track xmit submission to PTP WQ after populating\nmetadata map\") will be seen. This will lead to NULL pointer dereferences in\nmlx5e_ptpsq_mark_ts_cqes_undelivered in the NAPI polling context due to the\ntracking list being populated before the metadata map.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26858",
"url": "https://www.suse.com/security/cve/CVE-2024-26858"
},
{
"category": "external",
"summary": "SUSE Bug 1223020 for CVE-2024-26858",
"url": "https://bugzilla.suse.com/1223020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26858"
},
{
"cve": "CVE-2024-26860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-integrity: fix a memory leak when rechecking the data\n\nMemory for the \"checksums\" pointer will leak if the data is rechecked\nafter checksum failure (because the associated kfree won\u0027t happen due\nto \u0027goto skip_io\u0027).\n\nFix this by freeing the checksums memory before recheck, and just use\nthe \"checksum_onstack\" memory for storing checksum during recheck.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26860",
"url": "https://www.suse.com/security/cve/CVE-2024-26860"
},
{
"category": "external",
"summary": "SUSE Bug 1223077 for CVE-2024-26860",
"url": "https://bugzilla.suse.com/1223077"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26860"
},
{
"cve": "CVE-2024-26861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: receive: annotate data-race around receiving_counter.counter\n\nSyzkaller with KCSAN identified a data-race issue when accessing\nkeypair-\u003ereceiving_counter.counter. Use READ_ONCE() and WRITE_ONCE()\nannotations to mark the data race as intentional.\n\n BUG: KCSAN: data-race in wg_packet_decrypt_worker / wg_packet_rx_poll\n\n write to 0xffff888107765888 of 8 bytes by interrupt on cpu 0:\n counter_validate drivers/net/wireguard/receive.c:321 [inline]\n wg_packet_rx_poll+0x3ac/0xf00 drivers/net/wireguard/receive.c:461\n __napi_poll+0x60/0x3b0 net/core/dev.c:6536\n napi_poll net/core/dev.c:6605 [inline]\n net_rx_action+0x32b/0x750 net/core/dev.c:6738\n __do_softirq+0xc4/0x279 kernel/softirq.c:553\n do_softirq+0x5e/0x90 kernel/softirq.c:454\n __local_bh_enable_ip+0x64/0x70 kernel/softirq.c:381\n __raw_spin_unlock_bh include/linux/spinlock_api_smp.h:167 [inline]\n _raw_spin_unlock_bh+0x36/0x40 kernel/locking/spinlock.c:210\n spin_unlock_bh include/linux/spinlock.h:396 [inline]\n ptr_ring_consume_bh include/linux/ptr_ring.h:367 [inline]\n wg_packet_decrypt_worker+0x6c5/0x700 drivers/net/wireguard/receive.c:499\n process_one_work kernel/workqueue.c:2633 [inline]\n ...\n\n read to 0xffff888107765888 of 8 bytes by task 3196 on cpu 1:\n decrypt_packet drivers/net/wireguard/receive.c:252 [inline]\n wg_packet_decrypt_worker+0x220/0x700 drivers/net/wireguard/receive.c:501\n process_one_work kernel/workqueue.c:2633 [inline]\n process_scheduled_works+0x5b8/0xa30 kernel/workqueue.c:2706\n worker_thread+0x525/0x730 kernel/workqueue.c:2787\n ...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26861",
"url": "https://www.suse.com/security/cve/CVE-2024-26861"
},
{
"category": "external",
"summary": "SUSE Bug 1223076 for CVE-2024-26861",
"url": "https://bugzilla.suse.com/1223076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26861"
},
{
"cve": "CVE-2024-26862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npacket: annotate data-races around ignore_outgoing\n\nignore_outgoing is read locklessly from dev_queue_xmit_nit()\nand packet_getsockopt()\n\nAdd appropriate READ_ONCE()/WRITE_ONCE() annotations.\n\nsyzbot reported:\n\nBUG: KCSAN: data-race in dev_queue_xmit_nit / packet_setsockopt\n\nwrite to 0xffff888107804542 of 1 bytes by task 22618 on cpu 0:\n packet_setsockopt+0xd83/0xfd0 net/packet/af_packet.c:4003\n do_sock_setsockopt net/socket.c:2311 [inline]\n __sys_setsockopt+0x1d8/0x250 net/socket.c:2334\n __do_sys_setsockopt net/socket.c:2343 [inline]\n __se_sys_setsockopt net/socket.c:2340 [inline]\n __x64_sys_setsockopt+0x66/0x80 net/socket.c:2340\n do_syscall_64+0xd3/0x1d0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nread to 0xffff888107804542 of 1 bytes by task 27 on cpu 1:\n dev_queue_xmit_nit+0x82/0x620 net/core/dev.c:2248\n xmit_one net/core/dev.c:3527 [inline]\n dev_hard_start_xmit+0xcc/0x3f0 net/core/dev.c:3547\n __dev_queue_xmit+0xf24/0x1dd0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n batadv_send_skb_packet+0x264/0x300 net/batman-adv/send.c:108\n batadv_send_broadcast_skb+0x24/0x30 net/batman-adv/send.c:127\n batadv_iv_ogm_send_to_if net/batman-adv/bat_iv_ogm.c:392 [inline]\n batadv_iv_ogm_emit net/batman-adv/bat_iv_ogm.c:420 [inline]\n batadv_iv_send_outstanding_bat_ogm_packet+0x3f0/0x4b0 net/batman-adv/bat_iv_ogm.c:1700\n process_one_work kernel/workqueue.c:3254 [inline]\n process_scheduled_works+0x465/0x990 kernel/workqueue.c:3335\n worker_thread+0x526/0x730 kernel/workqueue.c:3416\n kthread+0x1d1/0x210 kernel/kthread.c:388\n ret_from_fork+0x4b/0x60 arch/x86/kernel/process.c:147\n ret_from_fork_asm+0x1a/0x30 arch/x86/entry/entry_64.S:243\n\nvalue changed: 0x00 -\u003e 0x01\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 1 PID: 27 Comm: kworker/u8:1 Tainted: G W 6.8.0-syzkaller-08073-g480e035fc4c7 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024\nWorkqueue: bat_events batadv_iv_send_outstanding_bat_ogm_packet",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26862",
"url": "https://www.suse.com/security/cve/CVE-2024-26862"
},
{
"category": "external",
"summary": "SUSE Bug 1223111 for CVE-2024-26862",
"url": "https://bugzilla.suse.com/1223111"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26862"
},
{
"cve": "CVE-2024-26866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: lpspi: Avoid potential use-after-free in probe()\n\nfsl_lpspi_probe() is allocating/disposing memory manually with\nspi_alloc_host()/spi_alloc_target(), but uses\ndevm_spi_register_controller(). In case of error after the latter call the\nmemory will be explicitly freed in the probe function by\nspi_controller_put() call, but used afterwards by \"devm\" management outside\nprobe() (spi_unregister_controller() \u003c- devm_spi_unregister() below).\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000070\n...\nCall trace:\n kernfs_find_ns\n kernfs_find_and_get_ns\n sysfs_remove_group\n sysfs_remove_groups\n device_remove_attrs\n device_del\n spi_unregister_controller\n devm_spi_unregister\n release_nodes\n devres_release_all\n really_probe\n driver_probe_device\n __device_attach_driver\n bus_for_each_drv\n __device_attach\n device_initial_probe\n bus_probe_device\n deferred_probe_work_func\n process_one_work\n worker_thread\n kthread\n ret_from_fork",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26866",
"url": "https://www.suse.com/security/cve/CVE-2024-26866"
},
{
"category": "external",
"summary": "SUSE Bug 1223024 for CVE-2024-26866",
"url": "https://bugzilla.suse.com/1223024"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26866"
},
{
"cve": "CVE-2024-26868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix panic when nfs4_ff_layout_prepare_ds() fails\n\nWe\u0027ve been seeing the following panic in production\n\nBUG: kernel NULL pointer dereference, address: 0000000000000065\nPGD 2f485f067 P4D 2f485f067 PUD 2cc5d8067 PMD 0\nRIP: 0010:ff_layout_cancel_io+0x3a/0x90 [nfs_layout_flexfiles]\nCall Trace:\n \u003cTASK\u003e\n ? __die+0x78/0xc0\n ? page_fault_oops+0x286/0x380\n ? __rpc_execute+0x2c3/0x470 [sunrpc]\n ? rpc_new_task+0x42/0x1c0 [sunrpc]\n ? exc_page_fault+0x5d/0x110\n ? asm_exc_page_fault+0x22/0x30\n ? ff_layout_free_layoutreturn+0x110/0x110 [nfs_layout_flexfiles]\n ? ff_layout_cancel_io+0x3a/0x90 [nfs_layout_flexfiles]\n ? ff_layout_cancel_io+0x6f/0x90 [nfs_layout_flexfiles]\n pnfs_mark_matching_lsegs_return+0x1b0/0x360 [nfsv4]\n pnfs_error_mark_layout_for_return+0x9e/0x110 [nfsv4]\n ? ff_layout_send_layouterror+0x50/0x160 [nfs_layout_flexfiles]\n nfs4_ff_layout_prepare_ds+0x11f/0x290 [nfs_layout_flexfiles]\n ff_layout_pg_init_write+0xf0/0x1f0 [nfs_layout_flexfiles]\n __nfs_pageio_add_request+0x154/0x6c0 [nfs]\n nfs_pageio_add_request+0x26b/0x380 [nfs]\n nfs_do_writepage+0x111/0x1e0 [nfs]\n nfs_writepages_callback+0xf/0x30 [nfs]\n write_cache_pages+0x17f/0x380\n ? nfs_pageio_init_write+0x50/0x50 [nfs]\n ? nfs_writepages+0x6d/0x210 [nfs]\n ? nfs_writepages+0x6d/0x210 [nfs]\n nfs_writepages+0x125/0x210 [nfs]\n do_writepages+0x67/0x220\n ? generic_perform_write+0x14b/0x210\n filemap_fdatawrite_wbc+0x5b/0x80\n file_write_and_wait_range+0x6d/0xc0\n nfs_file_fsync+0x81/0x170 [nfs]\n ? nfs_file_mmap+0x60/0x60 [nfs]\n __x64_sys_fsync+0x53/0x90\n do_syscall_64+0x3d/0x90\n entry_SYSCALL_64_after_hwframe+0x46/0xb0\n\nInspecting the core with drgn I was able to pull this\n\n \u003e\u003e\u003e prog.crashed_thread().stack_trace()[0]\n #0 at 0xffffffffa079657a (ff_layout_cancel_io+0x3a/0x84) in ff_layout_cancel_io at fs/nfs/flexfilelayout/flexfilelayout.c:2021:27\n \u003e\u003e\u003e prog.crashed_thread().stack_trace()[0][\u0027idx\u0027]\n (u32)1\n \u003e\u003e\u003e prog.crashed_thread().stack_trace()[0][\u0027flseg\u0027].mirror_array[1].mirror_ds\n (struct nfs4_ff_layout_ds *)0xffffffffffffffed\n\nThis is clear from the stack trace, we call nfs4_ff_layout_prepare_ds()\nwhich could error out initializing the mirror_ds, and then we go to\nclean it all up and our check is only for if (!mirror-\u003emirror_ds). This\nis inconsistent with the rest of the users of mirror_ds, which have\n\n if (IS_ERR_OR_NULL(mirror_ds))\n\nto keep from tripping over this exact scenario. Fix this up in\nff_layout_cancel_io() to make sure we don\u0027t panic when we get an error.\nI also spot checked all the other instances of checking mirror_ds and we\nappear to be doing the correct checks everywhere, only unconditionally\ndereferencing mirror_ds when we know it would be valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26868",
"url": "https://www.suse.com/security/cve/CVE-2024-26868"
},
{
"category": "external",
"summary": "SUSE Bug 1223038 for CVE-2024-26868",
"url": "https://bugzilla.suse.com/1223038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26868"
},
{
"cve": "CVE-2024-26870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102\n\nA call to listxattr() with a buffer size = 0 returns the actual\nsize of the buffer needed for a subsequent call. When size \u003e 0,\nnfs4_listxattr() does not return an error because either\ngeneric_listxattr() or nfs4_listxattr_nfs4_label() consumes\nexactly all the bytes then size is 0 when calling\nnfs4_listxattr_nfs4_user() which then triggers the following\nkernel BUG:\n\n [ 99.403778] kernel BUG at mm/usercopy.c:102!\n [ 99.404063] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP\n [ 99.408463] CPU: 0 PID: 3310 Comm: python3 Not tainted 6.6.0-61.fc40.aarch64 #1\n [ 99.415827] Call trace:\n [ 99.415985] usercopy_abort+0x70/0xa0\n [ 99.416227] __check_heap_object+0x134/0x158\n [ 99.416505] check_heap_object+0x150/0x188\n [ 99.416696] __check_object_size.part.0+0x78/0x168\n [ 99.416886] __check_object_size+0x28/0x40\n [ 99.417078] listxattr+0x8c/0x120\n [ 99.417252] path_listxattr+0x78/0xe0\n [ 99.417476] __arm64_sys_listxattr+0x28/0x40\n [ 99.417723] invoke_syscall+0x78/0x100\n [ 99.417929] el0_svc_common.constprop.0+0x48/0xf0\n [ 99.418186] do_el0_svc+0x24/0x38\n [ 99.418376] el0_svc+0x3c/0x110\n [ 99.418554] el0t_64_sync_handler+0x120/0x130\n [ 99.418788] el0t_64_sync+0x194/0x198\n [ 99.418994] Code: aa0003e3 d000a3e0 91310000 97f49bdb (d4210000)\n\nIssue is reproduced when generic_listxattr() returns \u0027system.nfs4_acl\u0027,\nthus calling lisxattr() with size = 16 will trigger the bug.\n\nAdd check on nfs4_listxattr() to return ERANGE error when it is\ncalled with size \u003e 0 and the return value is greater than size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26870",
"url": "https://www.suse.com/security/cve/CVE-2024-26870"
},
{
"category": "external",
"summary": "SUSE Bug 1223113 for CVE-2024-26870",
"url": "https://bugzilla.suse.com/1223113"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26870"
},
{
"cve": "CVE-2024-26878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nquota: Fix potential NULL pointer dereference\n\nBelow race may cause NULL pointer dereference\n\nP1\t\t\t\t\tP2\ndquot_free_inode\t\t\tquota_off\n\t\t\t\t\t drop_dquot_ref\n\t\t\t\t\t remove_dquot_ref\n\t\t\t\t\t dquots = i_dquot(inode)\n dquots = i_dquot(inode)\n srcu_read_lock\n dquots[cnt]) != NULL (1)\n\t\t\t\t\t dquots[type] = NULL (2)\n spin_lock(\u0026dquots[cnt]-\u003edq_dqb_lock) (3)\n ....\n\nIf dquot_free_inode(or other routines) checks inode\u0027s quota pointers (1)\nbefore quota_off sets it to NULL(2) and use it (3) after that, NULL pointer\ndereference will be triggered.\n\nSo let\u0027s fix it by using a temporary pointer to avoid this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26878",
"url": "https://www.suse.com/security/cve/CVE-2024-26878"
},
{
"category": "external",
"summary": "SUSE Bug 1223060 for CVE-2024-26878",
"url": "https://bugzilla.suse.com/1223060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26878"
},
{
"cve": "CVE-2024-26881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26881"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when 1588 is received on HIP08 devices\n\nThe HIP08 devices does not register the ptp devices, so the\nhdev-\u003eptp is NULL, but the hardware can receive 1588 messages,\nand set the HNS3_RXD_TS_VLD_B bit, so, if match this case, the\naccess of hdev-\u003eptp-\u003eflags will cause a kernel crash:\n\n[ 5888.946472] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018\n[ 5888.946475] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000018\n...\n[ 5889.266118] pc : hclge_ptp_get_rx_hwts+0x40/0x170 [hclge]\n[ 5889.272612] lr : hclge_ptp_get_rx_hwts+0x34/0x170 [hclge]\n[ 5889.279101] sp : ffff800012c3bc50\n[ 5889.283516] x29: ffff800012c3bc50 x28: ffff2040002be040\n[ 5889.289927] x27: ffff800009116484 x26: 0000000080007500\n[ 5889.296333] x25: 0000000000000000 x24: ffff204001c6f000\n[ 5889.302738] x23: ffff204144f53c00 x22: 0000000000000000\n[ 5889.309134] x21: 0000000000000000 x20: ffff204004220080\n[ 5889.315520] x19: ffff204144f53c00 x18: 0000000000000000\n[ 5889.321897] x17: 0000000000000000 x16: 0000000000000000\n[ 5889.328263] x15: 0000004000140ec8 x14: 0000000000000000\n[ 5889.334617] x13: 0000000000000000 x12: 00000000010011df\n[ 5889.340965] x11: bbfeff4d22000000 x10: 0000000000000000\n[ 5889.347303] x9 : ffff800009402124 x8 : 0200f78811dfbb4d\n[ 5889.353637] x7 : 2200000000191b01 x6 : ffff208002a7d480\n[ 5889.359959] x5 : 0000000000000000 x4 : 0000000000000000\n[ 5889.366271] x3 : 0000000000000000 x2 : 0000000000000000\n[ 5889.372567] x1 : 0000000000000000 x0 : ffff20400095c080\n[ 5889.378857] Call trace:\n[ 5889.382285] hclge_ptp_get_rx_hwts+0x40/0x170 [hclge]\n[ 5889.388304] hns3_handle_bdinfo+0x324/0x410 [hns3]\n[ 5889.394055] hns3_handle_rx_bd+0x60/0x150 [hns3]\n[ 5889.399624] hns3_clean_rx_ring+0x84/0x170 [hns3]\n[ 5889.405270] hns3_nic_common_poll+0xa8/0x220 [hns3]\n[ 5889.411084] napi_poll+0xcc/0x264\n[ 5889.415329] net_rx_action+0xd4/0x21c\n[ 5889.419911] __do_softirq+0x130/0x358\n[ 5889.424484] irq_exit+0x134/0x154\n[ 5889.428700] __handle_domain_irq+0x88/0xf0\n[ 5889.433684] gic_handle_irq+0x78/0x2c0\n[ 5889.438319] el1_irq+0xb8/0x140\n[ 5889.442354] arch_cpu_idle+0x18/0x40\n[ 5889.446816] default_idle_call+0x5c/0x1c0\n[ 5889.451714] cpuidle_idle_call+0x174/0x1b0\n[ 5889.456692] do_idle+0xc8/0x160\n[ 5889.460717] cpu_startup_entry+0x30/0xfc\n[ 5889.465523] secondary_start_kernel+0x158/0x1ec\n[ 5889.470936] Code: 97ffab78 f9411c14 91408294 f9457284 (f9400c80)\n[ 5889.477950] SMP: stopping secondary CPUs\n[ 5890.514626] SMP: failed to stop secondary CPUs 0-69,71-95\n[ 5890.522951] Starting crashdump kernel...",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26881",
"url": "https://www.suse.com/security/cve/CVE-2024-26881"
},
{
"category": "external",
"summary": "SUSE Bug 1223041 for CVE-2024-26881",
"url": "https://bugzilla.suse.com/1223041"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26881"
},
{
"cve": "CVE-2024-26882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26882"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ip_tunnel: make sure to pull inner header in ip_tunnel_rcv()\n\nApply the same fix than ones found in :\n\n8d975c15c0cd (\"ip6_tunnel: make sure to pull inner header in __ip6_tnl_rcv()\")\n1ca1ba465e55 (\"geneve: make sure to pull inner header in geneve_rx()\")\n\nWe have to save skb-\u003enetwork_header in a temporary variable\nin order to be able to recompute the network_header pointer\nafter a pskb_inet_may_pull() call.\n\npskb_inet_may_pull() makes sure the needed headers are in skb-\u003ehead.\n\nsyzbot reported:\nBUG: KMSAN: uninit-value in __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n BUG: KMSAN: uninit-value in INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n BUG: KMSAN: uninit-value in IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n BUG: KMSAN: uninit-value in ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409\n __INET_ECN_decapsulate include/net/inet_ecn.h:253 [inline]\n INET_ECN_decapsulate include/net/inet_ecn.h:275 [inline]\n IP_ECN_decapsulate include/net/inet_ecn.h:302 [inline]\n ip_tunnel_rcv+0xed9/0x2ed0 net/ipv4/ip_tunnel.c:409\n __ipgre_rcv+0x9bc/0xbc0 net/ipv4/ip_gre.c:389\n ipgre_rcv net/ipv4/ip_gre.c:411 [inline]\n gre_rcv+0x423/0x19f0 net/ipv4/ip_gre.c:447\n gre_rcv+0x2a4/0x390 net/ipv4/gre_demux.c:163\n ip_protocol_deliver_rcu+0x264/0x1300 net/ipv4/ip_input.c:205\n ip_local_deliver_finish+0x2b8/0x440 net/ipv4/ip_input.c:233\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_local_deliver+0x21f/0x490 net/ipv4/ip_input.c:254\n dst_input include/net/dst.h:461 [inline]\n ip_rcv_finish net/ipv4/ip_input.c:449 [inline]\n NF_HOOK include/linux/netfilter.h:314 [inline]\n ip_rcv+0x46f/0x760 net/ipv4/ip_input.c:569\n __netif_receive_skb_one_core net/core/dev.c:5534 [inline]\n __netif_receive_skb+0x1a6/0x5a0 net/core/dev.c:5648\n netif_receive_skb_internal net/core/dev.c:5734 [inline]\n netif_receive_skb+0x58/0x660 net/core/dev.c:5793\n tun_rx_batched+0x3ee/0x980 drivers/net/tun.c:1556\n tun_get_user+0x53b9/0x66e0 drivers/net/tun.c:2009\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055\n call_write_iter include/linux/fs.h:2087 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb6b/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b\n\nUninit was created at:\n __alloc_pages+0x9a6/0xe00 mm/page_alloc.c:4590\n alloc_pages_mpol+0x62b/0x9d0 mm/mempolicy.c:2133\n alloc_pages+0x1be/0x1e0 mm/mempolicy.c:2204\n skb_page_frag_refill+0x2bf/0x7c0 net/core/sock.c:2909\n tun_build_skb drivers/net/tun.c:1686 [inline]\n tun_get_user+0xe0a/0x66e0 drivers/net/tun.c:1826\n tun_chr_write_iter+0x3af/0x5d0 drivers/net/tun.c:2055\n call_write_iter include/linux/fs.h:2087 [inline]\n new_sync_write fs/read_write.c:497 [inline]\n vfs_write+0xb6b/0x1520 fs/read_write.c:590\n ksys_write+0x20f/0x4c0 fs/read_write.c:643\n __do_sys_write fs/read_write.c:655 [inline]\n __se_sys_write fs/read_write.c:652 [inline]\n __x64_sys_write+0x93/0xd0 fs/read_write.c:652\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x63/0x6b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26882",
"url": "https://www.suse.com/security/cve/CVE-2024-26882"
},
{
"category": "external",
"summary": "SUSE Bug 1223034 for CVE-2024-26882",
"url": "https://bugzilla.suse.com/1223034"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26882"
},
{
"cve": "CVE-2024-26883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stackmap overflow check on 32-bit arches\n\nThe stackmap code relies on roundup_pow_of_two() to compute the number\nof hash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code.\n\nThe commit in the fixes tag actually attempted to fix this, but the fix\ndid not account for the UB, so the fix only works on CPUs where an\noverflow does result in a neat truncation to zero, which is not\nguaranteed. Checking the value before rounding does not have this\nproblem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26883",
"url": "https://www.suse.com/security/cve/CVE-2024-26883"
},
{
"category": "external",
"summary": "SUSE Bug 1223035 for CVE-2024-26883",
"url": "https://bugzilla.suse.com/1223035"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26883"
},
{
"cve": "CVE-2024-26884",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26884"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix hashtab overflow check on 32-bit arches\n\nThe hashtab code relies on roundup_pow_of_two() to compute the number of\nhash buckets, and contains an overflow check by checking if the\nresulting value is 0. However, on 32-bit arches, the roundup code itself\ncan overflow by doing a 32-bit left-shift of an unsigned long value,\nwhich is undefined behaviour, so it is not guaranteed to truncate\nneatly. This was triggered by syzbot on the DEVMAP_HASH type, which\ncontains the same check, copied from the hashtab code. So apply the same\nfix to hashtab, by moving the overflow check to before the roundup.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26884",
"url": "https://www.suse.com/security/cve/CVE-2024-26884"
},
{
"category": "external",
"summary": "SUSE Bug 1223189 for CVE-2024-26884",
"url": "https://bugzilla.suse.com/1223189"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26884"
},
{
"cve": "CVE-2024-26885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix DEVMAP_HASH overflow check on 32-bit arches\n\nThe devmap code allocates a number hash buckets equal to the next power\nof two of the max_entries value provided when creating the map. When\nrounding up to the next power of two, the 32-bit variable storing the\nnumber of buckets can overflow, and the code checks for overflow by\nchecking if the truncated 32-bit value is equal to 0. However, on 32-bit\narches the rounding up itself can overflow mid-way through, because it\nends up doing a left-shift of 32 bits on an unsigned long value. If the\nsize of an unsigned long is four bytes, this is undefined behaviour, so\nthere is no guarantee that we\u0027ll end up with a nice and tidy 0-value at\nthe end.\n\nSyzbot managed to turn this into a crash on arm32 by creating a\nDEVMAP_HASH with max_entries \u003e 0x80000000 and then trying to update it.\nFix this by moving the overflow check to before the rounding up\noperation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26885",
"url": "https://www.suse.com/security/cve/CVE-2024-26885"
},
{
"category": "external",
"summary": "SUSE Bug 1223190 for CVE-2024-26885",
"url": "https://bugzilla.suse.com/1223190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26885"
},
{
"cve": "CVE-2024-26898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naoe: fix the potential use-after-free problem in aoecmd_cfg_pkts\n\nThis patch is against CVE-2023-6270. The description of cve is:\n\n A flaw was found in the ATA over Ethernet (AoE) driver in the Linux\n kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on\n `struct net_device`, and a use-after-free can be triggered by racing\n between the free on the struct and the access through the `skbtxq`\n global queue. This could lead to a denial of service condition or\n potential code execution.\n\nIn aoecmd_cfg_pkts(), it always calls dev_put(ifp) when skb initial\ncode is finished. But the net_device ifp will still be used in\nlater tx()-\u003edev_queue_xmit() in kthread. Which means that the\ndev_put(ifp) should NOT be called in the success path of skb\ninitial code in aoecmd_cfg_pkts(). Otherwise tx() may run into\nuse-after-free because the net_device is freed.\n\nThis patch removed the dev_put(ifp) in the success path in\naoecmd_cfg_pkts(), and added dev_put() after skb xmit in tx().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26898",
"url": "https://www.suse.com/security/cve/CVE-2024-26898"
},
{
"category": "external",
"summary": "SUSE Bug 1218562 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1218562"
},
{
"category": "external",
"summary": "SUSE Bug 1223016 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223016"
},
{
"category": "external",
"summary": "SUSE Bug 1223017 for CVE-2024-26898",
"url": "https://bugzilla.suse.com/1223017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-26898"
},
{
"cve": "CVE-2024-26899",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26899"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix deadlock between bd_link_disk_holder and partition scan\n\n\u0027open_mutex\u0027 of gendisk is used to protect open/close block devices. But\nin bd_link_disk_holder(), it is used to protect the creation of symlink\nbetween holding disk and slave bdev, which introduces some issues.\n\nWhen bd_link_disk_holder() is called, the driver is usually in the process\nof initialization/modification and may suspend submitting io. At this\ntime, any io hold \u0027open_mutex\u0027, such as scanning partitions, can cause\ndeadlocks. For example, in raid:\n\nT1 T2\nbdev_open_by_dev\n lock open_mutex [1]\n ...\n efi_partition\n ...\n md_submit_bio\n\t\t\t\tmd_ioctl mddev_syspend\n\t\t\t\t -\u003e suspend all io\n\t\t\t\t md_add_new_disk\n\t\t\t\t bind_rdev_to_array\n\t\t\t\t bd_link_disk_holder\n\t\t\t\t try lock open_mutex [2]\n md_handle_request\n -\u003e wait mddev_resume\n\nT1 scan partition, T2 add a new device to raid. T1 waits for T2 to resume\nmddev, but T2 waits for open_mutex held by T1. Deadlock occurs.\n\nFix it by introducing a local mutex \u0027blk_holder_mutex\u0027 to replace\n\u0027open_mutex\u0027.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26899",
"url": "https://www.suse.com/security/cve/CVE-2024-26899"
},
{
"category": "external",
"summary": "SUSE Bug 1223045 for CVE-2024-26899",
"url": "https://bugzilla.suse.com/1223045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26899"
},
{
"cve": "CVE-2024-26900",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26900"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix kmemleak of rdev-\u003eserial\n\nIf kobject_add() is fail in bind_rdev_to_array(), \u0027rdev-\u003eserial\u0027 will be\nalloc not be freed, and kmemleak occurs.\n\nunreferenced object 0xffff88815a350000 (size 49152):\n comm \"mdadm\", pid 789, jiffies 4294716910\n hex dump (first 32 bytes):\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n backtrace (crc f773277a):\n [\u003c0000000058b0a453\u003e] kmemleak_alloc+0x61/0xe0\n [\u003c00000000366adf14\u003e] __kmalloc_large_node+0x15e/0x270\n [\u003c000000002e82961b\u003e] __kmalloc_node.cold+0x11/0x7f\n [\u003c00000000f206d60a\u003e] kvmalloc_node+0x74/0x150\n [\u003c0000000034bf3363\u003e] rdev_init_serial+0x67/0x170\n [\u003c0000000010e08fe9\u003e] mddev_create_serial_pool+0x62/0x220\n [\u003c00000000c3837bf0\u003e] bind_rdev_to_array+0x2af/0x630\n [\u003c0000000073c28560\u003e] md_add_new_disk+0x400/0x9f0\n [\u003c00000000770e30ff\u003e] md_ioctl+0x15bf/0x1c10\n [\u003c000000006cfab718\u003e] blkdev_ioctl+0x191/0x3f0\n [\u003c0000000085086a11\u003e] vfs_ioctl+0x22/0x60\n [\u003c0000000018b656fe\u003e] __x64_sys_ioctl+0xba/0xe0\n [\u003c00000000e54e675e\u003e] do_syscall_64+0x71/0x150\n [\u003c000000008b0ad622\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26900",
"url": "https://www.suse.com/security/cve/CVE-2024-26900"
},
{
"category": "external",
"summary": "SUSE Bug 1223046 for CVE-2024-26900",
"url": "https://bugzilla.suse.com/1223046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26900"
},
{
"cve": "CVE-2024-26901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndo_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak\n\nsyzbot identified a kernel information leak vulnerability in\ndo_sys_name_to_handle() and issued the following report [1].\n\n[1]\n\"BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\nBUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x100 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n do_sys_name_to_handle fs/fhandle.c:73 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x949/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nUninit was created at:\n slab_post_alloc_hook+0x129/0xa70 mm/slab.h:768\n slab_alloc_node mm/slub.c:3478 [inline]\n __kmem_cache_alloc_node+0x5c9/0x970 mm/slub.c:3517\n __do_kmalloc_node mm/slab_common.c:1006 [inline]\n __kmalloc+0x121/0x3c0 mm/slab_common.c:1020\n kmalloc include/linux/slab.h:604 [inline]\n do_sys_name_to_handle fs/fhandle.c:39 [inline]\n __do_sys_name_to_handle_at fs/fhandle.c:112 [inline]\n __se_sys_name_to_handle_at+0x441/0xb10 fs/fhandle.c:94\n __x64_sys_name_to_handle_at+0xe4/0x140 fs/fhandle.c:94\n ...\n\nBytes 18-19 of 20 are uninitialized\nMemory access of size 20 starts at ffff888128a46380\nData copied to user address 0000000020000240\"\n\nPer Chuck Lever\u0027s suggestion, use kzalloc() instead of kmalloc() to\nsolve the problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26901",
"url": "https://www.suse.com/security/cve/CVE-2024-26901"
},
{
"category": "external",
"summary": "SUSE Bug 1223198 for CVE-2024-26901",
"url": "https://bugzilla.suse.com/1223198"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26901"
},
{
"cve": "CVE-2024-26903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: rfcomm: Fix null-ptr-deref in rfcomm_check_security\n\nDuring our fuzz testing of the connection and disconnection process at the\nRFCOMM layer, we discovered this bug. By comparing the packets from a\nnormal connection and disconnection process with the testcase that\ntriggered a KASAN report. We analyzed the cause of this bug as follows:\n\n1. In the packets captured during a normal connection, the host sends a\n`Read Encryption Key Size` type of `HCI_CMD` packet\n(Command Opcode: 0x1408) to the controller to inquire the length of\nencryption key.After receiving this packet, the controller immediately\nreplies with a Command Completepacket (Event Code: 0x0e) to return the\nEncryption Key Size.\n\n2. In our fuzz test case, the timing of the controller\u0027s response to this\npacket was delayed to an unexpected point: after the RFCOMM and L2CAP\nlayers had disconnected but before the HCI layer had disconnected.\n\n3. After receiving the Encryption Key Size Response at the time described\nin point 2, the host still called the rfcomm_check_security function.\nHowever, by this time `struct l2cap_conn *conn = l2cap_pi(sk)-\u003echan-\u003econn;`\nhad already been released, and when the function executed\n`return hci_conn_security(conn-\u003ehcon, d-\u003esec_level, auth_type, d-\u003eout);`,\nspecifically when accessing `conn-\u003ehcon`, a null-ptr-deref error occurred.\n\nTo fix this bug, check if `sk-\u003esk_state` is BT_CLOSED before calling\nrfcomm_recv_frame in rfcomm_process_rx.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26903",
"url": "https://www.suse.com/security/cve/CVE-2024-26903"
},
{
"category": "external",
"summary": "SUSE Bug 1223187 for CVE-2024-26903",
"url": "https://bugzilla.suse.com/1223187"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26903"
},
{
"cve": "CVE-2024-26906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm: Disallow vsyscall page read for copy_from_kernel_nofault()\n\nWhen trying to use copy_from_kernel_nofault() to read vsyscall page\nthrough a bpf program, the following oops was reported:\n\n BUG: unable to handle page fault for address: ffffffffff600000\n #PF: supervisor read access in kernel mode\n #PF: error_code(0x0000) - not-present page\n PGD 3231067 P4D 3231067 PUD 3233067 PMD 3235067 PTE 0\n Oops: 0000 [#1] PREEMPT SMP PTI\n CPU: 1 PID: 20390 Comm: test_progs ...... 6.7.0+ #58\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ......\n RIP: 0010:copy_from_kernel_nofault+0x6f/0x110\n ......\n Call Trace:\n \u003cTASK\u003e\n ? copy_from_kernel_nofault+0x6f/0x110\n bpf_probe_read_kernel+0x1d/0x50\n bpf_prog_2061065e56845f08_do_probe_read+0x51/0x8d\n trace_call_bpf+0xc5/0x1c0\n perf_call_bpf_enter.isra.0+0x69/0xb0\n perf_syscall_enter+0x13e/0x200\n syscall_trace_enter+0x188/0x1c0\n do_syscall_64+0xb5/0xe0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n \u003c/TASK\u003e\n ......\n ---[ end trace 0000000000000000 ]---\n\nThe oops is triggered when:\n\n1) A bpf program uses bpf_probe_read_kernel() to read from the vsyscall\npage and invokes copy_from_kernel_nofault() which in turn calls\n__get_user_asm().\n\n2) Because the vsyscall page address is not readable from kernel space,\na page fault exception is triggered accordingly.\n\n3) handle_page_fault() considers the vsyscall page address as a user\nspace address instead of a kernel space address. This results in the\nfix-up setup by bpf not being applied and a page_fault_oops() is invoked\ndue to SMAP.\n\nConsidering handle_page_fault() has already considered the vsyscall page\naddress as a userspace address, fix the problem by disallowing vsyscall\npage read for copy_from_kernel_nofault().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26906",
"url": "https://www.suse.com/security/cve/CVE-2024-26906"
},
{
"category": "external",
"summary": "SUSE Bug 1223202 for CVE-2024-26906",
"url": "https://bugzilla.suse.com/1223202"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26906"
},
{
"cve": "CVE-2024-26909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: qcom: pmic_glink_altmode: fix drm bridge use-after-free\n\nA recent DRM series purporting to simplify support for \"transparent\nbridges\" and handling of probe deferrals ironically exposed a\nuse-after-free issue on pmic_glink_altmode probe deferral.\n\nThis has manifested itself as the display subsystem occasionally failing\nto initialise and NULL-pointer dereferences during boot of machines like\nthe Lenovo ThinkPad X13s.\n\nSpecifically, the dp-hpd bridge is currently registered before all\nresources have been acquired which means that it can also be\nderegistered on probe deferrals.\n\nIn the meantime there is a race window where the new aux bridge driver\n(or PHY driver previously) may have looked up the dp-hpd bridge and\nstored a (non-reference-counted) pointer to the bridge which is about to\nbe deallocated.\n\nWhen the display controller is later initialised, this triggers a\nuse-after-free when attaching the bridges:\n\n\tdp -\u003e aux -\u003e dp-hpd (freed)\n\nwhich may, for example, result in the freed bridge failing to attach:\n\n\t[drm:drm_bridge_attach [drm]] *ERROR* failed to attach bridge /soc@0/phy@88eb000 to encoder TMDS-31: -16\n\nor a NULL-pointer dereference:\n\n\tUnable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n\t...\n\tCall trace:\n\t drm_bridge_attach+0x70/0x1a8 [drm]\n\t drm_aux_bridge_attach+0x24/0x38 [aux_bridge]\n\t drm_bridge_attach+0x80/0x1a8 [drm]\n\t dp_bridge_init+0xa8/0x15c [msm]\n\t msm_dp_modeset_init+0x28/0xc4 [msm]\n\nThe DRM bridge implementation is clearly fragile and implicitly built on\nthe assumption that bridges may never go away. In this case, the fix is\nto move the bridge registration in the pmic_glink_altmode driver to\nafter all resources have been looked up.\n\nIncidentally, with the new dp-hpd bridge implementation, which registers\nchild devices, this is also a requirement due to a long-standing issue\nin driver core that can otherwise lead to a probe deferral loop (see\ncommit fbc35b45f9f6 (\"Add documentation on meaning of -EPROBE_DEFER\")).\n\n[DB: slightly fixed commit message by adding the word \u0027commit\u0027]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26909",
"url": "https://www.suse.com/security/cve/CVE-2024-26909"
},
{
"category": "external",
"summary": "SUSE Bug 1223143 for CVE-2024-26909",
"url": "https://bugzilla.suse.com/1223143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26909"
},
{
"cve": "CVE-2024-26921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninet: inet_defrag: prevent sk release while still in use\n\nip_local_out() and other functions can pass skb-\u003esk as function argument.\n\nIf the skb is a fragment and reassembly happens before such function call\nreturns, the sk must not be released.\n\nThis affects skb fragments reassembled via netfilter or similar\nmodules, e.g. openvswitch or ct_act.c, when run as part of tx pipeline.\n\nEric Dumazet made an initial analysis of this bug. Quoting Eric:\n Calling ip_defrag() in output path is also implying skb_orphan(),\n which is buggy because output path relies on sk not disappearing.\n\n A relevant old patch about the issue was :\n 8282f27449bf (\"inet: frag: Always orphan skbs inside ip_defrag()\")\n\n [..]\n\n net/ipv4/ip_output.c depends on skb-\u003esk being set, and probably to an\n inet socket, not an arbitrary one.\n\n If we orphan the packet in ipvlan, then downstream things like FQ\n packet scheduler will not work properly.\n\n We need to change ip_defrag() to only use skb_orphan() when really\n needed, ie whenever frag_list is going to be used.\n\nEric suggested to stash sk in fragment queue and made an initial patch.\nHowever there is a problem with this:\n\nIf skb is refragmented again right after, ip_do_fragment() will copy\nhead-\u003esk to the new fragments, and sets up destructor to sock_wfree.\nIOW, we have no choice but to fix up sk_wmem accouting to reflect the\nfully reassembled skb, else wmem will underflow.\n\nThis change moves the orphan down into the core, to last possible moment.\nAs ip_defrag_offset is aliased with sk_buff-\u003esk member, we must move the\noffset into the FRAG_CB, else skb-\u003esk gets clobbered.\n\nThis allows to delay the orphaning long enough to learn if the skb has\nto be queued or if the skb is completing the reasm queue.\n\nIn the former case, things work as before, skb is orphaned. This is\nsafe because skb gets queued/stolen and won\u0027t continue past reasm engine.\n\nIn the latter case, we will steal the skb-\u003esk reference, reattach it to\nthe head skb, and fix up wmem accouting when inet_frag inflates truesize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26921",
"url": "https://www.suse.com/security/cve/CVE-2024-26921"
},
{
"category": "external",
"summary": "SUSE Bug 1223138 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223138"
},
{
"category": "external",
"summary": "SUSE Bug 1223139 for CVE-2024-26921",
"url": "https://bugzilla.suse.com/1223139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26921"
},
{
"cve": "CVE-2024-26922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: validate the parameters of bo mapping operations more clearly\n\nVerify the parameters of\namdgpu_vm_bo_(map/replace_map/clearing_mappings) in one common place.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26922",
"url": "https://www.suse.com/security/cve/CVE-2024-26922"
},
{
"category": "external",
"summary": "SUSE Bug 1223315 for CVE-2024-26922",
"url": "https://bugzilla.suse.com/1223315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26922"
},
{
"cve": "CVE-2024-26923",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26923"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: Fix garbage collector racing against connect()\n\nGarbage collector does not take into account the risk of embryo getting\nenqueued during the garbage collection. If such embryo has a peer that\ncarries SCM_RIGHTS, two consecutive passes of scan_children() may see a\ndifferent set of children. Leading to an incorrectly elevated inflight\ncount, and then a dangling pointer within the gc_inflight_list.\n\nsockets are AF_UNIX/SOCK_STREAM\nS is an unconnected socket\nL is a listening in-flight socket bound to addr, not in fdtable\nV\u0027s fd will be passed via sendmsg(), gets inflight count bumped\n\nconnect(S, addr)\tsendmsg(S, [V]); close(V)\t__unix_gc()\n----------------\t-------------------------\t-----------\n\nNS = unix_create1()\nskb1 = sock_wmalloc(NS)\nL = unix_find_other(addr)\nunix_state_lock(L)\nunix_peer(S) = NS\n\t\t\t// V count=1 inflight=0\n\n \t\t\tNS = unix_peer(S)\n \t\t\tskb2 = sock_alloc()\n\t\t\tskb_queue_tail(NS, skb2[V])\n\n\t\t\t// V became in-flight\n\t\t\t// V count=2 inflight=1\n\n\t\t\tclose(V)\n\n\t\t\t// V count=1 inflight=1\n\t\t\t// GC candidate condition met\n\n\t\t\t\t\t\tfor u in gc_inflight_list:\n\t\t\t\t\t\t if (total_refs == inflight_refs)\n\t\t\t\t\t\t add u to gc_candidates\n\n\t\t\t\t\t\t// gc_candidates={L, V}\n\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t scan_children(u, dec_inflight)\n\n\t\t\t\t\t\t// embryo (skb1) was not\n\t\t\t\t\t\t// reachable from L yet, so V\u0027s\n\t\t\t\t\t\t// inflight remains unchanged\n__skb_queue_tail(L, skb1)\nunix_state_unlock(L)\n\t\t\t\t\t\tfor u in gc_candidates:\n\t\t\t\t\t\t if (u.inflight)\n\t\t\t\t\t\t scan_children(u, inc_inflight_move_tail)\n\n\t\t\t\t\t\t// V count=1 inflight=2 (!)\n\nIf there is a GC-candidate listening socket, lock/unlock its state. This\nmakes GC wait until the end of any ongoing connect() to that socket. After\nflipping the lock, a possibly SCM-laden embryo is already enqueued. And if\nthere is another embryo coming, it can not possibly carry SCM_RIGHTS. At\nthis point, unix_inflight() can not happen because unix_gc_lock is already\ntaken. Inflight graph remains unaffected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26923",
"url": "https://www.suse.com/security/cve/CVE-2024-26923"
},
{
"category": "external",
"summary": "SUSE Bug 1223384 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223384"
},
{
"category": "external",
"summary": "SUSE Bug 1223683 for CVE-2024-26923",
"url": "https://bugzilla.suse.com/1223683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-26923"
},
{
"cve": "CVE-2024-26925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26925"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: release mutex after nft_gc_seq_end from abort path\n\nThe commit mutex should not be released during the critical section\nbetween nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC\nworker could collect expired objects and get the released commit lock\nwithin the same GC sequence.\n\nnf_tables_module_autoload() temporarily releases the mutex to load\nmodule dependencies, then it goes back to replay the transaction again.\nMove it at the end of the abort phase after nft_gc_seq_end() is called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26925",
"url": "https://www.suse.com/security/cve/CVE-2024-26925"
},
{
"category": "external",
"summary": "SUSE Bug 1223390 for CVE-2024-26925",
"url": "https://bugzilla.suse.com/1223390"
},
{
"category": "external",
"summary": "SUSE Bug 1224175 for CVE-2024-26925",
"url": "https://bugzilla.suse.com/1224175"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-26925"
},
{
"cve": "CVE-2024-26928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_debug_files_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26928",
"url": "https://www.suse.com/security/cve/CVE-2024-26928"
},
{
"category": "external",
"summary": "SUSE Bug 1223532 for CVE-2024-26928",
"url": "https://bugzilla.suse.com/1223532"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26928"
},
{
"cve": "CVE-2024-26932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd()\n\nWhen unregister pd capabilitie in tcpm, KASAN will capture below double\n-free issue. The root cause is the same capabilitiy will be kfreed twice,\nthe first time is kfreed by pd_capabilities_release() and the second time\nis explicitly kfreed by tcpm_port_unregister_pd().\n\n[ 3.988059] BUG: KASAN: double-free in tcpm_port_unregister_pd+0x1a4/0x3dc\n[ 3.995001] Free of addr ffff0008164d3000 by task kworker/u16:0/10\n[ 4.001206]\n[ 4.002712] CPU: 2 PID: 10 Comm: kworker/u16:0 Not tainted 6.8.0-rc5-next-20240220-05616-g52728c567a55 #53\n[ 4.012402] Hardware name: Freescale i.MX8QXP MEK (DT)\n[ 4.017569] Workqueue: events_unbound deferred_probe_work_func\n[ 4.023456] Call trace:\n[ 4.025920] dump_backtrace+0x94/0xec\n[ 4.029629] show_stack+0x18/0x24\n[ 4.032974] dump_stack_lvl+0x78/0x90\n[ 4.036675] print_report+0xfc/0x5c0\n[ 4.040289] kasan_report_invalid_free+0xa0/0xc0\n[ 4.044937] __kasan_slab_free+0x124/0x154\n[ 4.049072] kfree+0xb4/0x1e8\n[ 4.052069] tcpm_port_unregister_pd+0x1a4/0x3dc\n[ 4.056725] tcpm_register_port+0x1dd0/0x2558\n[ 4.061121] tcpci_register_port+0x420/0x71c\n[ 4.065430] tcpci_probe+0x118/0x2e0\n\nTo fix the issue, this will remove kree() from tcpm_port_unregister_pd().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26932",
"url": "https://www.suse.com/security/cve/CVE-2024-26932"
},
{
"category": "external",
"summary": "SUSE Bug 1223649 for CVE-2024-26932",
"url": "https://bugzilla.suse.com/1223649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26932"
},
{
"cve": "CVE-2024-26933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in port \"disable\" sysfs attribute\n\nThe show and store callback routines for the \"disable\" sysfs attribute\nfile in port.c acquire the device lock for the port\u0027s parent hub\ndevice. This can cause problems if another process has locked the hub\nto remove it or change its configuration:\n\n\tRemoving the hub or changing its configuration requires the\n\thub interface to be removed, which requires the port device\n\tto be removed, and device_del() waits until all outstanding\n\tsysfs attribute callbacks for the ports have returned. The\n\tlock can\u0027t be released until then.\n\n\tBut the disable_show() or disable_store() routine can\u0027t return\n\tuntil after it has acquired the lock.\n\nThe resulting deadlock can be avoided by calling\nsysfs_break_active_protection(). This will cause the sysfs core not\nto wait for the attribute\u0027s callback routine to return, allowing the\nremoval to proceed. The disadvantage is that after making this call,\nthere is no guarantee that the hub structure won\u0027t be deallocated at\nany moment. To prevent this, we have to acquire a reference to it\nfirst by calling hub_get().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26933",
"url": "https://www.suse.com/security/cve/CVE-2024-26933"
},
{
"category": "external",
"summary": "SUSE Bug 1223670 for CVE-2024-26933",
"url": "https://bugzilla.suse.com/1223670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26933"
},
{
"cve": "CVE-2024-26934",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26934"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix deadlock in usb_deauthorize_interface()\n\nAmong the attribute file callback routines in\ndrivers/usb/core/sysfs.c, the interface_authorized_store() function is\nthe only one which acquires a device lock on an ancestor device: It\ncalls usb_deauthorize_interface(), which locks the interface\u0027s parent\nUSB device.\n\nThe will lead to deadlock if another process already owns that lock\nand tries to remove the interface, whether through a configuration\nchange or because the device has been disconnected. As part of the\nremoval procedure, device_del() waits for all ongoing sysfs attribute\ncallbacks to complete. But usb_deauthorize_interface() can\u0027t complete\nuntil the device lock has been released, and the lock won\u0027t be\nreleased until the removal has finished.\n\nThe mechanism provided by sysfs to prevent this kind of deadlock is\nto use the sysfs_break_active_protection() function, which tells sysfs\nnot to wait for the attribute callback.\n\nReported-and-tested by: Yue Sun \u003csamsun1006219@gmail.com\u003e\nReported by: xingwei lee \u003cxrivendell7@gmail.com\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26934",
"url": "https://www.suse.com/security/cve/CVE-2024-26934"
},
{
"category": "external",
"summary": "SUSE Bug 1223671 for CVE-2024-26934",
"url": "https://bugzilla.suse.com/1223671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26934"
},
{
"cve": "CVE-2024-26935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: core: Fix unremoved procfs host directory regression\n\nCommit fc663711b944 (\"scsi: core: Remove the /proc/scsi/${proc_name}\ndirectory earlier\") fixed a bug related to modules loading/unloading, by\nadding a call to scsi_proc_hostdir_rm() on scsi_remove_host(). But that led\nto a potential duplicate call to the hostdir_rm() routine, since it\u0027s also\ncalled from scsi_host_dev_release(). That triggered a regression report,\nwhich was then fixed by commit be03df3d4bfe (\"scsi: core: Fix a procfs host\ndirectory removal regression\"). The fix just dropped the hostdir_rm() call\nfrom dev_release().\n\nBut it happens that this proc directory is created on scsi_host_alloc(),\nand that function \"pairs\" with scsi_host_dev_release(), while\nscsi_remove_host() pairs with scsi_add_host(). In other words, it seems the\nreason for removing the proc directory on dev_release() was meant to cover\ncases in which a SCSI host structure was allocated, but the call to\nscsi_add_host() didn\u0027t happen. And that pattern happens to exist in some\nerror paths, for example.\n\nSyzkaller causes that by using USB raw gadget device, error\u0027ing on\nusb-storage driver, at usb_stor_probe2(). By checking that path, we can see\nthat the BadDevice label leads to a scsi_host_put() after a SCSI host\nallocation, but there\u0027s no call to scsi_add_host() in such path. That leads\nto messages like this in dmesg (and a leak of the SCSI host proc\nstructure):\n\nusb-storage 4-1:87.51: USB Mass Storage device detected\nproc_dir_entry \u0027scsi/usb-storage\u0027 already registered\nWARNING: CPU: 1 PID: 3519 at fs/proc/generic.c:377 proc_register+0x347/0x4e0 fs/proc/generic.c:376\n\nThe proper fix seems to still call scsi_proc_hostdir_rm() on dev_release(),\nbut guard that with the state check for SHOST_CREATED; there is even a\ncomment in scsi_host_dev_release() detailing that: such conditional is\nmeant for cases where the SCSI host was allocated but there was no calls to\n{add,remove}_host(), like the usb-storage case.\n\nThis is what we propose here and with that, the error path of usb-storage\ndoes not trigger the warning anymore.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26935",
"url": "https://www.suse.com/security/cve/CVE-2024-26935"
},
{
"category": "external",
"summary": "SUSE Bug 1223675 for CVE-2024-26935",
"url": "https://bugzilla.suse.com/1223675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26935"
},
{
"cve": "CVE-2024-26937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/gt: Reset queue_priority_hint on parking\n\nOriginally, with strict in order execution, we could complete execution\nonly when the queue was empty. Preempt-to-busy allows replacement of an\nactive request that may complete before the preemption is processed by\nHW. If that happens, the request is retired from the queue, but the\nqueue_priority_hint remains set, preventing direct submission until\nafter the next CS interrupt is processed.\n\nThis preempt-to-busy race can be triggered by the heartbeat, which will\nalso act as the power-management barrier and upon completion allow us to\nidle the HW. We may process the completion of the heartbeat, and begin\nparking the engine before the CS event that restores the\nqueue_priority_hint, causing us to fail the assertion that it is MIN.\n\n\u003c3\u003e[ 166.210729] __engine_park:283 GEM_BUG_ON(engine-\u003esched_engine-\u003equeue_priority_hint != (-((int)(~0U \u003e\u003e 1)) - 1))\n\u003c0\u003e[ 166.210781] Dumping ftrace buffer:\n\u003c0\u003e[ 166.210795] ---------------------------------\n...\n\u003c0\u003e[ 167.302811] drm_fdin-1097 2..s1. 165741070us : trace_ports: 0000:00:02.0 rcs0: promote { ccid:20 1217:2 prio 0 }\n\u003c0\u003e[ 167.302861] drm_fdin-1097 2d.s2. 165741072us : execlists_submission_tasklet: 0000:00:02.0 rcs0: preempting last=1217:2, prio=0, hint=2147483646\n\u003c0\u003e[ 167.302928] drm_fdin-1097 2d.s2. 165741072us : __i915_request_unsubmit: 0000:00:02.0 rcs0: fence 1217:2, current 0\n\u003c0\u003e[ 167.302992] drm_fdin-1097 2d.s2. 165741073us : __i915_request_submit: 0000:00:02.0 rcs0: fence 3:4660, current 4659\n\u003c0\u003e[ 167.303044] drm_fdin-1097 2d.s1. 165741076us : execlists_submission_tasklet: 0000:00:02.0 rcs0: context:3 schedule-in, ccid:40\n\u003c0\u003e[ 167.303095] drm_fdin-1097 2d.s1. 165741077us : trace_ports: 0000:00:02.0 rcs0: submit { ccid:40 3:4660* prio 2147483646 }\n\u003c0\u003e[ 167.303159] kworker/-89 11..... 165741139us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence c90:2, current 2\n\u003c0\u003e[ 167.303208] kworker/-89 11..... 165741148us : __intel_context_do_unpin: 0000:00:02.0 rcs0: context:c90 unpin\n\u003c0\u003e[ 167.303272] kworker/-89 11..... 165741159us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence 1217:2, current 2\n\u003c0\u003e[ 167.303321] kworker/-89 11..... 165741166us : __intel_context_do_unpin: 0000:00:02.0 rcs0: context:1217 unpin\n\u003c0\u003e[ 167.303384] kworker/-89 11..... 165741170us : i915_request_retire.part.0: 0000:00:02.0 rcs0: fence 3:4660, current 4660\n\u003c0\u003e[ 167.303434] kworker/-89 11d..1. 165741172us : __intel_context_retire: 0000:00:02.0 rcs0: context:1216 retire runtime: { total:56028ns, avg:56028ns }\n\u003c0\u003e[ 167.303484] kworker/-89 11..... 165741198us : __engine_park: 0000:00:02.0 rcs0: parked\n\u003c0\u003e[ 167.303534] \u003cidle\u003e-0 5d.H3. 165741207us : execlists_irq_handler: 0000:00:02.0 rcs0: semaphore yield: 00000040\n\u003c0\u003e[ 167.303583] kworker/-89 11..... 165741397us : __intel_context_retire: 0000:00:02.0 rcs0: context:1217 retire runtime: { total:325575ns, avg:0ns }\n\u003c0\u003e[ 167.303756] kworker/-89 11..... 165741777us : __intel_context_retire: 0000:00:02.0 rcs0: context:c90 retire runtime: { total:0ns, avg:0ns }\n\u003c0\u003e[ 167.303806] kworker/-89 11..... 165742017us : __engine_park: __engine_park:283 GEM_BUG_ON(engine-\u003esched_engine-\u003equeue_priority_hint != (-((int)(~0U \u003e\u003e 1)) - 1))\n\u003c0\u003e[ 167.303811] ---------------------------------\n\u003c4\u003e[ 167.304722] ------------[ cut here ]------------\n\u003c2\u003e[ 167.304725] kernel BUG at drivers/gpu/drm/i915/gt/intel_engine_pm.c:283!\n\u003c4\u003e[ 167.304731] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n\u003c4\u003e[ 167.304734] CPU: 11 PID: 89 Comm: kworker/11:1 Tainted: G W 6.8.0-rc2-CI_DRM_14193-gc655e0fd2804+ #1\n\u003c4\u003e[ 167.304736] Hardware name: Intel Corporation Rocket Lake Client Platform/RocketLake S UDIMM 6L RVP, BIOS RKLSFWI1.R00.3173.A03.2204210138 04/21/2022\n\u003c4\u003e[ 167.304738] Workqueue: i915-unordered retire_work_handler [i915]\n\u003c4\u003e[ 16\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26937",
"url": "https://www.suse.com/security/cve/CVE-2024-26937"
},
{
"category": "external",
"summary": "SUSE Bug 1223677 for CVE-2024-26937",
"url": "https://bugzilla.suse.com/1223677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26937"
},
{
"cve": "CVE-2024-26938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode()\n\nIf we have no VBT, or the VBT didn\u0027t declare the encoder\nin question, we won\u0027t have the \u0027devdata\u0027 for the encoder.\nInstead of oopsing just bail early.\n\nWe won\u0027t be able to tell whether the port is DP++ or not,\nbut so be it.\n\n(cherry picked from commit 26410896206342c8a80d2b027923e9ee7d33b733)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26938",
"url": "https://www.suse.com/security/cve/CVE-2024-26938"
},
{
"category": "external",
"summary": "SUSE Bug 1223678 for CVE-2024-26938",
"url": "https://bugzilla.suse.com/1223678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26938"
},
{
"cve": "CVE-2024-26940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed\n\nThe driver creates /sys/kernel/debug/dri/0/mob_ttm even when the\ncorresponding ttm_resource_manager is not allocated.\nThis leads to a crash when trying to read from this file.\n\nAdd a check to create mob_ttm, system_mob_ttm, and gmr_ttm debug file\nonly when the corresponding ttm_resource_manager is allocated.\n\ncrash\u003e bt\nPID: 3133409 TASK: ffff8fe4834a5000 CPU: 3 COMMAND: \"grep\"\n #0 [ffffb954506b3b20] machine_kexec at ffffffffb2a6bec3\n #1 [ffffb954506b3b78] __crash_kexec at ffffffffb2bb598a\n #2 [ffffb954506b3c38] crash_kexec at ffffffffb2bb68c1\n #3 [ffffb954506b3c50] oops_end at ffffffffb2a2a9b1\n #4 [ffffb954506b3c70] no_context at ffffffffb2a7e913\n #5 [ffffb954506b3cc8] __bad_area_nosemaphore at ffffffffb2a7ec8c\n #6 [ffffb954506b3d10] do_page_fault at ffffffffb2a7f887\n #7 [ffffb954506b3d40] page_fault at ffffffffb360116e\n [exception RIP: ttm_resource_manager_debug+0x11]\n RIP: ffffffffc04afd11 RSP: ffffb954506b3df0 RFLAGS: 00010246\n RAX: ffff8fe41a6d1200 RBX: 0000000000000000 RCX: 0000000000000940\n RDX: 0000000000000000 RSI: ffffffffc04b4338 RDI: 0000000000000000\n RBP: ffffb954506b3e08 R8: ffff8fee3ffad000 R9: 0000000000000000\n R10: ffff8fe41a76a000 R11: 0000000000000001 R12: 00000000ffffffff\n R13: 0000000000000001 R14: ffff8fe5bb6f3900 R15: ffff8fe41a6d1200\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #8 [ffffb954506b3e00] ttm_resource_manager_show at ffffffffc04afde7 [ttm]\n #9 [ffffb954506b3e30] seq_read at ffffffffb2d8f9f3\n RIP: 00007f4c4eda8985 RSP: 00007ffdbba9e9f8 RFLAGS: 00000246\n RAX: ffffffffffffffda RBX: 000000000037e000 RCX: 00007f4c4eda8985\n RDX: 000000000037e000 RSI: 00007f4c41573000 RDI: 0000000000000003\n RBP: 000000000037e000 R8: 0000000000000000 R9: 000000000037fe30\n R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4c41573000\n R13: 0000000000000003 R14: 00007f4c41572010 R15: 0000000000000003\n ORIG_RAX: 0000000000000000 CS: 0033 SS: 002b",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26940",
"url": "https://www.suse.com/security/cve/CVE-2024-26940"
},
{
"category": "external",
"summary": "SUSE Bug 1223718 for CVE-2024-26940",
"url": "https://bugzilla.suse.com/1223718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26940"
},
{
"cve": "CVE-2024-26943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/dmem: handle kcalloc() allocation failure\n\nThe kcalloc() in nouveau_dmem_evict_chunk() will return null if\nthe physical memory has run out. As a result, if we dereference\nsrc_pfns, dst_pfns or dma_addrs, the null pointer dereference bugs\nwill happen.\n\nMoreover, the GPU is going away. If the kcalloc() fails, we could not\nevict all pages mapping a chunk. So this patch adds a __GFP_NOFAIL\nflag in kcalloc().\n\nFinally, as there is no need to have physically contiguous memory,\nthis patch switches kcalloc() to kvcalloc() in order to avoid\nfailing allocations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26943",
"url": "https://www.suse.com/security/cve/CVE-2024-26943"
},
{
"category": "external",
"summary": "SUSE Bug 1230527 for CVE-2024-26943",
"url": "https://bugzilla.suse.com/1230527"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26943"
},
{
"cve": "CVE-2024-26945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: iaa - Fix nr_cpus \u003c nr_iaa case\n\nIf nr_cpus \u003c nr_iaa, the calculated cpus_per_iaa will be 0, which\ncauses a divide-by-0 in rebalance_wq_table().\n\nMake sure cpus_per_iaa is 1 in that case, and also in the nr_iaa == 0\ncase, even though cpus_per_iaa is never used if nr_iaa == 0, for\nparanoia.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26945",
"url": "https://www.suse.com/security/cve/CVE-2024-26945"
},
{
"category": "external",
"summary": "SUSE Bug 1223732 for CVE-2024-26945",
"url": "https://bugzilla.suse.com/1223732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26945"
},
{
"cve": "CVE-2024-26946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes/x86: Use copy_from_kernel_nofault() to read from unsafe address\n\nRead from an unsafe address with copy_from_kernel_nofault() in\narch_adjust_kprobe_addr() because this function is used before checking\nthe address is in text or not. Syzcaller bot found a bug and reported\nthe case if user specifies inaccessible data area,\narch_adjust_kprobe_addr() will cause a kernel panic.\n\n[ mingo: Clarified the comment. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26946",
"url": "https://www.suse.com/security/cve/CVE-2024-26946"
},
{
"category": "external",
"summary": "SUSE Bug 1223669 for CVE-2024-26946",
"url": "https://bugzilla.suse.com/1223669"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26946"
},
{
"cve": "CVE-2024-26948",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26948"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Add a dc_state NULL check in dc_state_release\n\n[How]\nCheck wheather state is NULL before releasing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26948",
"url": "https://www.suse.com/security/cve/CVE-2024-26948"
},
{
"category": "external",
"summary": "SUSE Bug 1223664 for CVE-2024-26948",
"url": "https://bugzilla.suse.com/1223664"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26948"
},
{
"cve": "CVE-2024-26949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu/pm: Fix NULL pointer dereference when get power limit\n\nBecause powerplay_table initialization is skipped under\nsriov case, We check and set default lower and upper OD\nvalue if powerplay_table is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26949",
"url": "https://www.suse.com/security/cve/CVE-2024-26949"
},
{
"category": "external",
"summary": "SUSE Bug 1223665 for CVE-2024-26949",
"url": "https://bugzilla.suse.com/1223665"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26949"
},
{
"cve": "CVE-2024-26950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: netlink: access device through ctx instead of peer\n\nThe previous commit fixed a bug that led to a NULL peer-\u003edevice being\ndereferenced. It\u0027s actually easier and faster performance-wise to\ninstead get the device from ctx-\u003ewg. This semantically makes more sense\ntoo, since ctx-\u003ewg-\u003epeer_allowedips.seq is compared with\nctx-\u003eallowedips_seq, basing them both in ctx. This also acts as a\ndefence in depth provision against freed peers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26950",
"url": "https://www.suse.com/security/cve/CVE-2024-26950"
},
{
"category": "external",
"summary": "SUSE Bug 1223661 for CVE-2024-26950",
"url": "https://bugzilla.suse.com/1223661"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26950"
},
{
"cve": "CVE-2024-26951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwireguard: netlink: check for dangling peer via is_dead instead of empty list\n\nIf all peers are removed via wg_peer_remove_all(), rather than setting\npeer_list to empty, the peer is added to a temporary list with a head on\nthe stack of wg_peer_remove_all(). If a netlink dump is resumed and the\ncursored peer is one that has been removed via wg_peer_remove_all(), it\nwill iterate from that peer and then attempt to dump freed peers.\n\nFix this by instead checking peer-\u003eis_dead, which was explictly created\nfor this purpose. Also move up the device_update_lock lockdep assertion,\nsince reading is_dead relies on that.\n\nIt can be reproduced by a small script like:\n\n echo \"Setting config...\"\n ip link add dev wg0 type wireguard\n wg setconf wg0 /big-config\n (\n while true; do\n echo \"Showing config...\"\n wg showconf wg0 \u003e /dev/null\n done\n ) \u0026\n sleep 4\n wg setconf wg0 \u003c(printf \"[Peer]\\nPublicKey=$(wg genkey)\\n\")\n\nResulting in:\n\n BUG: KASAN: slab-use-after-free in __lock_acquire+0x182a/0x1b20\n Read of size 8 at addr ffff88811956ec70 by task wg/59\n CPU: 2 PID: 59 Comm: wg Not tainted 6.8.0-rc2-debug+ #5\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x47/0x70\n print_address_description.constprop.0+0x2c/0x380\n print_report+0xab/0x250\n kasan_report+0xba/0xf0\n __lock_acquire+0x182a/0x1b20\n lock_acquire+0x191/0x4b0\n down_read+0x80/0x440\n get_peer+0x140/0xcb0\n wg_get_device_dump+0x471/0x1130",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26951",
"url": "https://www.suse.com/security/cve/CVE-2024-26951"
},
{
"category": "external",
"summary": "SUSE Bug 1223660 for CVE-2024-26951",
"url": "https://bugzilla.suse.com/1223660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26951"
},
{
"cve": "CVE-2024-26956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix failure to detect DAT corruption in btree and direct mappings\n\nPatch series \"nilfs2: fix kernel bug at submit_bh_wbc()\".\n\nThis resolves a kernel BUG reported by syzbot. Since there are two\nflaws involved, I\u0027ve made each one a separate patch.\n\nThe first patch alone resolves the syzbot-reported bug, but I think\nboth fixes should be sent to stable, so I\u0027ve tagged them as such.\n\n\nThis patch (of 2):\n\nSyzbot has reported a kernel bug in submit_bh_wbc() when writing file data\nto a nilfs2 file system whose metadata is corrupted.\n\nThere are two flaws involved in this issue.\n\nThe first flaw is that when nilfs_get_block() locates a data block using\nbtree or direct mapping, if the disk address translation routine\nnilfs_dat_translate() fails with internal code -ENOENT due to DAT metadata\ncorruption, it can be passed back to nilfs_get_block(). This causes\nnilfs_get_block() to misidentify an existing block as non-existent,\ncausing both data block lookup and insertion to fail inconsistently.\n\nThe second flaw is that nilfs_get_block() returns a successful status in\nthis inconsistent state. This causes the caller __block_write_begin_int()\nor others to request a read even though the buffer is not mapped,\nresulting in a BUG_ON check for the BH_Mapped flag in submit_bh_wbc()\nfailing.\n\nThis fixes the first issue by changing the return value to code -EINVAL\nwhen a conversion using DAT fails with code -ENOENT, avoiding the\nconflicting condition that leads to the kernel bug described above. Here,\ncode -EINVAL indicates that metadata corruption was detected during the\nblock lookup, which will be properly handled as a file system error and\nconverted to -EIO when passing through the nilfs2 bmap layer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26956",
"url": "https://www.suse.com/security/cve/CVE-2024-26956"
},
{
"category": "external",
"summary": "SUSE Bug 1223663 for CVE-2024-26956",
"url": "https://bugzilla.suse.com/1223663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26956"
},
{
"cve": "CVE-2024-26957",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26957"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/zcrypt: fix reference counting on zcrypt card objects\n\nTests with hot-plugging crytpo cards on KVM guests with debug\nkernel build revealed an use after free for the load field of\nthe struct zcrypt_card. The reason was an incorrect reference\nhandling of the zcrypt card object which could lead to a free\nof the zcrypt card object while it was still in use.\n\nThis is an example of the slab message:\n\n kernel: 0x00000000885a7512-0x00000000885a7513 @offset=1298. First byte 0x68 instead of 0x6b\n kernel: Allocated in zcrypt_card_alloc+0x36/0x70 [zcrypt] age=18046 cpu=3 pid=43\n kernel: kmalloc_trace+0x3f2/0x470\n kernel: zcrypt_card_alloc+0x36/0x70 [zcrypt]\n kernel: zcrypt_cex4_card_probe+0x26/0x380 [zcrypt_cex4]\n kernel: ap_device_probe+0x15c/0x290\n kernel: really_probe+0xd2/0x468\n kernel: driver_probe_device+0x40/0xf0\n kernel: __device_attach_driver+0xc0/0x140\n kernel: bus_for_each_drv+0x8c/0xd0\n kernel: __device_attach+0x114/0x198\n kernel: bus_probe_device+0xb4/0xc8\n kernel: device_add+0x4d2/0x6e0\n kernel: ap_scan_adapter+0x3d0/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: Freed in zcrypt_card_put+0x54/0x80 [zcrypt] age=9024 cpu=3 pid=43\n kernel: kfree+0x37e/0x418\n kernel: zcrypt_card_put+0x54/0x80 [zcrypt]\n kernel: ap_device_remove+0x4c/0xe0\n kernel: device_release_driver_internal+0x1c4/0x270\n kernel: bus_remove_device+0x100/0x188\n kernel: device_del+0x164/0x3c0\n kernel: device_unregister+0x30/0x90\n kernel: ap_scan_adapter+0xc8/0x7c0\n kernel: ap_scan_bus+0x5a/0x3b0\n kernel: ap_scan_bus_wq_callback+0x40/0x60\n kernel: process_one_work+0x26e/0x620\n kernel: worker_thread+0x21c/0x440\n kernel: kthread+0x150/0x168\n kernel: __ret_from_fork+0x3c/0x58\n kernel: ret_from_fork+0xa/0x30\n kernel: Slab 0x00000372022169c0 objects=20 used=18 fp=0x00000000885a7c88 flags=0x3ffff00000000a00(workingset|slab|node=0|zone=1|lastcpupid=0x1ffff)\n kernel: Object 0x00000000885a74b8 @offset=1208 fp=0x00000000885a7c88\n kernel: Redzone 00000000885a74b0: bb bb bb bb bb bb bb bb ........\n kernel: Object 00000000885a74b8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74c8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74d8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74e8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a74f8: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b kkkkkkkkkkkkkkkk\n kernel: Object 00000000885a7508: 6b 6b 6b 6b 6b 6b 6b 6b 6b 6b 68 4b 6b 6b 6b a5 kkkkkkkkkkhKkkk.\n kernel: Redzone 00000000885a7518: bb bb bb bb bb bb bb bb ........\n kernel: Padding 00000000885a756c: 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a 5a ZZZZZZZZZZZZ\n kernel: CPU: 0 PID: 387 Comm: systemd-udevd Not tainted 6.8.0-HF #2\n kernel: Hardware name: IBM 3931 A01 704 (KVM/Linux)\n kernel: Call Trace:\n kernel: [\u003c00000000ca5ab5b8\u003e] dump_stack_lvl+0x90/0x120\n kernel: [\u003c00000000c99d78bc\u003e] check_bytes_and_report+0x114/0x140\n kernel: [\u003c00000000c99d53cc\u003e] check_object+0x334/0x3f8\n kernel: [\u003c00000000c99d820c\u003e] alloc_debug_processing+0xc4/0x1f8\n kernel: [\u003c00000000c99d852e\u003e] get_partial_node.part.0+0x1ee/0x3e0\n kernel: [\u003c00000000c99d94ec\u003e] ___slab_alloc+0xaf4/0x13c8\n kernel: [\u003c00000000c99d9e38\u003e] __slab_alloc.constprop.0+0x78/0xb8\n kernel: [\u003c00000000c99dc8dc\u003e] __kmalloc+0x434/0x590\n kernel: [\u003c00000000c9b4c0ce\u003e] ext4_htree_store_dirent+0x4e/0x1c0\n kernel: [\u003c00000000c9b908a2\u003e] htree_dirblock_to_tree+0x17a/0x3f0\n kernel: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26957",
"url": "https://www.suse.com/security/cve/CVE-2024-26957"
},
{
"category": "external",
"summary": "SUSE Bug 1223666 for CVE-2024-26957",
"url": "https://bugzilla.suse.com/1223666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26957"
},
{
"cve": "CVE-2024-26958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: fix UAF in direct writes\n\nIn production we have been hitting the following warning consistently\n\n------------[ cut here ]------------\nrefcount_t: underflow; use-after-free.\nWARNING: CPU: 17 PID: 1800359 at lib/refcount.c:28 refcount_warn_saturate+0x9c/0xe0\nWorkqueue: nfsiod nfs_direct_write_schedule_work [nfs]\nRIP: 0010:refcount_warn_saturate+0x9c/0xe0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x9f/0x130\n ? refcount_warn_saturate+0x9c/0xe0\n ? report_bug+0xcc/0x150\n ? handle_bug+0x3d/0x70\n ? exc_invalid_op+0x16/0x40\n ? asm_exc_invalid_op+0x16/0x20\n ? refcount_warn_saturate+0x9c/0xe0\n nfs_direct_write_schedule_work+0x237/0x250 [nfs]\n process_one_work+0x12f/0x4a0\n worker_thread+0x14e/0x3b0\n ? ZSTD_getCParams_internal+0x220/0x220\n kthread+0xdc/0x120\n ? __btf_name_valid+0xa0/0xa0\n ret_from_fork+0x1f/0x30\n\nThis is because we\u0027re completing the nfs_direct_request twice in a row.\n\nThe source of this is when we have our commit requests to submit, we\nprocess them and send them off, and then in the completion path for the\ncommit requests we have\n\nif (nfs_commit_end(cinfo.mds))\n\tnfs_direct_write_complete(dreq);\n\nHowever since we\u0027re submitting asynchronous requests we sometimes have\none that completes before we submit the next one, so we end up calling\ncomplete on the nfs_direct_request twice.\n\nThe only other place we use nfs_generic_commit_list() is in\n__nfs_commit_inode, which wraps this call in a\n\nnfs_commit_begin();\nnfs_commit_end();\n\nWhich is a common pattern for this style of completion handling, one\nthat is also repeated in the direct code with get_dreq()/put_dreq()\ncalls around where we process events as well as in the completion paths.\n\nFix this by using the same pattern for the commit requests.\n\nBefore with my 200 node rocksdb stress running this warning would pop\nevery 10ish minutes. With my patch the stress test has been running for\nseveral hours without popping.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26958",
"url": "https://www.suse.com/security/cve/CVE-2024-26958"
},
{
"category": "external",
"summary": "SUSE Bug 1223653 for CVE-2024-26958",
"url": "https://bugzilla.suse.com/1223653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26958"
},
{
"cve": "CVE-2024-26960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm: swap: fix race between free_swap_and_cache() and swapoff()\n\nThere was previously a theoretical window where swapoff() could run and\nteardown a swap_info_struct while a call to free_swap_and_cache() was\nrunning in another thread. This could cause, amongst other bad\npossibilities, swap_page_trans_huge_swapped() (called by\nfree_swap_and_cache()) to access the freed memory for swap_map.\n\nThis is a theoretical problem and I haven\u0027t been able to provoke it from a\ntest case. But there has been agreement based on code review that this is\npossible (see link below).\n\nFix it by using get_swap_device()/put_swap_device(), which will stall\nswapoff(). There was an extra check in _swap_info_get() to confirm that\nthe swap entry was not free. This isn\u0027t present in get_swap_device()\nbecause it doesn\u0027t make sense in general due to the race between getting\nthe reference and swapoff. So I\u0027ve added an equivalent check directly in\nfree_swap_and_cache().\n\nDetails of how to provoke one possible issue (thanks to David Hildenbrand\nfor deriving this):\n\n--8\u003c-----\n\n__swap_entry_free() might be the last user and result in\n\"count == SWAP_HAS_CACHE\".\n\nswapoff-\u003etry_to_unuse() will stop as soon as soon as si-\u003einuse_pages==0.\n\nSo the question is: could someone reclaim the folio and turn\nsi-\u003einuse_pages==0, before we completed swap_page_trans_huge_swapped().\n\nImagine the following: 2 MiB folio in the swapcache. Only 2 subpages are\nstill references by swap entries.\n\nProcess 1 still references subpage 0 via swap entry.\nProcess 2 still references subpage 1 via swap entry.\n\nProcess 1 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n[then, preempted in the hypervisor etc.]\n\nProcess 2 quits. Calls free_swap_and_cache().\n-\u003e count == SWAP_HAS_CACHE\n\nProcess 2 goes ahead, passes swap_page_trans_huge_swapped(), and calls\n__try_to_reclaim_swap().\n\n__try_to_reclaim_swap()-\u003efolio_free_swap()-\u003edelete_from_swap_cache()-\u003e\nput_swap_folio()-\u003efree_swap_slot()-\u003eswapcache_free_entries()-\u003e\nswap_entry_free()-\u003eswap_range_free()-\u003e\n...\nWRITE_ONCE(si-\u003einuse_pages, si-\u003einuse_pages - nr_entries);\n\nWhat stops swapoff to succeed after process 2 reclaimed the swap cache\nbut before process1 finished its call to swap_page_trans_huge_swapped()?\n\n--8\u003c-----",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26960",
"url": "https://www.suse.com/security/cve/CVE-2024-26960"
},
{
"category": "external",
"summary": "SUSE Bug 1223655 for CVE-2024-26960",
"url": "https://bugzilla.suse.com/1223655"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26960"
},
{
"cve": "CVE-2024-26961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmac802154: fix llsec key resources release in mac802154_llsec_key_del\n\nmac802154_llsec_key_del() can free resources of a key directly without\nfollowing the RCU rules for waiting before the end of a grace period. This\nmay lead to use-after-free in case llsec_lookup_key() is traversing the\nlist of keys in parallel with a key deletion:\n\nrefcount_t: addition on 0; use-after-free.\nWARNING: CPU: 4 PID: 16000 at lib/refcount.c:25 refcount_warn_saturate+0x162/0x2a0\nModules linked in:\nCPU: 4 PID: 16000 Comm: wpan-ping Not tainted 6.7.0 #19\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.2-debian-1.16.2-1 04/01/2014\nRIP: 0010:refcount_warn_saturate+0x162/0x2a0\nCall Trace:\n \u003cTASK\u003e\n llsec_lookup_key.isra.0+0x890/0x9e0\n mac802154_llsec_encrypt+0x30c/0x9c0\n ieee802154_subif_start_xmit+0x24/0x1e0\n dev_hard_start_xmit+0x13e/0x690\n sch_direct_xmit+0x2ae/0xbc0\n __dev_queue_xmit+0x11dd/0x3c20\n dgram_sendmsg+0x90b/0xd60\n __sys_sendto+0x466/0x4c0\n __x64_sys_sendto+0xe0/0x1c0\n do_syscall_64+0x45/0xf0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nAlso, ieee802154_llsec_key_entry structures are not freed by\nmac802154_llsec_key_del():\n\nunreferenced object 0xffff8880613b6980 (size 64):\n comm \"iwpan\", pid 2176, jiffies 4294761134 (age 60.475s)\n hex dump (first 32 bytes):\n 78 0d 8f 18 80 88 ff ff 22 01 00 00 00 00 ad de x.......\".......\n 00 00 00 00 00 00 00 00 03 00 cd ab 00 00 00 00 ................\n backtrace:\n [\u003cffffffff81dcfa62\u003e] __kmem_cache_alloc_node+0x1e2/0x2d0\n [\u003cffffffff81c43865\u003e] kmalloc_trace+0x25/0xc0\n [\u003cffffffff88968b09\u003e] mac802154_llsec_key_add+0xac9/0xcf0\n [\u003cffffffff8896e41a\u003e] ieee802154_add_llsec_key+0x5a/0x80\n [\u003cffffffff8892adc6\u003e] nl802154_add_llsec_key+0x426/0x5b0\n [\u003cffffffff86ff293e\u003e] genl_family_rcv_msg_doit+0x1fe/0x2f0\n [\u003cffffffff86ff46d1\u003e] genl_rcv_msg+0x531/0x7d0\n [\u003cffffffff86fee7a9\u003e] netlink_rcv_skb+0x169/0x440\n [\u003cffffffff86ff1d88\u003e] genl_rcv+0x28/0x40\n [\u003cffffffff86fec15c\u003e] netlink_unicast+0x53c/0x820\n [\u003cffffffff86fecd8b\u003e] netlink_sendmsg+0x93b/0xe60\n [\u003cffffffff86b91b35\u003e] ____sys_sendmsg+0xac5/0xca0\n [\u003cffffffff86b9c3dd\u003e] ___sys_sendmsg+0x11d/0x1c0\n [\u003cffffffff86b9c65a\u003e] __sys_sendmsg+0xfa/0x1d0\n [\u003cffffffff88eadbf5\u003e] do_syscall_64+0x45/0xf0\n [\u003cffffffff890000ea\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nHandle the proper resource release in the RCU callback function\nmac802154_llsec_key_del_rcu().\n\nNote that if llsec_lookup_key() finds a key, it gets a refcount via\nllsec_key_get() and locally copies key id from key_entry (which is a\nlist element). So it\u0027s safe to call llsec_key_put() and free the list\nentry after the RCU grace period elapses.\n\nFound by Linux Verification Center (linuxtesting.org).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26961",
"url": "https://www.suse.com/security/cve/CVE-2024-26961"
},
{
"category": "external",
"summary": "SUSE Bug 1223652 for CVE-2024-26961",
"url": "https://bugzilla.suse.com/1223652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26961"
},
{
"cve": "CVE-2024-26962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26962"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid456, md/raid456: fix a deadlock for dm-raid456 while io concurrent with reshape\n\nFor raid456, if reshape is still in progress, then IO across reshape\nposition will wait for reshape to make progress. However, for dm-raid,\nin following cases reshape will never make progress hence IO will hang:\n\n1) the array is read-only;\n2) MD_RECOVERY_WAIT is set;\n3) MD_RECOVERY_FROZEN is set;\n\nAfter commit c467e97f079f (\"md/raid6: use valid sector values to determine\nif an I/O should wait on the reshape\") fix the problem that IO across\nreshape position doesn\u0027t wait for reshape, the dm-raid test\nshell/lvconvert-raid-reshape.sh start to hang:\n\n[root@fedora ~]# cat /proc/979/stack\n[\u003c0\u003e] wait_woken+0x7d/0x90\n[\u003c0\u003e] raid5_make_request+0x929/0x1d70 [raid456]\n[\u003c0\u003e] md_handle_request+0xc2/0x3b0 [md_mod]\n[\u003c0\u003e] raid_map+0x2c/0x50 [dm_raid]\n[\u003c0\u003e] __map_bio+0x251/0x380 [dm_mod]\n[\u003c0\u003e] dm_submit_bio+0x1f0/0x760 [dm_mod]\n[\u003c0\u003e] __submit_bio+0xc2/0x1c0\n[\u003c0\u003e] submit_bio_noacct_nocheck+0x17f/0x450\n[\u003c0\u003e] submit_bio_noacct+0x2bc/0x780\n[\u003c0\u003e] submit_bio+0x70/0xc0\n[\u003c0\u003e] mpage_readahead+0x169/0x1f0\n[\u003c0\u003e] blkdev_readahead+0x18/0x30\n[\u003c0\u003e] read_pages+0x7c/0x3b0\n[\u003c0\u003e] page_cache_ra_unbounded+0x1ab/0x280\n[\u003c0\u003e] force_page_cache_ra+0x9e/0x130\n[\u003c0\u003e] page_cache_sync_ra+0x3b/0x110\n[\u003c0\u003e] filemap_get_pages+0x143/0xa30\n[\u003c0\u003e] filemap_read+0xdc/0x4b0\n[\u003c0\u003e] blkdev_read_iter+0x75/0x200\n[\u003c0\u003e] vfs_read+0x272/0x460\n[\u003c0\u003e] ksys_read+0x7a/0x170\n[\u003c0\u003e] __x64_sys_read+0x1c/0x30\n[\u003c0\u003e] do_syscall_64+0xc6/0x230\n[\u003c0\u003e] entry_SYSCALL_64_after_hwframe+0x6c/0x74\n\nThis is because reshape can\u0027t make progress.\n\nFor md/raid, the problem doesn\u0027t exist because register new sync_thread\ndoesn\u0027t rely on the IO to be done any more:\n\n1) If array is read-only, it can switch to read-write by ioctl/sysfs;\n2) md/raid never set MD_RECOVERY_WAIT;\n3) If MD_RECOVERY_FROZEN is set, mddev_suspend() doesn\u0027t hold\n \u0027reconfig_mutex\u0027, hence it can be cleared and reshape can continue by\n sysfs api \u0027sync_action\u0027.\n\nHowever, I\u0027m not sure yet how to avoid the problem in dm-raid yet. This\npatch on the one hand make sure raid_message() can\u0027t change\nsync_thread() through raid_message() after presuspend(), on the other\nhand detect the above 3 cases before wait for IO do be done in\ndm_suspend(), and let dm-raid requeue those IO.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26962",
"url": "https://www.suse.com/security/cve/CVE-2024-26962"
},
{
"category": "external",
"summary": "SUSE Bug 1223654 for CVE-2024-26962",
"url": "https://bugzilla.suse.com/1223654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26962"
},
{
"cve": "CVE-2024-26963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc3-am62: fix module unload/reload behavior\n\nAs runtime PM is enabled, the module can be runtime\nsuspended when .remove() is called.\n\nDo a pm_runtime_get_sync() to make sure module is active\nbefore doing any register operations.\n\nDoing a pm_runtime_put_sync() should disable the refclk\nso no need to disable it again.\n\nFixes the below warning at module removel.\n\n[ 39.705310] ------------[ cut here ]------------\n[ 39.710004] clk:162:3 already disabled\n[ 39.713941] WARNING: CPU: 0 PID: 921 at drivers/clk/clk.c:1090 clk_core_disable+0xb0/0xb8\n\nWe called of_platform_populate() in .probe() so call the\ncleanup function of_platform_depopulate() in .remove().\nGet rid of the now unnnecessary dwc3_ti_remove_core().\nWithout this, module re-load doesn\u0027t work properly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26963",
"url": "https://www.suse.com/security/cve/CVE-2024-26963"
},
{
"category": "external",
"summary": "SUSE Bug 1223651 for CVE-2024-26963",
"url": "https://bugzilla.suse.com/1223651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26963"
},
{
"cve": "CVE-2024-26964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: Add error handling in xhci_map_urb_for_dma\n\nCurrently xhci_map_urb_for_dma() creates a temporary buffer and copies\nthe SG list to the new linear buffer. But if the kzalloc_node() fails,\nthen the following sg_pcopy_to_buffer() can lead to crash since it\ntries to memcpy to NULL pointer.\n\nSo return -ENOMEM if kzalloc returns null pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26964",
"url": "https://www.suse.com/security/cve/CVE-2024-26964"
},
{
"category": "external",
"summary": "SUSE Bug 1223650 for CVE-2024-26964",
"url": "https://bugzilla.suse.com/1223650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26964"
},
{
"cve": "CVE-2024-26972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26972"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26972",
"url": "https://www.suse.com/security/cve/CVE-2024-26972"
},
{
"category": "external",
"summary": "SUSE Bug 1223643 for CVE-2024-26972",
"url": "https://bugzilla.suse.com/1223643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26972"
},
{
"cve": "CVE-2024-26973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfat: fix uninitialized field in nostale filehandles\n\nWhen fat_encode_fh_nostale() encodes file handle without a parent it\nstores only first 10 bytes of the file handle. However the length of the\nfile handle must be a multiple of 4 so the file handle is actually 12\nbytes long and the last two bytes remain uninitialized. This is not\ngreat at we potentially leak uninitialized information with the handle\nto userspace. Properly initialize the full handle length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26973",
"url": "https://www.suse.com/security/cve/CVE-2024-26973"
},
{
"category": "external",
"summary": "SUSE Bug 1223641 for CVE-2024-26973",
"url": "https://bugzilla.suse.com/1223641"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26973"
},
{
"cve": "CVE-2024-26978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: max310x: fix NULL pointer dereference in I2C instantiation\n\nWhen trying to instantiate a max14830 device from userspace:\n\n echo max14830 0x60 \u003e /sys/bus/i2c/devices/i2c-2/new_device\n\nwe get the following error:\n\n Unable to handle kernel NULL pointer dereference at virtual address...\n ...\n Call trace:\n max310x_i2c_probe+0x48/0x170 [max310x]\n i2c_device_probe+0x150/0x2a0\n ...\n\nAdd check for validity of devtype to prevent the error, and abort probe\nwith a meaningful error message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26978",
"url": "https://www.suse.com/security/cve/CVE-2024-26978"
},
{
"category": "external",
"summary": "SUSE Bug 1223629 for CVE-2024-26978",
"url": "https://bugzilla.suse.com/1223629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26978"
},
{
"cve": "CVE-2024-26979",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26979"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26979",
"url": "https://www.suse.com/security/cve/CVE-2024-26979"
},
{
"category": "external",
"summary": "SUSE Bug 1223628 for CVE-2024-26979",
"url": "https://bugzilla.suse.com/1223628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26979"
},
{
"cve": "CVE-2024-26981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix OOB in nilfs_set_de_type\n\nThe size of the nilfs_type_by_mode array in the fs/nilfs2/dir.c file is\ndefined as \"S_IFMT \u003e\u003e S_SHIFT\", but the nilfs_set_de_type() function,\nwhich uses this array, specifies the index to read from the array in the\nsame way as \"(mode \u0026 S_IFMT) \u003e\u003e S_SHIFT\".\n\nstatic void nilfs_set_de_type(struct nilfs_dir_entry *de, struct inode\n *inode)\n{\n\tumode_t mode = inode-\u003ei_mode;\n\n\tde-\u003efile_type = nilfs_type_by_mode[(mode \u0026 S_IFMT)\u003e\u003eS_SHIFT]; // oob\n}\n\nHowever, when the index is determined this way, an out-of-bounds (OOB)\nerror occurs by referring to an index that is 1 larger than the array size\nwhen the condition \"mode \u0026 S_IFMT == S_IFMT\" is satisfied. Therefore, a\npatch to resize the nilfs_type_by_mode array should be applied to prevent\nOOB errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26981",
"url": "https://www.suse.com/security/cve/CVE-2024-26981"
},
{
"category": "external",
"summary": "SUSE Bug 1223668 for CVE-2024-26981",
"url": "https://bugzilla.suse.com/1223668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26981"
},
{
"cve": "CVE-2024-26982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSquashfs: check the inode number is not the invalid value of zero\n\nSyskiller has produced an out of bounds access in fill_meta_index().\n\nThat out of bounds access is ultimately caused because the inode\nhas an inode number with the invalid value of zero, which was not checked.\n\nThe reason this causes the out of bounds access is due to following\nsequence of events:\n\n1. Fill_meta_index() is called to allocate (via empty_meta_index())\n and fill a metadata index. It however suffers a data read error\n and aborts, invalidating the newly returned empty metadata index.\n It does this by setting the inode number of the index to zero,\n which means unused (zero is not a valid inode number).\n\n2. When fill_meta_index() is subsequently called again on another\n read operation, locate_meta_index() returns the previous index\n because it matches the inode number of 0. Because this index\n has been returned it is expected to have been filled, and because\n it hasn\u0027t been, an out of bounds access is performed.\n\nThis patch adds a sanity check which checks that the inode number\nis not zero when the inode is created and returns -EINVAL if it is.\n\n[phillip@squashfs.org.uk: whitespace fix]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26982",
"url": "https://www.suse.com/security/cve/CVE-2024-26982"
},
{
"category": "external",
"summary": "SUSE Bug 1223634 for CVE-2024-26982",
"url": "https://bugzilla.suse.com/1223634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26982"
},
{
"cve": "CVE-2024-26983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbootconfig: use memblock_free_late to free xbc memory to buddy\n\nOn the time to free xbc memory in xbc_exit(), memblock may has handed\nover memory to buddy allocator. So it doesn\u0027t make sense to free memory\nback to memblock. memblock_free() called by xbc_exit() even causes UAF bugs\non architectures with CONFIG_ARCH_KEEP_MEMBLOCK disabled like x86.\nFollowing KASAN logs shows this case.\n\nThis patch fixes the xbc memory free problem by calling memblock_free()\nin early xbc init error rewind path and calling memblock_free_late() in\nxbc exit path to free memory to buddy allocator.\n\n[ 9.410890] ==================================================================\n[ 9.418962] BUG: KASAN: use-after-free in memblock_isolate_range+0x12d/0x260\n[ 9.426850] Read of size 8 at addr ffff88845dd30000 by task swapper/0/1\n\n[ 9.435901] CPU: 9 PID: 1 Comm: swapper/0 Tainted: G U 6.9.0-rc3-00208-g586b5dfb51b9 #5\n[ 9.446403] Hardware name: Intel Corporation RPLP LP5 (CPU:RaptorLake)/RPLP LP5 (ID:13), BIOS IRPPN02.01.01.00.00.19.015.D-00000000 Dec 28 2023\n[ 9.460789] Call Trace:\n[ 9.463518] \u003cTASK\u003e\n[ 9.465859] dump_stack_lvl+0x53/0x70\n[ 9.469949] print_report+0xce/0x610\n[ 9.473944] ? __virt_addr_valid+0xf5/0x1b0\n[ 9.478619] ? memblock_isolate_range+0x12d/0x260\n[ 9.483877] kasan_report+0xc6/0x100\n[ 9.487870] ? memblock_isolate_range+0x12d/0x260\n[ 9.493125] memblock_isolate_range+0x12d/0x260\n[ 9.498187] memblock_phys_free+0xb4/0x160\n[ 9.502762] ? __pfx_memblock_phys_free+0x10/0x10\n[ 9.508021] ? mutex_unlock+0x7e/0xd0\n[ 9.512111] ? __pfx_mutex_unlock+0x10/0x10\n[ 9.516786] ? kernel_init_freeable+0x2d4/0x430\n[ 9.521850] ? __pfx_kernel_init+0x10/0x10\n[ 9.526426] xbc_exit+0x17/0x70\n[ 9.529935] kernel_init+0x38/0x1e0\n[ 9.533829] ? _raw_spin_unlock_irq+0xd/0x30\n[ 9.538601] ret_from_fork+0x2c/0x50\n[ 9.542596] ? __pfx_kernel_init+0x10/0x10\n[ 9.547170] ret_from_fork_asm+0x1a/0x30\n[ 9.551552] \u003c/TASK\u003e\n\n[ 9.555649] The buggy address belongs to the physical page:\n[ 9.561875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 pfn:0x45dd30\n[ 9.570821] flags: 0x200000000000000(node=0|zone=2)\n[ 9.576271] page_type: 0xffffffff()\n[ 9.580167] raw: 0200000000000000 ffffea0011774c48 ffffea0012ba1848 0000000000000000\n[ 9.588823] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000\n[ 9.597476] page dumped because: kasan: bad access detected\n\n[ 9.605362] Memory state around the buggy address:\n[ 9.610714] ffff88845dd2ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 9.618786] ffff88845dd2ff80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 9.626857] \u003effff88845dd30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.634930] ^\n[ 9.638534] ffff88845dd30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.646605] ffff88845dd30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff\n[ 9.654675] ==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26983",
"url": "https://www.suse.com/security/cve/CVE-2024-26983"
},
{
"category": "external",
"summary": "SUSE Bug 1223637 for CVE-2024-26983",
"url": "https://bugzilla.suse.com/1223637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26983"
},
{
"cve": "CVE-2024-26984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: fix instmem race condition around ptr stores\n\nRunning a lot of VK CTS in parallel against nouveau, once every\nfew hours you might see something like this crash.\n\nBUG: kernel NULL pointer dereference, address: 0000000000000008\nPGD 8000000114e6e067 P4D 8000000114e6e067 PUD 109046067 PMD 0\nOops: 0000 [#1] PREEMPT SMP PTI\nCPU: 7 PID: 53891 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\nHardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\nRIP: 0010:gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\nCode: c7 48 01 c8 49 89 45 58 85 d2 0f 84 95 00 00 00 41 0f b7 46 12 49 8b 7e 08 89 da 42 8d 2c f8 48 8b 47 08 41 83 c7 01 48 89 ee \u003c48\u003e 8b 40 08 ff d0 0f 1f 00 49 8b 7e 08 48 89 d9 48 8d 75 04 48 c1\nRSP: 0000:ffffac20c5857838 EFLAGS: 00010202\nRAX: 0000000000000000 RBX: 00000000004d8001 RCX: 0000000000000001\nRDX: 00000000004d8001 RSI: 00000000000006d8 RDI: ffffa07afe332180\nRBP: 00000000000006d8 R08: ffffac20c5857ad0 R09: 0000000000ffff10\nR10: 0000000000000001 R11: ffffa07af27e2de0 R12: 000000000000001c\nR13: ffffac20c5857ad0 R14: ffffa07a96fe9040 R15: 000000000000001c\nFS: 00007fe395eed7c0(0000) GS:ffffa07e2c980000(0000) knlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 0000000000000008 CR3: 000000011febe001 CR4: 00000000003706f0\nDR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\nDR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\nCall Trace:\n\n...\n\n ? gp100_vmm_pgt_mem+0xe3/0x180 [nouveau]\n ? gp100_vmm_pgt_mem+0x37/0x180 [nouveau]\n nvkm_vmm_iter+0x351/0xa20 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n ? __lock_acquire+0x3ed/0x2170\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_ptes_get_map+0xc2/0x100 [nouveau]\n ? __pfx_nvkm_vmm_ref_ptes+0x10/0x10 [nouveau]\n ? __pfx_gp100_vmm_pgt_mem+0x10/0x10 [nouveau]\n nvkm_vmm_map_locked+0x224/0x3a0 [nouveau]\n\nAdding any sort of useful debug usually makes it go away, so I hand\nwrote the function in a line, and debugged the asm.\n\nEvery so often pt-\u003ememory-\u003eptrs is NULL. This ptrs ptr is set in\nthe nv50_instobj_acquire called from nvkm_kmap.\n\nIf Thread A and Thread B both get to nv50_instobj_acquire around\nthe same time, and Thread A hits the refcount_set line, and in\nlockstep thread B succeeds at refcount_inc_not_zero, there is a\nchance the ptrs value won\u0027t have been stored since refcount_set\nis unordered. Force a memory barrier here, I picked smp_mb, since\nwe want it on all CPUs and it\u0027s write followed by a read.\n\nv2: use paired smp_rmb/smp_wmb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26984",
"url": "https://www.suse.com/security/cve/CVE-2024-26984"
},
{
"category": "external",
"summary": "SUSE Bug 1223633 for CVE-2024-26984",
"url": "https://bugzilla.suse.com/1223633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26984"
},
{
"cve": "CVE-2024-26986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix memory leak in create_process failure\n\nFix memory leak due to a leaked mmget reference on an error handling\ncode path that is triggered when attempting to create KFD processes\nwhile a GPU reset is in progress.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26986",
"url": "https://www.suse.com/security/cve/CVE-2024-26986"
},
{
"category": "external",
"summary": "SUSE Bug 1223728 for CVE-2024-26986",
"url": "https://bugzilla.suse.com/1223728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26986"
},
{
"cve": "CVE-2024-26988",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26988"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ninit/main.c: Fix potential static_command_line memory overflow\n\nWe allocate memory of size \u0027xlen + strlen(boot_command_line) + 1\u0027 for\nstatic_command_line, but the strings copied into static_command_line are\nextra_command_line and command_line, rather than extra_command_line and\nboot_command_line.\n\nWhen strlen(command_line) \u003e strlen(boot_command_line), static_command_line\nwill overflow.\n\nThis patch just recovers strlen(command_line) which was miss-consolidated\nwith strlen(boot_command_line) in the commit f5c7310ac73e (\"init/main: add\nchecks for the return value of memblock_alloc*()\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26988",
"url": "https://www.suse.com/security/cve/CVE-2024-26988"
},
{
"category": "external",
"summary": "SUSE Bug 1223747 for CVE-2024-26988",
"url": "https://bugzilla.suse.com/1223747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26988"
},
{
"cve": "CVE-2024-26989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: hibernate: Fix level3 translation fault in swsusp_save()\n\nOn arm64 machines, swsusp_save() faults if it attempts to access\nMEMBLOCK_NOMAP memory ranges. This can be reproduced in QEMU using UEFI\nwhen booting with rodata=off debug_pagealloc=off and CONFIG_KFENCE=n:\n\n Unable to handle kernel paging request at virtual address ffffff8000000000\n Mem abort info:\n ESR = 0x0000000096000007\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x07: level 3 translation fault\n Data abort info:\n ISV = 0, ISS = 0x00000007, ISS2 = 0x00000000\n CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n swapper pgtable: 4k pages, 39-bit VAs, pgdp=00000000eeb0b000\n [ffffff8000000000] pgd=180000217fff9803, p4d=180000217fff9803, pud=180000217fff9803, pmd=180000217fff8803, pte=0000000000000000\n Internal error: Oops: 0000000096000007 [#1] SMP\n Internal error: Oops: 0000000096000007 [#1] SMP\n Modules linked in: xt_multiport ipt_REJECT nf_reject_ipv4 xt_conntrack nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 libcrc32c iptable_filter bpfilter rfkill at803x snd_hda_codec_hdmi snd_hda_intel snd_intel_dspcfg dwmac_generic stmmac_platform snd_hda_codec stmmac joydev pcs_xpcs snd_hda_core phylink ppdev lp parport ramoops reed_solomon ip_tables x_tables nls_iso8859_1 vfat multipath linear amdgpu amdxcp drm_exec gpu_sched drm_buddy hid_generic usbhid hid radeon video drm_suballoc_helper drm_ttm_helper ttm i2c_algo_bit drm_display_helper cec drm_kms_helper drm\n CPU: 0 PID: 3663 Comm: systemd-sleep Not tainted 6.6.2+ #76\n Source Version: 4e22ed63a0a48e7a7cff9b98b7806d8d4add7dc0\n Hardware name: Greatwall GW-XXXXXX-XXX/GW-XXXXXX-XXX, BIOS KunLun BIOS V4.0 01/19/2021\n pstate: 600003c5 (nZCv DAIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : swsusp_save+0x280/0x538\n lr : swsusp_save+0x280/0x538\n sp : ffffffa034a3fa40\n x29: ffffffa034a3fa40 x28: ffffff8000001000 x27: 0000000000000000\n x26: ffffff8001400000 x25: ffffffc08113e248 x24: 0000000000000000\n x23: 0000000000080000 x22: ffffffc08113e280 x21: 00000000000c69f2\n x20: ffffff8000000000 x19: ffffffc081ae2500 x18: 0000000000000000\n x17: 6666662074736420 x16: 3030303030303030 x15: 3038666666666666\n x14: 0000000000000b69 x13: ffffff9f89088530 x12: 00000000ffffffea\n x11: 00000000ffff7fff x10: 00000000ffff7fff x9 : ffffffc08193f0d0\n x8 : 00000000000bffe8 x7 : c0000000ffff7fff x6 : 0000000000000001\n x5 : ffffffa0fff09dc8 x4 : 0000000000000000 x3 : 0000000000000027\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : 000000000000004e\n Call trace:\n swsusp_save+0x280/0x538\n swsusp_arch_suspend+0x148/0x190\n hibernation_snapshot+0x240/0x39c\n hibernate+0xc4/0x378\n state_store+0xf0/0x10c\n kobj_attr_store+0x14/0x24\n\nThe reason is swsusp_save() -\u003e copy_data_pages() -\u003e page_is_saveable()\n-\u003e kernel_page_present() assuming that a page is always present when\ncan_set_direct_map() is false (all of rodata_full,\ndebug_pagealloc_enabled() and arm64_kfence_can_set_direct_map() false),\nirrespective of the MEMBLOCK_NOMAP ranges. Such MEMBLOCK_NOMAP regions\nshould not be saved during hibernation.\n\nThis problem was introduced by changes to the pfn_valid() logic in\ncommit a7d9f306ba70 (\"arm64: drop pfn_valid_within() and simplify\npfn_valid()\").\n\nSimilar to other architectures, drop the !can_set_direct_map() check in\nkernel_page_present() so that page_is_savable() skips such pages.\n\n[catalin.marinas@arm.com: rework commit message]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26989",
"url": "https://www.suse.com/security/cve/CVE-2024-26989"
},
{
"category": "external",
"summary": "SUSE Bug 1223748 for CVE-2024-26989",
"url": "https://bugzilla.suse.com/1223748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26989"
},
{
"cve": "CVE-2024-26990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status\n\nCheck kvm_mmu_page_ad_need_write_protect() when deciding whether to\nwrite-protect or clear D-bits on TDP MMU SPTEs, so that the TDP MMU\naccounts for any role-specific reasons for disabling D-bit dirty logging.\n\nSpecifically, TDP MMU SPTEs must be write-protected when the TDP MMU is\nbeing used to run an L2 (i.e. L1 has disabled EPT) and PML is enabled.\nKVM always disables PML when running L2, even when L1 and L2 GPAs are in\nthe some domain, so failing to write-protect TDP MMU SPTEs will cause\nwrites made by L2 to not be reflected in the dirty log.\n\n[sean: massage shortlog and changelog, tweak ternary op formatting]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26990",
"url": "https://www.suse.com/security/cve/CVE-2024-26990"
},
{
"category": "external",
"summary": "SUSE Bug 1223749 for CVE-2024-26990",
"url": "https://bugzilla.suse.com/1223749"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26990"
},
{
"cve": "CVE-2024-26991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/mmu: x86: Don\u0027t overflow lpage_info when checking attributes\n\nFix KVM_SET_MEMORY_ATTRIBUTES to not overflow lpage_info array and trigger\nKASAN splat, as seen in the private_mem_conversions_test selftest.\n\nWhen memory attributes are set on a GFN range, that range will have\nspecific properties applied to the TDP. A huge page cannot be used when\nthe attributes are inconsistent, so they are disabled for those the\nspecific huge pages. For internal KVM reasons, huge pages are also not\nallowed to span adjacent memslots regardless of whether the backing memory\ncould be mapped as huge.\n\nWhat GFNs support which huge page sizes is tracked by an array of arrays\n\u0027lpage_info\u0027 on the memslot, of \u0027kvm_lpage_info\u0027 structs. Each index of\nlpage_info contains a vmalloc allocated array of these for a specific\nsupported page size. The kvm_lpage_info denotes whether a specific huge\npage (GFN and page size) on the memslot is supported. These arrays include\nindices for unaligned head and tail huge pages.\n\nPreventing huge pages from spanning adjacent memslot is covered by\nincrementing the count in head and tail kvm_lpage_info when the memslot is\nallocated, but disallowing huge pages for memory that has mixed attributes\nhas to be done in a more complicated way. During the\nKVM_SET_MEMORY_ATTRIBUTES ioctl KVM updates lpage_info for each memslot in\nthe range that has mismatched attributes. KVM does this a memslot at a\ntime, and marks a special bit, KVM_LPAGE_MIXED_FLAG, in the kvm_lpage_info\nfor any huge page. This bit is essentially a permanently elevated count.\nSo huge pages will not be mapped for the GFN at that page size if the\ncount is elevated in either case: a huge head or tail page unaligned to\nthe memslot or if KVM_LPAGE_MIXED_FLAG is set because it has mixed\nattributes.\n\nTo determine whether a huge page has consistent attributes, the\nKVM_SET_MEMORY_ATTRIBUTES operation checks an xarray to make sure it\nconsistently has the incoming attribute. Since level - 1 huge pages are\naligned to level huge pages, it employs an optimization. As long as the\nlevel - 1 huge pages are checked first, it can just check these and assume\nthat if each level - 1 huge page contained within the level sized huge\npage is not mixed, then the level size huge page is not mixed. This\noptimization happens in the helper hugepage_has_attrs().\n\nUnfortunately, although the kvm_lpage_info array representing page size\n\u0027level\u0027 will contain an entry for an unaligned tail page of size level,\nthe array for level - 1 will not contain an entry for each GFN at page\nsize level. The level - 1 array will only contain an index for any\nunaligned region covered by level - 1 huge page size, which can be a\nsmaller region. So this causes the optimization to overflow the level - 1\nkvm_lpage_info and perform a vmalloc out of bounds read.\n\nIn some cases of head and tail pages where an overflow could happen,\ncallers skip the operation completely as KVM_LPAGE_MIXED_FLAG is not\nrequired to prevent huge pages as discussed earlier. But for memslots that\nare smaller than the 1GB page size, it does call hugepage_has_attrs(). In\nthis case the huge page is both the head and tail page. The issue can be\nobserved simply by compiling the kernel with CONFIG_KASAN_VMALLOC and\nrunning the selftest \"private_mem_conversions_test\", which produces the\noutput like the following:\n\nBUG: KASAN: vmalloc-out-of-bounds in hugepage_has_attrs+0x7e/0x110\nRead of size 4 at addr ffffc900000a3008 by task private_mem_con/169\nCall Trace:\n dump_stack_lvl\n print_report\n ? __virt_addr_valid\n ? hugepage_has_attrs\n ? hugepage_has_attrs\n kasan_report\n ? hugepage_has_attrs\n hugepage_has_attrs\n kvm_arch_post_set_memory_attributes\n kvm_vm_ioctl\n\nIt is a little ambiguous whether the unaligned head page (in the bug case\nalso the tail page) should be expected to have KVM_LPAGE_MIXED_FLAG set.\nIt is not functionally required, as the unal\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26991",
"url": "https://www.suse.com/security/cve/CVE-2024-26991"
},
{
"category": "external",
"summary": "SUSE Bug 1223695 for CVE-2024-26991",
"url": "https://bugzilla.suse.com/1223695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26991"
},
{
"cve": "CVE-2024-26992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86/pmu: Disable support for adaptive PEBS\n\nDrop support for virtualizing adaptive PEBS, as KVM\u0027s implementation is\narchitecturally broken without an obvious/easy path forward, and because\nexposing adaptive PEBS can leak host LBRs to the guest, i.e. can leak\nhost kernel addresses to the guest.\n\nBug #1 is that KVM doesn\u0027t account for the upper 32 bits of\nIA32_FIXED_CTR_CTRL when (re)programming fixed counters, e.g\nfixed_ctrl_field() drops the upper bits, reprogram_fixed_counters()\nstores local variables as u8s and truncates the upper bits too, etc.\n\nBug #2 is that, because KVM _always_ sets precise_ip to a non-zero value\nfor PEBS events, perf will _always_ generate an adaptive record, even if\nthe guest requested a basic record. Note, KVM will also enable adaptive\nPEBS in individual *counter*, even if adaptive PEBS isn\u0027t exposed to the\nguest, but this is benign as MSR_PEBS_DATA_CFG is guaranteed to be zero,\ni.e. the guest will only ever see Basic records.\n\nBug #3 is in perf. intel_pmu_disable_fixed() doesn\u0027t clear the upper\nbits either, i.e. leaves ICL_FIXED_0_ADAPTIVE set, and\nintel_pmu_enable_fixed() effectively doesn\u0027t clear ICL_FIXED_0_ADAPTIVE\neither. I.e. perf _always_ enables ADAPTIVE counters, regardless of what\nKVM requests.\n\nBug #4 is that adaptive PEBS *might* effectively bypass event filters set\nby the host, as \"Updated Memory Access Info Group\" records information\nthat might be disallowed by userspace via KVM_SET_PMU_EVENT_FILTER.\n\nBug #5 is that KVM doesn\u0027t ensure LBR MSRs hold guest values (or at least\nzeros) when entering a vCPU with adaptive PEBS, which allows the guest\nto read host LBRs, i.e. host RIPs/addresses, by enabling \"LBR Entries\"\nrecords.\n\nDisable adaptive PEBS support as an immediate fix due to the severity of\nthe LBR leak in particular, and because fixing all of the bugs will be\nnon-trivial, e.g. not suitable for backporting to stable kernels.\n\nNote! This will break live migration, but trying to make KVM play nice\nwith live migration would be quite complicated, wouldn\u0027t be guaranteed to\nwork (i.e. KVM might still kill/confuse the guest), and it\u0027s not clear\nthat there are any publicly available VMMs that support adaptive PEBS,\nlet alone live migrate VMs that support adaptive PEBS, e.g. QEMU doesn\u0027t\nsupport PEBS in any capacity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26992",
"url": "https://www.suse.com/security/cve/CVE-2024-26992"
},
{
"category": "external",
"summary": "SUSE Bug 1223692 for CVE-2024-26992",
"url": "https://bugzilla.suse.com/1223692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26992"
},
{
"cve": "CVE-2024-26993",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26993"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs: sysfs: Fix reference leak in sysfs_break_active_protection()\n\nThe sysfs_break_active_protection() routine has an obvious reference\nleak in its error path. If the call to kernfs_find_and_get() fails then\nkn will be NULL, so the companion sysfs_unbreak_active_protection()\nroutine won\u0027t get called (and would only cause an access violation by\ntrying to dereference kn-\u003eparent if it was called). As a result, the\nreference to kobj acquired at the start of the function will never be\nreleased.\n\nFix the leak by adding an explicit kobject_put() call when kn is NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26993",
"url": "https://www.suse.com/security/cve/CVE-2024-26993"
},
{
"category": "external",
"summary": "SUSE Bug 1223693 for CVE-2024-26993",
"url": "https://bugzilla.suse.com/1223693"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26993"
},
{
"cve": "CVE-2024-26994",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26994"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspeakup: Avoid crash on very long word\n\nIn case a console is set up really large and contains a really long word\n(\u003e 256 characters), we have to stop before the length of the word buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26994",
"url": "https://www.suse.com/security/cve/CVE-2024-26994"
},
{
"category": "external",
"summary": "SUSE Bug 1223750 for CVE-2024-26994",
"url": "https://bugzilla.suse.com/1223750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26994"
},
{
"cve": "CVE-2024-26995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Correct the PDO counting in pd_set\n\nOff-by-one errors happen because nr_snk_pdo and nr_src_pdo are\nincorrectly added one. The index of the loop is equal to the number of\nPDOs to be updated when leaving the loop and it doesn\u0027t need to be added\none.\n\nWhen doing the power negotiation, TCPM relies on the \"nr_snk_pdo\" as\nthe size of the local sink PDO array to match the Source capabilities\nof the partner port. If the off-by-one overflow occurs, a wrong RDO\nmight be sent and unexpected power transfer might happen such as over\nvoltage or over current (than expected).\n\n\"nr_src_pdo\" is used to set the Rp level when the port is in Source\nrole. It is also the array size of the local Source capabilities when\nfilling up the buffer which will be sent as the Source PDOs (such as\nin Power Negotiation). If the off-by-one overflow occurs, a wrong Rp\nlevel might be set and wrong Source PDOs will be sent to the partner\nport. This could potentially cause over current or port resets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26995",
"url": "https://www.suse.com/security/cve/CVE-2024-26995"
},
{
"category": "external",
"summary": "SUSE Bug 1223696 for CVE-2024-26995",
"url": "https://bugzilla.suse.com/1223696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26995"
},
{
"cve": "CVE-2024-26996",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26996"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error\n\nWhen ncm function is working and then stop usb0 interface for link down,\neth_stop() is called. At this piont, accidentally if usb transport error\nshould happen in usb_ep_enable(), \u0027in_ep\u0027 and/or \u0027out_ep\u0027 may not be enabled.\n\nAfter that, ncm_disable() is called to disable for ncm unbind\nbut gether_disconnect() is never called since \u0027in_ep\u0027 is not enabled.\n\nAs the result, ncm object is released in ncm unbind\nbut \u0027dev-\u003eport_usb\u0027 associated to \u0027ncm-\u003eport\u0027 is not NULL.\n\nAnd when ncm bind again to recover netdev, ncm object is reallocated\nbut usb0 interface is already associated to previous released ncm object.\n\nTherefore, once usb0 interface is up and eth_start_xmit() is called,\nreleased ncm object is dereferrenced and it might cause use-after-free memory.\n\n[function unlink via configfs]\n usb0: eth_stop dev-\u003eport_usb=ffffff9b179c3200\n --\u003e error happens in usb_ep_enable().\n NCM: ncm_disable: ncm=ffffff9b179c3200\n --\u003e no gether_disconnect() since ncm-\u003eport.in_ep-\u003eenabled is false.\n NCM: ncm_unbind: ncm unbind ncm=ffffff9b179c3200\n NCM: ncm_free: ncm free ncm=ffffff9b179c3200 \u003c-- released ncm\n\n[function link via configfs]\n NCM: ncm_alloc: ncm alloc ncm=ffffff9ac4f8a000\n NCM: ncm_bind: ncm bind ncm=ffffff9ac4f8a000\n NCM: ncm_set_alt: ncm=ffffff9ac4f8a000 alt=0\n usb0: eth_open dev-\u003eport_usb=ffffff9b179c3200 \u003c-- previous released ncm\n usb0: eth_start dev-\u003eport_usb=ffffff9b179c3200 \u003c--\n eth_start_xmit()\n --\u003e dev-\u003ewrap()\n Unable to handle kernel paging request at virtual address dead00000000014f\n\nThis patch addresses the issue by checking if \u0027ncm-\u003enetdev\u0027 is not NULL at\nncm_disable() to call gether_disconnect() to deassociate \u0027dev-\u003eport_usb\u0027.\nIt\u0027s more reasonable to check \u0027ncm-\u003enetdev\u0027 to call gether_connect/disconnect\nrather than check \u0027ncm-\u003eport.in_ep-\u003eenabled\u0027 since it might not be enabled\nbut the gether connection might be established.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26996",
"url": "https://www.suse.com/security/cve/CVE-2024-26996"
},
{
"category": "external",
"summary": "SUSE Bug 1223752 for CVE-2024-26996",
"url": "https://bugzilla.suse.com/1223752"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26996"
},
{
"cve": "CVE-2024-26997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: dwc2: host: Fix dereference issue in DDMA completion flow.\n\nFixed variable dereference issue in DDMA completion flow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26997",
"url": "https://www.suse.com/security/cve/CVE-2024-26997"
},
{
"category": "external",
"summary": "SUSE Bug 1223741 for CVE-2024-26997",
"url": "https://bugzilla.suse.com/1223741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26997"
},
{
"cve": "CVE-2024-26999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-26999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial/pmac_zilog: Remove flawed mitigation for rx irq flood\n\nThe mitigation was intended to stop the irq completely. That may be\nbetter than a hard lock-up but it turns out that you get a crash anyway\nif you\u0027re using pmac_zilog as a serial console:\n\nttyPZ0: pmz: rx irq flood !\nBUG: spinlock recursion on CPU#0, swapper/0\n\nThat\u0027s because the pr_err() call in pmz_receive_chars() results in\npmz_console_write() attempting to lock a spinlock already locked in\npmz_interrupt(). With CONFIG_DEBUG_SPINLOCK=y, this produces a fatal\nBUG splat. The spinlock in question is the one in struct uart_port.\n\nEven when it\u0027s not fatal, the serial port rx function ceases to work.\nAlso, the iteration limit doesn\u0027t play nicely with QEMU, as can be\nseen in the bug report linked below.\n\nA web search for other reports of the error message \"pmz: rx irq flood\"\ndidn\u0027t produce anything. So I don\u0027t think this code is needed any more.\nRemove it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-26999",
"url": "https://www.suse.com/security/cve/CVE-2024-26999"
},
{
"category": "external",
"summary": "SUSE Bug 1223754 for CVE-2024-26999",
"url": "https://bugzilla.suse.com/1223754"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-26999"
},
{
"cve": "CVE-2024-27000",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27000"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: mxs-auart: add spinlock around changing cts state\n\nThe uart_handle_cts_change() function in serial_core expects the caller\nto hold uport-\u003elock. For example, I have seen the below kernel splat,\nwhen the Bluetooth driver is loaded on an i.MX28 board.\n\n [ 85.119255] ------------[ cut here ]------------\n [ 85.124413] WARNING: CPU: 0 PID: 27 at /drivers/tty/serial/serial_core.c:3453 uart_handle_cts_change+0xb4/0xec\n [ 85.134694] Modules linked in: hci_uart bluetooth ecdh_generic ecc wlcore_sdio configfs\n [ 85.143314] CPU: 0 PID: 27 Comm: kworker/u3:0 Not tainted 6.6.3-00021-gd62a2f068f92 #1\n [ 85.151396] Hardware name: Freescale MXS (Device Tree)\n [ 85.156679] Workqueue: hci0 hci_power_on [bluetooth]\n (...)\n [ 85.191765] uart_handle_cts_change from mxs_auart_irq_handle+0x380/0x3f4\n [ 85.198787] mxs_auart_irq_handle from __handle_irq_event_percpu+0x88/0x210\n (...)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27000",
"url": "https://www.suse.com/security/cve/CVE-2024-27000"
},
{
"category": "external",
"summary": "SUSE Bug 1223757 for CVE-2024-27000",
"url": "https://bugzilla.suse.com/1223757"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27000"
},
{
"cve": "CVE-2024-27001",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27001"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncomedi: vmk80xx: fix incomplete endpoint checking\n\nWhile vmk80xx does have endpoint checking implemented, some things\ncan fall through the cracks. Depending on the hardware model,\nURBs can have either bulk or interrupt type, and current version\nof vmk80xx_find_usb_endpoints() function does not take that fully\ninto account. While this warning does not seem to be too harmful,\nat the very least it will crash systems with \u0027panic_on_warn\u0027 set on\nthem.\n\nFix the issue found by Syzkaller [1] by somewhat simplifying the\nendpoint checking process with usb_find_common_endpoints() and\nensuring that only expected endpoint types are present.\n\nThis patch has not been tested on real hardware.\n\n[1] Syzkaller report:\nusb 1-1: BOGUS urb xfer, pipe 1 != type 3\nWARNING: CPU: 0 PID: 781 at drivers/usb/core/urb.c:504 usb_submit_urb+0xc4e/0x18c0 drivers/usb/core/urb.c:503\n...\nCall Trace:\n \u003cTASK\u003e\n usb_start_wait_urb+0x113/0x520 drivers/usb/core/message.c:59\n vmk80xx_reset_device drivers/comedi/drivers/vmk80xx.c:227 [inline]\n vmk80xx_auto_attach+0xa1c/0x1a40 drivers/comedi/drivers/vmk80xx.c:818\n comedi_auto_config+0x238/0x380 drivers/comedi/drivers.c:1067\n usb_probe_interface+0x5cd/0xb00 drivers/usb/core/driver.c:399\n...\n\nSimilar issue also found by Syzkaller:",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27001",
"url": "https://www.suse.com/security/cve/CVE-2024-27001"
},
{
"category": "external",
"summary": "SUSE Bug 1223698 for CVE-2024-27001",
"url": "https://bugzilla.suse.com/1223698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27001"
},
{
"cve": "CVE-2024-27002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: mediatek: Do a runtime PM get on controllers during probe\n\nmt8183-mfgcfg has a mutual dependency with genpd during the probing\nstage, which leads to a deadlock in the following call stack:\n\nCPU0: genpd_lock --\u003e clk_prepare_lock\ngenpd_power_off_work_fn()\n genpd_lock()\n generic_pm_domain::power_off()\n clk_unprepare()\n clk_prepare_lock()\n\nCPU1: clk_prepare_lock --\u003e genpd_lock\nclk_register()\n __clk_core_init()\n clk_prepare_lock()\n clk_pm_runtime_get()\n genpd_lock()\n\nDo a runtime PM get at the probe function to make sure clk_register()\nwon\u0027t acquire the genpd lock. Instead of only modifying mt8183-mfgcfg,\ndo this on all mediatek clock controller probings because we don\u0027t\nbelieve this would cause any regression.\n\nVerified on MT8183 and MT8192 Chromebooks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27002",
"url": "https://www.suse.com/security/cve/CVE-2024-27002"
},
{
"category": "external",
"summary": "SUSE Bug 1223759 for CVE-2024-27002",
"url": "https://bugzilla.suse.com/1223759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27002"
},
{
"cve": "CVE-2024-27003",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27003"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Get runtime PM before walking tree for clk_summary\n\nSimilar to the previous commit, we should make sure that all devices are\nruntime resumed before printing the clk_summary through debugfs. Failure\nto do so would result in a deadlock if the thread is resuming a device\nto print clk state and that device is also runtime resuming in another\nthread, e.g the screen is turning on and the display driver is starting\nup. We remove the calls to clk_pm_runtime_{get,put}() in this path\nbecause they\u0027re superfluous now that we know the devices are runtime\nresumed. This also squashes a bug where the return value of\nclk_pm_runtime_get() wasn\u0027t checked, leading to an RPM count underflow\non error paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27003",
"url": "https://www.suse.com/security/cve/CVE-2024-27003"
},
{
"category": "external",
"summary": "SUSE Bug 1223761 for CVE-2024-27003",
"url": "https://bugzilla.suse.com/1223761"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27003"
},
{
"cve": "CVE-2024-27004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: Get runtime PM before walking tree during disable_unused\n\nDoug reported [1] the following hung task:\n\n INFO: task swapper/0:1 blocked for more than 122 seconds.\n Not tainted 5.15.149-21875-gf795ebc40eb8 #1\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:swapper/0 state:D stack: 0 pid: 1 ppid: 0 flags:0x00000008\n Call trace:\n __switch_to+0xf4/0x1f4\n __schedule+0x418/0xb80\n schedule+0x5c/0x10c\n rpm_resume+0xe0/0x52c\n rpm_resume+0x178/0x52c\n __pm_runtime_resume+0x58/0x98\n clk_pm_runtime_get+0x30/0xb0\n clk_disable_unused_subtree+0x58/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused_subtree+0x38/0x208\n clk_disable_unused+0x4c/0xe4\n do_one_initcall+0xcc/0x2d8\n do_initcall_level+0xa4/0x148\n do_initcalls+0x5c/0x9c\n do_basic_setup+0x24/0x30\n kernel_init_freeable+0xec/0x164\n kernel_init+0x28/0x120\n ret_from_fork+0x10/0x20\n INFO: task kworker/u16:0:9 blocked for more than 122 seconds.\n Not tainted 5.15.149-21875-gf795ebc40eb8 #1\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u16:0 state:D stack: 0 pid: 9 ppid: 2 flags:0x00000008\n Workqueue: events_unbound deferred_probe_work_func\n Call trace:\n __switch_to+0xf4/0x1f4\n __schedule+0x418/0xb80\n schedule+0x5c/0x10c\n schedule_preempt_disabled+0x2c/0x48\n __mutex_lock+0x238/0x488\n __mutex_lock_slowpath+0x1c/0x28\n mutex_lock+0x50/0x74\n clk_prepare_lock+0x7c/0x9c\n clk_core_prepare_lock+0x20/0x44\n clk_prepare+0x24/0x30\n clk_bulk_prepare+0x40/0xb0\n mdss_runtime_resume+0x54/0x1c8\n pm_generic_runtime_resume+0x30/0x44\n __genpd_runtime_resume+0x68/0x7c\n genpd_runtime_resume+0x108/0x1f4\n __rpm_callback+0x84/0x144\n rpm_callback+0x30/0x88\n rpm_resume+0x1f4/0x52c\n rpm_resume+0x178/0x52c\n __pm_runtime_resume+0x58/0x98\n __device_attach+0xe0/0x170\n device_initial_probe+0x1c/0x28\n bus_probe_device+0x3c/0x9c\n device_add+0x644/0x814\n mipi_dsi_device_register_full+0xe4/0x170\n devm_mipi_dsi_device_register_full+0x28/0x70\n ti_sn_bridge_probe+0x1dc/0x2c0\n auxiliary_bus_probe+0x4c/0x94\n really_probe+0xcc/0x2c8\n __driver_probe_device+0xa8/0x130\n driver_probe_device+0x48/0x110\n __device_attach_driver+0xa4/0xcc\n bus_for_each_drv+0x8c/0xd8\n __device_attach+0xf8/0x170\n device_initial_probe+0x1c/0x28\n bus_probe_device+0x3c/0x9c\n deferred_probe_work_func+0x9c/0xd8\n process_one_work+0x148/0x518\n worker_thread+0x138/0x350\n kthread+0x138/0x1e0\n ret_from_fork+0x10/0x20\n\nThe first thread is walking the clk tree and calling\nclk_pm_runtime_get() to power on devices required to read the clk\nhardware via struct clk_ops::is_enabled(). This thread holds the clk\nprepare_lock, and is trying to runtime PM resume a device, when it finds\nthat the device is in the process of resuming so the thread schedule()s\naway waiting for the device to finish resuming before continuing. The\nsecond thread is runtime PM resuming the same device, but the runtime\nresume callback is calling clk_prepare(), trying to grab the\nprepare_lock waiting on the first thread.\n\nThis is a classic ABBA deadlock. To properly fix the deadlock, we must\nnever runtime PM resume or suspend a device with the clk prepare_lock\nheld. Actually doing that is near impossible today because the global\nprepare_lock would have to be dropped in the middle of the tree, the\ndevice runtime PM resumed/suspended, and then the prepare_lock grabbed\nagain to ensure consistency of the clk tree topology. If anything\nchanges with the clk tree in the meantime, we\u0027ve lost and will need to\nstart the operation all over again.\n\nLuckily, most of the time we\u0027re simply incrementing or decrementing the\nruntime PM count on an active device, so we don\u0027t have the chance to\nschedule away with the prepare_lock held. Let\u0027s fix this immediate\nproblem that can be\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27004",
"url": "https://www.suse.com/security/cve/CVE-2024-27004"
},
{
"category": "external",
"summary": "SUSE Bug 1223762 for CVE-2024-27004",
"url": "https://bugzilla.suse.com/1223762"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27004"
},
{
"cve": "CVE-2024-27008",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27008"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: nv04: Fix out of bounds access\n\nWhen Output Resource (dcb-\u003eor) value is assigned in\nfabricate_dcb_output(), there may be out of bounds access to\ndac_users array in case dcb-\u003eor is zero because ffs(dcb-\u003eor) is\nused as index there.\nThe \u0027or\u0027 argument of fabricate_dcb_output() must be interpreted as a\nnumber of bit to set, not value.\n\nUtilize macros from \u0027enum nouveau_or\u0027 in calls instead of hardcoding.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27008",
"url": "https://www.suse.com/security/cve/CVE-2024-27008"
},
{
"category": "external",
"summary": "SUSE Bug 1223802 for CVE-2024-27008",
"url": "https://bugzilla.suse.com/1223802"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27008"
},
{
"cve": "CVE-2024-27013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntun: limit printing rate when illegal packet received by tun dev\n\nvhost_worker will call tun call backs to receive packets. If too many\nillegal packets arrives, tun_do_read will keep dumping packet contents.\nWhen console is enabled, it will costs much more cpu time to dump\npacket and soft lockup will be detected.\n\nnet_ratelimit mechanism can be used to limit the dumping rate.\n\nPID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: \"vhost-32980\"\n #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253\n #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3\n #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e\n #3 [fffffe00003fced0] do_nmi at ffffffff8922660d\n #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663\n [exception RIP: io_serial_in+20]\n RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002\n RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000\n RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff8af428a0\n RBP: 0000000000002710 R8: 0000000000000004 R9: 000000000000000f\n R10: 0000000000000000 R11: ffffffff8acbf64f R12: 0000000000000020\n R13: ffffffff8acbf698 R14: 0000000000000058 R15: 0000000000000000\n ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018\n #5 [ffffa655314979e8] io_serial_in at ffffffff89792594\n #6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470\n #7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6\n #8 [ffffa65531497a20] uart_console_write at ffffffff8978b605\n #9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558\n #10 [ffffa65531497ac8] console_unlock at ffffffff89316124\n #11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07\n #12 [ffffa65531497b68] printk at ffffffff89318306\n #13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765\n #14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]\n #15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]\n #16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]\n #17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]\n #18 [ffffa65531497f10] kthread at ffffffff892d2e72\n #19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27013",
"url": "https://www.suse.com/security/cve/CVE-2024-27013"
},
{
"category": "external",
"summary": "SUSE Bug 1223745 for CVE-2024-27013",
"url": "https://bugzilla.suse.com/1223745"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27013"
},
{
"cve": "CVE-2024-27014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Prevent deadlock while disabling aRFS\n\nWhen disabling aRFS under the `priv-\u003estate_lock`, any scheduled\naRFS works are canceled using the `cancel_work_sync` function,\nwhich waits for the work to end if it has already started.\nHowever, while waiting for the work handler, the handler will\ntry to acquire the `state_lock` which is already acquired.\n\nThe worker acquires the lock to delete the rules if the state\nis down, which is not the worker\u0027s responsibility since\ndisabling aRFS deletes the rules.\n\nAdd an aRFS state variable, which indicates whether the aRFS is\nenabled and prevent adding rules when the aRFS is disabled.\n\nKernel log:\n\n======================================================\nWARNING: possible circular locking dependency detected\n6.7.0-rc4_net_next_mlx5_5483eb2 #1 Tainted: G I\n------------------------------------------------------\nethtool/386089 is trying to acquire lock:\nffff88810f21ce68 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}, at: __flush_work+0x74/0x4e0\n\nbut task is already holding lock:\nffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nwhich lock already depends on the new lock.\n\nthe existing dependency chain (in reverse order) is:\n\n-\u003e #1 (\u0026priv-\u003estate_lock){+.+.}-{3:3}:\n __mutex_lock+0x80/0xc90\n arfs_handle_work+0x4b/0x3b0 [mlx5_core]\n process_one_work+0x1dc/0x4a0\n worker_thread+0x1bf/0x3c0\n kthread+0xd7/0x100\n ret_from_fork+0x2d/0x50\n ret_from_fork_asm+0x11/0x20\n\n-\u003e #0 ((work_completion)(\u0026rule-\u003earfs_work)){+.+.}-{0:0}:\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n __flush_work+0x7a/0x4e0\n __cancel_work_timer+0x131/0x1c0\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n netlink_rcv_skb+0x54/0x100\n genl_rcv+0x24/0x40\n netlink_unicast+0x1a1/0x270\n netlink_sendmsg+0x214/0x460\n __sock_sendmsg+0x38/0x60\n __sys_sendto+0x113/0x170\n __x64_sys_sendto+0x20/0x30\n do_syscall_64+0x40/0xe0\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n\nother info that might help us debug this:\n\n Possible unsafe locking scenario:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n lock(\u0026priv-\u003estate_lock);\n lock((work_completion)(\u0026rule-\u003earfs_work));\n\n *** DEADLOCK ***\n\n3 locks held by ethtool/386089:\n #0: ffffffff82ea7210 (cb_lock){++++}-{3:3}, at: genl_rcv+0x15/0x40\n #1: ffffffff82e94c88 (rtnl_mutex){+.+.}-{3:3}, at: ethnl_default_set_doit+0xd3/0x240\n #2: ffff8884a1808cc0 (\u0026priv-\u003estate_lock){+.+.}-{3:3}, at: mlx5e_ethtool_set_channels+0x53/0x200 [mlx5_core]\n\nstack backtrace:\nCPU: 15 PID: 386089 Comm: ethtool Tainted: G I 6.7.0-rc4_net_next_mlx5_5483eb2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x60/0xa0\n check_noncircular+0x144/0x160\n __lock_acquire+0x17b4/0x2c80\n lock_acquire+0xd0/0x2b0\n ? __flush_work+0x74/0x4e0\n ? save_trace+0x3e/0x360\n ? __flush_work+0x74/0x4e0\n __flush_work+0x7a/0x4e0\n ? __flush_work+0x74/0x4e0\n ? __lock_acquire+0xa78/0x2c80\n ? lock_acquire+0xd0/0x2b0\n ? mark_held_locks+0x49/0x70\n __cancel_work_timer+0x131/0x1c0\n ? mark_held_locks+0x49/0x70\n arfs_del_rules+0x143/0x1e0 [mlx5_core]\n mlx5e_arfs_disable+0x1b/0x30 [mlx5_core]\n mlx5e_ethtool_set_channels+0xcb/0x200 [mlx5_core]\n ethnl_set_channels+0x28f/0x3b0\n ethnl_default_set_doit+0xec/0x240\n genl_family_rcv_msg_doit+0xd0/0x120\n genl_rcv_msg+0x188/0x2c0\n ? ethn\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27014",
"url": "https://www.suse.com/security/cve/CVE-2024-27014"
},
{
"category": "external",
"summary": "SUSE Bug 1223735 for CVE-2024-27014",
"url": "https://bugzilla.suse.com/1223735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27014"
},
{
"cve": "CVE-2024-27022",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27022"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfork: defer linking file vma until vma is fully initialized\n\nThorvald reported a WARNING [1]. And the root cause is below race:\n\n CPU 1\t\t\t\t\tCPU 2\n fork\t\t\t\t\thugetlbfs_fallocate\n dup_mmap\t\t\t\t hugetlbfs_punch_hole\n i_mmap_lock_write(mapping);\n vma_interval_tree_insert_after -- Child vma is visible through i_mmap tree.\n i_mmap_unlock_write(mapping);\n hugetlb_dup_vma_private -- Clear vma_lock outside i_mmap_rwsem!\n\t\t\t\t\t i_mmap_lock_write(mapping);\n \t\t\t\t\t hugetlb_vmdelete_list\n\t\t\t\t\t vma_interval_tree_foreach\n\t\t\t\t\t hugetlb_vma_trylock_write -- Vma_lock is cleared.\n tmp-\u003evm_ops-\u003eopen -- Alloc new vma_lock outside i_mmap_rwsem!\n\t\t\t\t\t hugetlb_vma_unlock_write -- Vma_lock is assigned!!!\n\t\t\t\t\t i_mmap_unlock_write(mapping);\n\nhugetlb_dup_vma_private() and hugetlb_vm_op_open() are called outside\ni_mmap_rwsem lock while vma lock can be used in the same time. Fix this\nby deferring linking file vma until vma is fully initialized. Those vmas\nshould be initialized first before they can be used.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27022",
"url": "https://www.suse.com/security/cve/CVE-2024-27022"
},
{
"category": "external",
"summary": "SUSE Bug 1223774 for CVE-2024-27022",
"url": "https://bugzilla.suse.com/1223774"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27022"
},
{
"cve": "CVE-2024-27027",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27027"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix dpll_xa_ref_*_del() for multiple registrations\n\nCurrently, if there are multiple registrations of the same pin on the\nsame dpll device, following warnings are observed:\nWARNING: CPU: 5 PID: 2212 at drivers/dpll/dpll_core.c:143 dpll_xa_ref_pin_del.isra.0+0x21e/0x230\nWARNING: CPU: 5 PID: 2212 at drivers/dpll/dpll_core.c:223 __dpll_pin_unregister+0x2b3/0x2c0\n\nThe problem is, that in both dpll_xa_ref_dpll_del() and\ndpll_xa_ref_pin_del() registration is only removed from list in case the\nreference count drops to zero. That is wrong, the registration has to\nbe removed always.\n\nTo fix this, remove the registration from the list and free\nit unconditionally, instead of doing it only when the ref reference\ncounter reaches zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27027",
"url": "https://www.suse.com/security/cve/CVE-2024-27027"
},
{
"category": "external",
"summary": "SUSE Bug 1223787 for CVE-2024-27027",
"url": "https://bugzilla.suse.com/1223787"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27027"
},
{
"cve": "CVE-2024-27028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: spi-mt65xx: Fix NULL pointer access in interrupt handler\n\nThe TX buffer in spi_transfer can be a NULL pointer, so the interrupt\nhandler may end up writing to the invalid memory and cause crashes.\n\nAdd a check to trans-\u003etx_buf before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27028",
"url": "https://www.suse.com/security/cve/CVE-2024-27028"
},
{
"category": "external",
"summary": "SUSE Bug 1223788 for CVE-2024-27028",
"url": "https://bugzilla.suse.com/1223788"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27028"
},
{
"cve": "CVE-2024-27029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix mmhub client id out-of-bounds access\n\nProperly handle cid 0x140.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27029",
"url": "https://www.suse.com/security/cve/CVE-2024-27029"
},
{
"category": "external",
"summary": "SUSE Bug 1223789 for CVE-2024-27029",
"url": "https://bugzilla.suse.com/1223789"
},
{
"category": "external",
"summary": "SUSE Bug 1226184 for CVE-2024-27029",
"url": "https://bugzilla.suse.com/1226184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-27029"
},
{
"cve": "CVE-2024-27030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Use separate handlers for interrupts\n\nFor PF to AF interrupt vector and VF to AF vector same\ninterrupt handler is registered which is causing race condition.\nWhen two interrupts are raised to two CPUs at same time\nthen two cores serve same event corrupting the data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27030",
"url": "https://www.suse.com/security/cve/CVE-2024-27030"
},
{
"category": "external",
"summary": "SUSE Bug 1223790 for CVE-2024-27030",
"url": "https://bugzilla.suse.com/1223790"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27030"
},
{
"cve": "CVE-2024-27031",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27031"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt\n\nThe loop inside nfs_netfs_issue_read() currently does not disable\ninterrupts while iterating through pages in the xarray to submit\nfor NFS read. This is not safe though since after taking xa_lock,\nanother page in the mapping could be processed for writeback inside\nan interrupt, and deadlock can occur. The fix is simple and clean\nif we use xa_for_each_range(), which handles the iteration with RCU\nwhile reducing code complexity.\n\nThe problem is easily reproduced with the following test:\n mount -o vers=3,fsc 127.0.0.1:/export /mnt/nfs\n dd if=/dev/zero of=/mnt/nfs/file1.bin bs=4096 count=1\n echo 3 \u003e /proc/sys/vm/drop_caches\n dd if=/mnt/nfs/file1.bin of=/dev/null\n umount /mnt/nfs\n\nOn the console with a lockdep-enabled kernel a message similar to\nthe following will be seen:\n\n ================================\n WARNING: inconsistent lock state\n 6.7.0-lockdbg+ #10 Not tainted\n --------------------------------\n inconsistent {IN-SOFTIRQ-W} -\u003e {SOFTIRQ-ON-W} usage.\n test5/1708 [HC0[0]:SC0[0]:HE1:SE1] takes:\n ffff888127baa598 (\u0026xa-\u003exa_lock#4){+.?.}-{3:3}, at:\nnfs_netfs_issue_read+0x1b2/0x4b0 [nfs]\n {IN-SOFTIRQ-W} state was registered at:\n lock_acquire+0x144/0x380\n _raw_spin_lock_irqsave+0x4e/0xa0\n __folio_end_writeback+0x17e/0x5c0\n folio_end_writeback+0x93/0x1b0\n iomap_finish_ioend+0xeb/0x6a0\n blk_update_request+0x204/0x7f0\n blk_mq_end_request+0x30/0x1c0\n blk_complete_reqs+0x7e/0xa0\n __do_softirq+0x113/0x544\n __irq_exit_rcu+0xfe/0x120\n irq_exit_rcu+0xe/0x20\n sysvec_call_function_single+0x6f/0x90\n asm_sysvec_call_function_single+0x1a/0x20\n pv_native_safe_halt+0xf/0x20\n default_idle+0x9/0x20\n default_idle_call+0x67/0xa0\n do_idle+0x2b5/0x300\n cpu_startup_entry+0x34/0x40\n start_secondary+0x19d/0x1c0\n secondary_startup_64_no_verify+0x18f/0x19b\n irq event stamp: 176891\n hardirqs last enabled at (176891): [\u003cffffffffa67a0be4\u003e]\n_raw_spin_unlock_irqrestore+0x44/0x60\n hardirqs last disabled at (176890): [\u003cffffffffa67a0899\u003e]\n_raw_spin_lock_irqsave+0x79/0xa0\n softirqs last enabled at (176646): [\u003cffffffffa515d91e\u003e]\n__irq_exit_rcu+0xfe/0x120\n softirqs last disabled at (176633): [\u003cffffffffa515d91e\u003e]\n__irq_exit_rcu+0xfe/0x120\n\n other info that might help us debug this:\n Possible unsafe locking scenario:\n\n CPU0\n ----\n lock(\u0026xa-\u003exa_lock#4);\n \u003cInterrupt\u003e\n lock(\u0026xa-\u003exa_lock#4);\n\n *** DEADLOCK ***\n\n 2 locks held by test5/1708:\n #0: ffff888127baa498 (\u0026sb-\u003es_type-\u003ei_mutex_key#22){++++}-{4:4}, at:\n nfs_start_io_read+0x28/0x90 [nfs]\n #1: ffff888127baa650 (mapping.invalidate_lock#3){.+.+}-{4:4}, at:\n page_cache_ra_unbounded+0xa4/0x280\n\n stack backtrace:\n CPU: 6 PID: 1708 Comm: test5 Kdump: loaded Not tainted 6.7.0-lockdbg+\n Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39\n04/01/2014\n Call Trace:\n dump_stack_lvl+0x5b/0x90\n mark_lock+0xb3f/0xd20\n __lock_acquire+0x77b/0x3360\n _raw_spin_lock+0x34/0x80\n nfs_netfs_issue_read+0x1b2/0x4b0 [nfs]\n netfs_begin_read+0x77f/0x980 [netfs]\n nfs_netfs_readahead+0x45/0x60 [nfs]\n nfs_readahead+0x323/0x5a0 [nfs]\n read_pages+0xf3/0x5c0\n page_cache_ra_unbounded+0x1c8/0x280\n filemap_get_pages+0x38c/0xae0\n filemap_read+0x206/0x5e0\n nfs_file_read+0xb7/0x140 [nfs]\n vfs_read+0x2a9/0x460\n ksys_read+0xb7/0x140",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27031",
"url": "https://www.suse.com/security/cve/CVE-2024-27031"
},
{
"category": "external",
"summary": "SUSE Bug 1223805 for CVE-2024-27031",
"url": "https://bugzilla.suse.com/1223805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27031"
},
{
"cve": "CVE-2024-27036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: Fix writeback data corruption\n\ncifs writeback doesn\u0027t correctly handle the case where\ncifs_extend_writeback() hits a point where it is considering an additional\nfolio, but this would overrun the wsize - at which point it drops out of\nthe xarray scanning loop and calls xas_pause(). The problem is that\nxas_pause() advances the loop counter - thereby skipping that page.\n\nWhat needs to happen is for xas_reset() to be called any time we decide we\ndon\u0027t want to process the page we\u0027re looking at, but rather send the\nrequest we are building and start a new one.\n\nFix this by copying and adapting the netfslib writepages code as a\ntemporary measure, with cifs writeback intending to be offloaded to\nnetfslib in the near future.\n\nThis also fixes the issue with the use of filemap_get_folios_tag() causing\nretry of a bunch of pages which the extender already dealt with.\n\nThis can be tested by creating, say, a 64K file somewhere not on cifs\n(otherwise copy-offload may get underfoot), mounting a cifs share with a\nwsize of 64000, copying the file to it and then comparing the original file\nand the copy:\n\n dd if=/dev/urandom of=/tmp/64K bs=64k count=1\n mount //192.168.6.1/test /mnt -o user=...,pass=...,wsize=64000\n cp /tmp/64K /mnt/64K\n cmp /tmp/64K /mnt/64K\n\nWithout the fix, the cmp fails at position 64000 (or shortly thereafter).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27036",
"url": "https://www.suse.com/security/cve/CVE-2024-27036"
},
{
"category": "external",
"summary": "SUSE Bug 1223810 for CVE-2024-27036",
"url": "https://bugzilla.suse.com/1223810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27036"
},
{
"cve": "CVE-2024-27046",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27046"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfp: flower: handle acti_netdevs allocation failure\n\nThe kmalloc_array() in nfp_fl_lag_do_work() will return null, if\nthe physical memory has run out. As a result, if we dereference\nthe acti_netdevs, the null pointer dereference bugs will happen.\n\nThis patch adds a check to judge whether allocation failure occurs.\nIf it happens, the delayed work will be rescheduled and try again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27046",
"url": "https://www.suse.com/security/cve/CVE-2024-27046"
},
{
"category": "external",
"summary": "SUSE Bug 1223827 for CVE-2024-27046",
"url": "https://bugzilla.suse.com/1223827"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27046"
},
{
"cve": "CVE-2024-27056",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27056"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: ensure offloading TID queue exists\n\nThe resume code path assumes that the TX queue for the offloading TID\nhas been configured. At resume time it then tries to sync the write\npointer as it may have been updated by the firmware.\n\nIn the unusual event that no packets have been send on TID 0, the queue\nwill not have been allocated and this causes a crash. Fix this by\nensuring the queue exist at suspend time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27056",
"url": "https://www.suse.com/security/cve/CVE-2024-27056"
},
{
"category": "external",
"summary": "SUSE Bug 1223822 for CVE-2024-27056",
"url": "https://bugzilla.suse.com/1223822"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27056"
},
{
"cve": "CVE-2024-27057",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27057"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend\n\nWhen the system is suspended while audio is active, the\nsof_ipc4_pcm_hw_free() is invoked to reset the pipelines since during\nsuspend the DSP is turned off, streams will be re-started after resume.\n\nIf the firmware crashes during while audio is running (or when we reset\nthe stream before suspend) then the sof_ipc4_set_multi_pipeline_state()\nwill fail with IPC error and the state change is interrupted.\nThis will cause misalignment between the kernel and firmware state on next\nDSP boot resulting errors returned by firmware for IPC messages, eventually\nfailing the audio resume.\nOn stream close the errors are ignored so the kernel state will be\ncorrected on the next DSP boot, so the second boot after the DSP panic.\n\nIf sof_ipc4_trigger_pipelines() is called from sof_ipc4_pcm_hw_free() then\nstate parameter is SOF_IPC4_PIPE_RESET and only in this case.\n\nTreat a forced pipeline reset similarly to how we treat a pcm_free by\nignoring error on state sending to allow the kernel\u0027s state to be\nconsistent with the state the firmware will have after the next boot.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27057",
"url": "https://www.suse.com/security/cve/CVE-2024-27057"
},
{
"category": "external",
"summary": "SUSE Bug 1223831 for CVE-2024-27057",
"url": "https://bugzilla.suse.com/1223831"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27057"
},
{
"cve": "CVE-2024-27062",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27062"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau: lock the client object tree.\n\nIt appears the client object tree has no locking unless I\u0027ve missed\nsomething else. Fix races around adding/removing client objects,\nmostly vram bar mappings.\n\n 4562.099306] general protection fault, probably for non-canonical address 0x6677ed422bceb80c: 0000 [#1] PREEMPT SMP PTI\n[ 4562.099314] CPU: 2 PID: 23171 Comm: deqp-vk Not tainted 6.8.0-rc6+ #27\n[ 4562.099324] Hardware name: Gigabyte Technology Co., Ltd. Z390 I AORUS PRO WIFI/Z390 I AORUS PRO WIFI-CF, BIOS F8 11/05/2021\n[ 4562.099330] RIP: 0010:nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099503] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 66 0f 1f 00 0f 1f 44 00 00 48 89 f8 48 85 f6 74 39 48 8b 87 a0 00 00 00 48 85 c0 74 12 \u003c48\u003e 8b 48 f8 48 39 ce 73 15 48 8b 40 10 48 85 c0 75 ee 48 c7 c0 fe\n[ 4562.099506] RSP: 0000:ffffa94cc420bbf8 EFLAGS: 00010206\n[ 4562.099512] RAX: 6677ed422bceb814 RBX: ffff98108791f400 RCX: ffff9810f26b8f58\n[ 4562.099517] RDX: 0000000000000000 RSI: ffff9810f26b9158 RDI: ffff98108791f400\n[ 4562.099519] RBP: ffff9810f26b9158 R08: 0000000000000000 R09: 0000000000000000\n[ 4562.099521] R10: ffffa94cc420bc48 R11: 0000000000000001 R12: ffff9810f02a7cc0\n[ 4562.099526] R13: 0000000000000000 R14: 00000000000000ff R15: 0000000000000007\n[ 4562.099528] FS: 00007f629c5017c0(0000) GS:ffff98142c700000(0000) knlGS:0000000000000000\n[ 4562.099534] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 4562.099536] CR2: 00007f629a882000 CR3: 000000017019e004 CR4: 00000000003706f0\n[ 4562.099541] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 4562.099542] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 4562.099544] Call Trace:\n[ 4562.099555] \u003cTASK\u003e\n[ 4562.099573] ? die_addr+0x36/0x90\n[ 4562.099583] ? exc_general_protection+0x246/0x4a0\n[ 4562.099593] ? asm_exc_general_protection+0x26/0x30\n[ 4562.099600] ? nvkm_object_search+0x1d/0x70 [nouveau]\n[ 4562.099730] nvkm_ioctl+0xa1/0x250 [nouveau]\n[ 4562.099861] nvif_object_map_handle+0xc8/0x180 [nouveau]\n[ 4562.099986] nouveau_ttm_io_mem_reserve+0x122/0x270 [nouveau]\n[ 4562.100156] ? dma_resv_test_signaled+0x26/0xb0\n[ 4562.100163] ttm_bo_vm_fault_reserved+0x97/0x3c0 [ttm]\n[ 4562.100182] ? __mutex_unlock_slowpath+0x2a/0x270\n[ 4562.100189] nouveau_ttm_fault+0x69/0xb0 [nouveau]\n[ 4562.100356] __do_fault+0x32/0x150\n[ 4562.100362] do_fault+0x7c/0x560\n[ 4562.100369] __handle_mm_fault+0x800/0xc10\n[ 4562.100382] handle_mm_fault+0x17c/0x3e0\n[ 4562.100388] do_user_addr_fault+0x208/0x860\n[ 4562.100395] exc_page_fault+0x7f/0x200\n[ 4562.100402] asm_exc_page_fault+0x26/0x30\n[ 4562.100412] RIP: 0033:0x9b9870\n[ 4562.100419] Code: 85 a8 f7 ff ff 8b 8d 80 f7 ff ff 89 08 e9 18 f2 ff ff 0f 1f 84 00 00 00 00 00 44 89 32 e9 90 fa ff ff 0f 1f 84 00 00 00 00 00 \u003c44\u003e 89 32 e9 f8 f1 ff ff 0f 1f 84 00 00 00 00 00 66 44 89 32 e9 e7\n[ 4562.100422] RSP: 002b:00007fff9ba2dc70 EFLAGS: 00010246\n[ 4562.100426] RAX: 0000000000000004 RBX: 000000000dd65e10 RCX: 000000fff0000000\n[ 4562.100428] RDX: 00007f629a882000 RSI: 00007f629a882000 RDI: 0000000000000066\n[ 4562.100432] RBP: 00007fff9ba2e570 R08: 0000000000000000 R09: 0000000123ddf000\n[ 4562.100434] R10: 0000000000000001 R11: 0000000000000246 R12: 000000007fffffff\n[ 4562.100436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000\n[ 4562.100446] \u003c/TASK\u003e\n[ 4562.100448] Modules linked in: nf_conntrack_netbios_ns nf_conntrack_broadcast nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink cmac bnep sunrpc iwlmvm intel_rapl_msr intel_rapl_common snd_sof_pci_intel_cnl x86_pkg_temp_thermal intel_powerclamp snd_sof_intel_hda_common mac80211 coretemp snd_soc_acpi_intel_match kvm_intel snd_soc_acpi snd_soc_hdac_hda snd_sof_pci snd_sof_xtensa_dsp snd_sof_intel_hda_mlink \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27062",
"url": "https://www.suse.com/security/cve/CVE-2024-27062"
},
{
"category": "external",
"summary": "SUSE Bug 1223834 for CVE-2024-27062",
"url": "https://bugzilla.suse.com/1223834"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27062"
},
{
"cve": "CVE-2024-27067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27067"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen/evtchn: avoid WARN() when unbinding an event channel\n\nWhen unbinding a user event channel, the related handler might be\ncalled a last time in case the kernel was built with\nCONFIG_DEBUG_SHIRQ. This might cause a WARN() in the handler.\n\nAvoid that by adding an \"unbinding\" flag to struct user_event which\nwill short circuit the handler.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27067",
"url": "https://www.suse.com/security/cve/CVE-2024-27067"
},
{
"category": "external",
"summary": "SUSE Bug 1223739 for CVE-2024-27067",
"url": "https://bugzilla.suse.com/1223739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27067"
},
{
"cve": "CVE-2024-27080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27080"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix race when detecting delalloc ranges during fiemap\n\nFor fiemap we recently stopped locking the target extent range for the\nwhole duration of the fiemap call, in order to avoid a deadlock in a\nscenario where the fiemap buffer happens to be a memory mapped range of\nthe same file. This use case is very unlikely to be useful in practice but\nit may be triggered by fuzz testing (syzbot, etc).\n\nThis however introduced a race that makes us miss delalloc ranges for\nfile regions that are currently holes, so the caller of fiemap will not\nbe aware that there\u0027s data for some file regions. This can be quite\nserious for some use cases - for example in coreutils versions before 9.0,\nthe cp program used fiemap to detect holes and data in the source file,\ncopying only regions with data (extents or delalloc) from the source file\nto the destination file in order to preserve holes (see the documentation\nfor its --sparse command line option). This means that if cp was used\nwith a source file that had delalloc in a hole, the destination file could\nend up without that data, which is effectively a data loss issue, if it\nhappened to hit the race described below.\n\nThe race happens like this:\n\n1) Fiemap is called, without the FIEMAP_FLAG_SYNC flag, for a file that\n has delalloc in the file range [64M, 65M[, which is currently a hole;\n\n2) Fiemap locks the inode in shared mode, then starts iterating the\n inode\u0027s subvolume tree searching for file extent items, without having\n the whole fiemap target range locked in the inode\u0027s io tree - the\n change introduced recently by commit b0ad381fa769 (\"btrfs: fix\n deadlock with fiemap and extent locking\"). It only locks ranges in\n the io tree when it finds a hole or prealloc extent since that\n commit;\n\n3) Note that fiemap clones each leaf before using it, and this is to\n avoid deadlocks when locking a file range in the inode\u0027s io tree and\n the fiemap buffer is memory mapped to some file, because writing\n to the page with btrfs_page_mkwrite() will wait on any ordered extent\n for the page\u0027s range and the ordered extent needs to lock the range\n and may need to modify the same leaf, therefore leading to a deadlock\n on the leaf;\n\n4) While iterating the file extent items in the cloned leaf before\n finding the hole in the range [64M, 65M[, the delalloc in that range\n is flushed and its ordered extent completes - meaning the corresponding\n file extent item is in the inode\u0027s subvolume tree, but not present in\n the cloned leaf that fiemap is iterating over;\n\n5) When fiemap finds the hole in the [64M, 65M[ range by seeing the gap in\n the cloned leaf (or a file extent item with disk_bytenr == 0 in case\n the NO_HOLES feature is not enabled), it will lock that file range in\n the inode\u0027s io tree and then search for delalloc by checking for the\n EXTENT_DELALLOC bit in the io tree for that range and ordered extents\n (with btrfs_find_delalloc_in_range()). But it finds nothing since the\n delalloc in that range was already flushed and the ordered extent\n completed and is gone - as a result fiemap will not report that there\u0027s\n delalloc or an extent for the range [64M, 65M[, so user space will be\n mislead into thinking that there\u0027s a hole in that range.\n\nThis could actually be sporadically triggered with test case generic/094\nfrom fstests, which reports a missing extent/delalloc range like this:\n\n generic/094 2s ... - output mismatch (see /home/fdmanana/git/hub/xfstests/results//generic/094.out.bad)\n --- tests/generic/094.out\t2020-06-10 19:29:03.830519425 +0100\n +++ /home/fdmanana/git/hub/xfstests/results//generic/094.out.bad\t2024-02-28 11:00:00.381071525 +0000\n @@ -1,3 +1,9 @@\n QA output created by 094\n fiemap run with sync\n fiemap run without sync\n +ERROR: couldn\u0027t find extent at 7\n +map is \u0027HHDDHPPDPHPH\u0027\n +logical: [ 5.. 6] phys:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27080",
"url": "https://www.suse.com/security/cve/CVE-2024-27080"
},
{
"category": "external",
"summary": "SUSE Bug 1223782 for CVE-2024-27080",
"url": "https://bugzilla.suse.com/1223782"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27080"
},
{
"cve": "CVE-2024-27388",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27388"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix some memleaks in gssx_dec_option_array\n\nThe creds and oa-\u003edata need to be freed in the error-handling paths after\ntheir allocation. So this patch add these deallocations in the\ncorresponding paths.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27388",
"url": "https://www.suse.com/security/cve/CVE-2024-27388"
},
{
"category": "external",
"summary": "SUSE Bug 1223744 for CVE-2024-27388",
"url": "https://bugzilla.suse.com/1223744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27388"
},
{
"cve": "CVE-2024-27389",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27389"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore: inode: Only d_invalidate() is needed\n\nUnloading a modular pstore backend with records in pstorefs would\ntrigger the dput() double-drop warning:\n\n WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410\n\nUsing the combo of d_drop()/dput() (as mentioned in\nDocumentation/filesystems/vfs.rst) isn\u0027t the right approach here, and\nleads to the reference counting problem seen above. Use d_invalidate()\nand update the code to not bother checking for error codes that can\nnever happen.\n\n---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27389",
"url": "https://www.suse.com/security/cve/CVE-2024-27389"
},
{
"category": "external",
"summary": "SUSE Bug 1223705 for CVE-2024-27389",
"url": "https://bugzilla.suse.com/1223705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27389"
},
{
"cve": "CVE-2024-27393",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27393"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen-netfront: Add missing skb_mark_for_recycle\n\nNotice that skb_mark_for_recycle() is introduced later than fixes tag in\ncommit 6a5bcd84e886 (\"page_pool: Allow drivers to hint on SKB recycling\").\n\nIt is believed that fixes tag were missing a call to page_pool_release_page()\nbetween v5.9 to v5.14, after which is should have used skb_mark_for_recycle().\nSince v6.6 the call page_pool_release_page() were removed (in\ncommit 535b9c61bdef (\"net: page_pool: hide page_pool_release_page()\")\nand remaining callers converted (in commit 6bfef2ec0172 (\"Merge branch\n\u0027net-page_pool-remove-page_pool_release_page\u0027\")).\n\nThis leak became visible in v6.8 via commit dba1b8a7ab68 (\"mm/page_pool: catch\npage_pool memory leaks\").",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27393",
"url": "https://www.suse.com/security/cve/CVE-2024-27393"
},
{
"category": "external",
"summary": "SUSE Bug 1224076 for CVE-2024-27393",
"url": "https://bugzilla.suse.com/1224076"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27393"
},
{
"cve": "CVE-2024-27395",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27395"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: openvswitch: Fix Use-After-Free in ovs_ct_exit\n\nSince kfree_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof ovs_ct_limit_exit, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27395",
"url": "https://www.suse.com/security/cve/CVE-2024-27395"
},
{
"category": "external",
"summary": "SUSE Bug 1224098 for CVE-2024-27395",
"url": "https://bugzilla.suse.com/1224098"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27395"
},
{
"cve": "CVE-2024-27396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: gtp: Fix Use-After-Free in gtp_dellink\n\nSince call_rcu, which is called in the hlist_for_each_entry_rcu traversal\nof gtp_dellink, is not part of the RCU read critical section, it\nis possible that the RCU grace period will pass during the traversal and\nthe key will be free.\n\nTo prevent this, it should be changed to hlist_for_each_entry_safe.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27396",
"url": "https://www.suse.com/security/cve/CVE-2024-27396"
},
{
"category": "external",
"summary": "SUSE Bug 1224096 for CVE-2024-27396",
"url": "https://bugzilla.suse.com/1224096"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27396"
},
{
"cve": "CVE-2024-27398",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27398"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix use-after-free bugs caused by sco_sock_timeout\n\nWhen the sco connection is established and then, the sco socket\nis releasing, timeout_work will be scheduled to judge whether\nthe sco disconnection is timeout. The sock will be deallocated\nlater, but it is dereferenced again in sco_sock_timeout. As a\nresult, the use-after-free bugs will happen. The root cause is\nshown below:\n\n Cleanup Thread | Worker Thread\nsco_sock_release |\n sco_sock_close |\n __sco_sock_close |\n sco_sock_set_timer |\n schedule_delayed_work |\n sco_sock_kill | (wait a time)\n sock_put(sk) //FREE | sco_sock_timeout\n | sock_hold(sk) //USE\n\nThe KASAN report triggered by POC is shown below:\n\n[ 95.890016] ==================================================================\n[ 95.890496] BUG: KASAN: slab-use-after-free in sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] Write of size 4 at addr ffff88800c388080 by task kworker/0:0/7\n...\n[ 95.890755] Workqueue: events sco_sock_timeout\n[ 95.890755] Call Trace:\n[ 95.890755] \u003cTASK\u003e\n[ 95.890755] dump_stack_lvl+0x45/0x110\n[ 95.890755] print_address_description+0x78/0x390\n[ 95.890755] print_report+0x11b/0x250\n[ 95.890755] ? __virt_addr_valid+0xbe/0xf0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_report+0x139/0x170\n[ 95.890755] ? update_load_avg+0xe5/0x9f0\n[ 95.890755] ? sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] kasan_check_range+0x2c3/0x2e0\n[ 95.890755] sco_sock_timeout+0x5e/0x1c0\n[ 95.890755] process_one_work+0x561/0xc50\n[ 95.890755] worker_thread+0xab2/0x13c0\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] kthread+0x279/0x300\n[ 95.890755] ? pr_cont_work+0x490/0x490\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork+0x34/0x60\n[ 95.890755] ? kthread_blkcg+0xa0/0xa0\n[ 95.890755] ret_from_fork_asm+0x11/0x20\n[ 95.890755] \u003c/TASK\u003e\n[ 95.890755]\n[ 95.890755] Allocated by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] __kasan_kmalloc+0x86/0x90\n[ 95.890755] __kmalloc+0x17f/0x360\n[ 95.890755] sk_prot_alloc+0xe1/0x1a0\n[ 95.890755] sk_alloc+0x31/0x4e0\n[ 95.890755] bt_sock_alloc+0x2b/0x2a0\n[ 95.890755] sco_sock_create+0xad/0x320\n[ 95.890755] bt_sock_create+0x145/0x320\n[ 95.890755] __sock_create+0x2e1/0x650\n[ 95.890755] __sys_socket+0xd0/0x280\n[ 95.890755] __x64_sys_socket+0x75/0x80\n[ 95.890755] do_syscall_64+0xc4/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] Freed by task 506:\n[ 95.890755] kasan_save_track+0x3f/0x70\n[ 95.890755] kasan_save_free_info+0x40/0x50\n[ 95.890755] poison_slab_object+0x118/0x180\n[ 95.890755] __kasan_slab_free+0x12/0x30\n[ 95.890755] kfree+0xb2/0x240\n[ 95.890755] __sk_destruct+0x317/0x410\n[ 95.890755] sco_sock_release+0x232/0x280\n[ 95.890755] sock_close+0xb2/0x210\n[ 95.890755] __fput+0x37f/0x770\n[ 95.890755] task_work_run+0x1ae/0x210\n[ 95.890755] get_signal+0xe17/0xf70\n[ 95.890755] arch_do_signal_or_restart+0x3f/0x520\n[ 95.890755] syscall_exit_to_user_mode+0x55/0x120\n[ 95.890755] do_syscall_64+0xd1/0x1b0\n[ 95.890755] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the object at ffff88800c388000\n[ 95.890755] which belongs to the cache kmalloc-1k of size 1024\n[ 95.890755] The buggy address is located 128 bytes inside of\n[ 95.890755] freed 1024-byte region [ffff88800c388000, ffff88800c388400)\n[ 95.890755]\n[ 95.890755] The buggy address belongs to the physical page:\n[ 95.890755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88800c38a800 pfn:0xc388\n[ 95.890755] head: order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0\n[ 95.890755] ano\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27398",
"url": "https://www.suse.com/security/cve/CVE-2024-27398"
},
{
"category": "external",
"summary": "SUSE Bug 1224174 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1224174"
},
{
"category": "external",
"summary": "SUSE Bug 1225013 for CVE-2024-27398",
"url": "https://bugzilla.suse.com/1225013"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-27398"
},
{
"cve": "CVE-2024-27399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27399"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout\n\nThere is a race condition between l2cap_chan_timeout() and\nl2cap_chan_del(). When we use l2cap_chan_del() to delete the\nchannel, the chan-\u003econn will be set to null. But the conn could\nbe dereferenced again in the mutex_lock() of l2cap_chan_timeout().\nAs a result the null pointer dereference bug will happen. The\nKASAN report triggered by POC is shown below:\n\n[ 472.074580] ==================================================================\n[ 472.075284] BUG: KASAN: null-ptr-deref in mutex_lock+0x68/0xc0\n[ 472.075308] Write of size 8 at addr 0000000000000158 by task kworker/0:0/7\n[ 472.075308]\n[ 472.075308] CPU: 0 PID: 7 Comm: kworker/0:0 Not tainted 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.075308] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.075308] Workqueue: events l2cap_chan_timeout\n[ 472.075308] Call Trace:\n[ 472.075308] \u003cTASK\u003e\n[ 472.075308] dump_stack_lvl+0x137/0x1a0\n[ 472.075308] print_report+0x101/0x250\n[ 472.075308] ? __virt_addr_valid+0x77/0x160\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_report+0x139/0x170\n[ 472.075308] ? mutex_lock+0x68/0xc0\n[ 472.075308] kasan_check_range+0x2c3/0x2e0\n[ 472.075308] mutex_lock+0x68/0xc0\n[ 472.075308] l2cap_chan_timeout+0x181/0x300\n[ 472.075308] process_one_work+0x5d2/0xe00\n[ 472.075308] worker_thread+0xe1d/0x1660\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] kthread+0x2b7/0x350\n[ 472.075308] ? pr_cont_work+0x5e0/0x5e0\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork+0x4d/0x80\n[ 472.075308] ? kthread_blkcg+0xd0/0xd0\n[ 472.075308] ret_from_fork_asm+0x11/0x20\n[ 472.075308] \u003c/TASK\u003e\n[ 472.075308] ==================================================================\n[ 472.094860] Disabling lock debugging due to kernel taint\n[ 472.096136] BUG: kernel NULL pointer dereference, address: 0000000000000158\n[ 472.096136] #PF: supervisor write access in kernel mode\n[ 472.096136] #PF: error_code(0x0002) - not-present page\n[ 472.096136] PGD 0 P4D 0\n[ 472.096136] Oops: 0002 [#1] PREEMPT SMP KASAN NOPTI\n[ 472.096136] CPU: 0 PID: 7 Comm: kworker/0:0 Tainted: G B 6.9.0-rc5-00356-g78c0094a146b #36\n[ 472.096136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu4\n[ 472.096136] Workqueue: events l2cap_chan_timeout\n[ 472.096136] RIP: 0010:mutex_lock+0x88/0xc0\n[ 472.096136] Code: be 08 00 00 00 e8 f8 23 1f fd 4c 89 f7 be 08 00 00 00 e8 eb 23 1f fd 42 80 3c 23 00 74 08 48 88\n[ 472.096136] RSP: 0018:ffff88800744fc78 EFLAGS: 00000246\n[ 472.096136] RAX: 0000000000000000 RBX: 1ffff11000e89f8f RCX: ffffffff8457c865\n[ 472.096136] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff88800744fc78\n[ 472.096136] RBP: 0000000000000158 R08: ffff88800744fc7f R09: 1ffff11000e89f8f\n[ 472.096136] R10: dffffc0000000000 R11: ffffed1000e89f90 R12: dffffc0000000000\n[ 472.096136] R13: 0000000000000158 R14: ffff88800744fc78 R15: ffff888007405a00\n[ 472.096136] FS: 0000000000000000(0000) GS:ffff88806d200000(0000) knlGS:0000000000000000\n[ 472.096136] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 472.096136] CR2: 0000000000000158 CR3: 000000000da32000 CR4: 00000000000006f0\n[ 472.096136] Call Trace:\n[ 472.096136] \u003cTASK\u003e\n[ 472.096136] ? __die_body+0x8d/0xe0\n[ 472.096136] ? page_fault_oops+0x6b8/0x9a0\n[ 472.096136] ? kernelmode_fixup_or_oops+0x20c/0x2a0\n[ 472.096136] ? do_user_addr_fault+0x1027/0x1340\n[ 472.096136] ? _printk+0x7a/0xa0\n[ 472.096136] ? mutex_lock+0x68/0xc0\n[ 472.096136] ? add_taint+0x42/0xd0\n[ 472.096136] ? exc_page_fault+0x6a/0x1b0\n[ 472.096136] ? asm_exc_page_fault+0x26/0x30\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] ? mutex_lock+0x88/0xc0\n[ 472.096136] ? mutex_lock+0x75/0xc0\n[ 472.096136] l2cap_chan_timeo\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27399",
"url": "https://www.suse.com/security/cve/CVE-2024-27399"
},
{
"category": "external",
"summary": "SUSE Bug 1224177 for CVE-2024-27399",
"url": "https://bugzilla.suse.com/1224177"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27399"
},
{
"cve": "CVE-2024-27400",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27400"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2\n\nThis reverts drm/amdgpu: fix ftrace event amdgpu_bo_move always move\non same heap. The basic problem here is that after the move the old\nlocation is simply not available any more.\n\nSome fixes were suggested, but essentially we should call the move\nnotification before actually moving things because only this way we have\nthe correct order for DMA-buf and VM move notifications as well.\n\nAlso rework the statistic handling so that we don\u0027t update the eviction\ncounter before the move.\n\nv2: add missing NULL check",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27400",
"url": "https://www.suse.com/security/cve/CVE-2024-27400"
},
{
"category": "external",
"summary": "SUSE Bug 1224180 for CVE-2024-27400",
"url": "https://bugzilla.suse.com/1224180"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27400"
},
{
"cve": "CVE-2024-27401",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27401"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: nosy: ensure user_length is taken into account when fetching packet contents\n\nEnsure that packet_buffer_get respects the user_length provided. If\nthe length of the head packet exceeds the user_length, packet_buffer_get\nwill now return 0 to signify to the user that no data were read\nand a larger buffer size is required. Helps prevent user space overflows.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27401",
"url": "https://www.suse.com/security/cve/CVE-2024-27401"
},
{
"category": "external",
"summary": "SUSE Bug 1224181 for CVE-2024-27401",
"url": "https://bugzilla.suse.com/1224181"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27401"
},
{
"cve": "CVE-2024-27405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs\n\nIt is observed sometimes when tethering is used over NCM with Windows 11\nas host, at some instances, the gadget_giveback has one byte appended at\nthe end of a proper NTB. When the NTB is parsed, unwrap call looks for\nany leftover bytes in SKB provided by u_ether and if there are any pending\nbytes, it treats them as a separate NTB and parses it. But in case the\nsecond NTB (as per unwrap call) is faulty/corrupt, all the datagrams that\nwere parsed properly in the first NTB and saved in rx_list are dropped.\n\nAdding a few custom traces showed the following:\n[002] d..1 7828.532866: dwc3_gadget_giveback: ep1out:\nreq 000000003868811a length 1025/16384 zsI ==\u003e 0\n[002] d..1 7828.532867: ncm_unwrap_ntb: K: ncm_unwrap_ntb toprocess: 1025\n[002] d..1 7828.532867: ncm_unwrap_ntb: K: ncm_unwrap_ntb nth: 1751999342\n[002] d..1 7828.532868: ncm_unwrap_ntb: K: ncm_unwrap_ntb seq: 0xce67\n[002] d..1 7828.532868: ncm_unwrap_ntb: K: ncm_unwrap_ntb blk_len: 0x400\n[002] d..1 7828.532868: ncm_unwrap_ntb: K: ncm_unwrap_ntb ndp_len: 0x10\n[002] d..1 7828.532869: ncm_unwrap_ntb: K: Parsed NTB with 1 frames\n\nIn this case, the giveback is of 1025 bytes and block length is 1024.\nThe rest 1 byte (which is 0x00) won\u0027t be parsed resulting in drop of\nall datagrams in rx_list.\n\nSame is case with packets of size 2048:\n[002] d..1 7828.557948: dwc3_gadget_giveback: ep1out:\nreq 0000000011dfd96e length 2049/16384 zsI ==\u003e 0\n[002] d..1 7828.557949: ncm_unwrap_ntb: K: ncm_unwrap_ntb nth: 1751999342\n[002] d..1 7828.557950: ncm_unwrap_ntb: K: ncm_unwrap_ntb blk_len: 0x800\n\nLecroy shows one byte coming in extra confirming that the byte is coming\nin from PC:\n\n Transfer 2959 - Bytes Transferred(1025) Timestamp((18.524 843 590)\n - Transaction 8391 - Data(1025 bytes) Timestamp(18.524 843 590)\n --- Packet 4063861\n Data(1024 bytes)\n Duration(2.117us) Idle(14.700ns) Timestamp(18.524 843 590)\n --- Packet 4063863\n Data(1 byte)\n Duration(66.160ns) Time(282.000ns) Timestamp(18.524 845 722)\n\nAccording to Windows driver, no ZLP is needed if wBlockLength is non-zero,\nbecause the non-zero wBlockLength has already told the function side the\nsize of transfer to be expected. However, there are in-market NCM devices\nthat rely on ZLP as long as the wBlockLength is multiple of wMaxPacketSize.\nTo deal with such devices, it pads an extra 0 at end so the transfer is no\nlonger multiple of wMaxPacketSize.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27405",
"url": "https://www.suse.com/security/cve/CVE-2024-27405"
},
{
"category": "external",
"summary": "SUSE Bug 1224423 for CVE-2024-27405",
"url": "https://bugzilla.suse.com/1224423"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27405"
},
{
"cve": "CVE-2024-27408",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27408"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: dw-edma: eDMA: Add sync read before starting the DMA transfer in remote setup\n\nThe Linked list element and pointer are not stored in the same memory as\nthe eDMA controller register. If the doorbell register is toggled before\nthe full write of the linked list a race condition error will occur.\nIn remote setup we can only use a readl to the memory to assure the full\nwrite has occurred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27408",
"url": "https://www.suse.com/security/cve/CVE-2024-27408"
},
{
"category": "external",
"summary": "SUSE Bug 1224430 for CVE-2024-27408",
"url": "https://bugzilla.suse.com/1224430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27408"
},
{
"cve": "CVE-2024-27410",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27410"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: reject iftype change with mesh ID change\n\nIt\u0027s currently possible to change the mesh ID when the\ninterface isn\u0027t yet in mesh mode, at the same time as\nchanging it into mesh mode. This leads to an overwrite\nof data in the wdev-\u003eu union for the interface type it\ncurrently has, causing cfg80211_change_iface() to do\nwrong things when switching.\n\nWe could probably allow setting an interface to mesh\nwhile setting the mesh ID at the same time by doing a\ndifferent order of operations here, but realistically\nthere\u0027s no userspace that\u0027s going to do this, so just\ndisallow changes in iftype when setting mesh ID.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27410",
"url": "https://www.suse.com/security/cve/CVE-2024-27410"
},
{
"category": "external",
"summary": "SUSE Bug 1224432 for CVE-2024-27410",
"url": "https://bugzilla.suse.com/1224432"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27410"
},
{
"cve": "CVE-2024-27411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27411"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: keep DMA buffers required for suspend/resume\n\nNouveau deallocates a few buffers post GPU init which are required for GPU suspend/resume to function correctly.\nThis is likely not as big an issue on systems where the NVGPU is the only GPU, but on multi-GPU set ups it leads to a regression where the kernel module errors and results in a system-wide rendering freeze.\n\nThis commit addresses that regression by moving the two buffers required for suspend and resume to be deallocated at driver unload instead of post init.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27411",
"url": "https://www.suse.com/security/cve/CVE-2024-27411"
},
{
"category": "external",
"summary": "SUSE Bug 1224433 for CVE-2024-27411",
"url": "https://bugzilla.suse.com/1224433"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27411"
},
{
"cve": "CVE-2024-27412",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27412"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npower: supply: bq27xxx-i2c: Do not free non existing IRQ\n\nThe bq27xxx i2c-client may not have an IRQ, in which case\nclient-\u003eirq will be 0. bq27xxx_battery_i2c_probe() already has\nan if (client-\u003eirq) check wrapping the request_threaded_irq().\n\nBut bq27xxx_battery_i2c_remove() unconditionally calls\nfree_irq(client-\u003eirq) leading to:\n\n[ 190.310742] ------------[ cut here ]------------\n[ 190.310843] Trying to free already-free IRQ 0\n[ 190.310861] WARNING: CPU: 2 PID: 1304 at kernel/irq/manage.c:1893 free_irq+0x1b8/0x310\n\nFollowed by a backtrace when unbinding the driver. Add\nan if (client-\u003eirq) to bq27xxx_battery_i2c_remove() mirroring\nprobe() to fix this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27412",
"url": "https://www.suse.com/security/cve/CVE-2024-27412"
},
{
"category": "external",
"summary": "SUSE Bug 1224437 for CVE-2024-27412",
"url": "https://bugzilla.suse.com/1224437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27412"
},
{
"cve": "CVE-2024-27413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi/capsule-loader: fix incorrect allocation size\n\ngcc-14 notices that the allocation with sizeof(void) on 32-bit architectures\nis not enough for a 64-bit phys_addr_t:\n\ndrivers/firmware/efi/capsule-loader.c: In function \u0027efi_capsule_open\u0027:\ndrivers/firmware/efi/capsule-loader.c:295:24: error: allocation of insufficient size \u00274\u0027 for type \u0027phys_addr_t\u0027 {aka \u0027long long unsigned int\u0027} with size \u00278\u0027 [-Werror=alloc-size]\n 295 | cap_info-\u003ephys = kzalloc(sizeof(void *), GFP_KERNEL);\n | ^\n\nUse the correct type instead here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27413",
"url": "https://www.suse.com/security/cve/CVE-2024-27413"
},
{
"category": "external",
"summary": "SUSE Bug 1224438 for CVE-2024-27413",
"url": "https://bugzilla.suse.com/1224438"
},
{
"category": "external",
"summary": "SUSE Bug 1225315 for CVE-2024-27413",
"url": "https://bugzilla.suse.com/1225315"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-27413"
},
{
"cve": "CVE-2024-27416",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27416"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST\n\nIf we received HCI_EV_IO_CAPA_REQUEST while\nHCI_OP_READ_REMOTE_EXT_FEATURES is yet to be responded assume the remote\ndoes support SSP since otherwise this event shouldn\u0027t be generated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27416",
"url": "https://www.suse.com/security/cve/CVE-2024-27416"
},
{
"category": "external",
"summary": "SUSE Bug 1224723 for CVE-2024-27416",
"url": "https://bugzilla.suse.com/1224723"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27416"
},
{
"cve": "CVE-2024-27417",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27417"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix potential \"struct net\" leak in inet6_rtm_getaddr()\n\nIt seems that if userspace provides a correct IFA_TARGET_NETNSID value\nbut no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr()\nreturns -EINVAL with an elevated \"struct net\" refcount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27417",
"url": "https://www.suse.com/security/cve/CVE-2024-27417"
},
{
"category": "external",
"summary": "SUSE Bug 1224721 for CVE-2024-27417",
"url": "https://bugzilla.suse.com/1224721"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27417"
},
{
"cve": "CVE-2024-27418",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27418"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mctp: take ownership of skb in mctp_local_output\n\nCurrently, mctp_local_output only takes ownership of skb on success, and\nwe may leak an skb if mctp_local_output fails in specific states; the\nskb ownership isn\u0027t transferred until the actual output routing occurs.\n\nInstead, make mctp_local_output free the skb on all error paths up to\nthe route action, so it always consumes the passed skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27418",
"url": "https://www.suse.com/security/cve/CVE-2024-27418"
},
{
"category": "external",
"summary": "SUSE Bug 1224720 for CVE-2024-27418",
"url": "https://bugzilla.suse.com/1224720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27418"
},
{
"cve": "CVE-2024-27431",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27431"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpumap: Zero-initialise xdp_rxq_info struct before running XDP program\n\nWhen running an XDP program that is attached to a cpumap entry, we don\u0027t\ninitialise the xdp_rxq_info data structure being used in the xdp_buff\nthat backs the XDP program invocation. Tobias noticed that this leads to\nrandom values being returned as the xdp_md-\u003erx_queue_index value for XDP\nprograms running in a cpumap.\n\nThis means we\u0027re basically returning the contents of the uninitialised\nmemory, which is bad. Fix this by zero-initialising the rxq data\nstructure before running the XDP program.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27431",
"url": "https://www.suse.com/security/cve/CVE-2024-27431"
},
{
"category": "external",
"summary": "SUSE Bug 1224718 for CVE-2024-27431",
"url": "https://bugzilla.suse.com/1224718"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27431"
},
{
"cve": "CVE-2024-27432",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27432"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ethernet: mtk_eth_soc: fix PPE hanging issue\n\nA patch to resolve an issue was found in MediaTek\u0027s GPL-licensed SDK:\nIn the mtk_ppe_stop() function, the PPE scan mode is not disabled before\ndisabling the PPE. This can potentially lead to a hang during the process\nof disabling the PPE.\n\nWithout this patch, the PPE may experience a hang during the reboot test.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27432",
"url": "https://www.suse.com/security/cve/CVE-2024-27432"
},
{
"category": "external",
"summary": "SUSE Bug 1224716 for CVE-2024-27432",
"url": "https://bugzilla.suse.com/1224716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27432"
},
{
"cve": "CVE-2024-27434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27434"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t set the MFP flag for the GTK\n\nThe firmware doesn\u0027t need the MFP flag for the GTK, it can even make the\nfirmware crash. in case the AP is configured with: group cipher TKIP and\nMFPC. We would send the GTK with cipher = TKIP and MFP which is of course\nnot possible.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27434",
"url": "https://www.suse.com/security/cve/CVE-2024-27434"
},
{
"category": "external",
"summary": "SUSE Bug 1224710 for CVE-2024-27434",
"url": "https://bugzilla.suse.com/1224710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27434"
},
{
"cve": "CVE-2024-27435",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27435"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnvme: fix reconnection fail due to reserved tag allocation\n\nWe found a issue on production environment while using NVMe over RDMA,\nadmin_q reconnect failed forever while remote target and network is ok.\nAfter dig into it, we found it may caused by a ABBA deadlock due to tag\nallocation. In my case, the tag was hold by a keep alive request\nwaiting inside admin_q, as we quiesced admin_q while reset ctrl, so the\nrequest maked as idle and will not process before reset success. As\nfabric_q shares tagset with admin_q, while reconnect remote target, we\nneed a tag for connect command, but the only one reserved tag was held\nby keep alive command which waiting inside admin_q. As a result, we\nfailed to reconnect admin_q forever. In order to fix this issue, I\nthink we should keep two reserved tags for admin queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27435",
"url": "https://www.suse.com/security/cve/CVE-2024-27435"
},
{
"category": "external",
"summary": "SUSE Bug 1224717 for CVE-2024-27435",
"url": "https://bugzilla.suse.com/1224717"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27435"
},
{
"cve": "CVE-2024-27436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-27436"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: usb-audio: Stop parsing channels bits when all channels are found.\n\nIf a usb audio device sets more bits than the amount of channels\nit could write outside of the map array.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-27436",
"url": "https://www.suse.com/security/cve/CVE-2024-27436"
},
{
"category": "external",
"summary": "SUSE Bug 1224803 for CVE-2024-27436",
"url": "https://bugzilla.suse.com/1224803"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-27436"
},
{
"cve": "CVE-2024-35784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35784"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix deadlock with fiemap and extent locking\n\nWhile working on the patchset to remove extent locking I got a lockdep\nsplat with fiemap and pagefaulting with my new extent lock replacement\nlock.\n\nThis deadlock exists with our normal code, we just don\u0027t have lockdep\nannotations with the extent locking so we\u0027ve never noticed it.\n\nSince we\u0027re copying the fiemap extent to user space on every iteration\nwe have the chance of pagefaulting. Because we hold the extent lock for\nthe entire range we could mkwrite into a range in the file that we have\nmmap\u0027ed. This would deadlock with the following stack trace\n\n[\u003c0\u003e] lock_extent+0x28d/0x2f0\n[\u003c0\u003e] btrfs_page_mkwrite+0x273/0x8a0\n[\u003c0\u003e] do_page_mkwrite+0x50/0xb0\n[\u003c0\u003e] do_fault+0xc1/0x7b0\n[\u003c0\u003e] __handle_mm_fault+0x2fa/0x460\n[\u003c0\u003e] handle_mm_fault+0xa4/0x330\n[\u003c0\u003e] do_user_addr_fault+0x1f4/0x800\n[\u003c0\u003e] exc_page_fault+0x7c/0x1e0\n[\u003c0\u003e] asm_exc_page_fault+0x26/0x30\n[\u003c0\u003e] rep_movs_alternative+0x33/0x70\n[\u003c0\u003e] _copy_to_user+0x49/0x70\n[\u003c0\u003e] fiemap_fill_next_extent+0xc8/0x120\n[\u003c0\u003e] emit_fiemap_extent+0x4d/0xa0\n[\u003c0\u003e] extent_fiemap+0x7f8/0xad0\n[\u003c0\u003e] btrfs_fiemap+0x49/0x80\n[\u003c0\u003e] __x64_sys_ioctl+0x3e1/0xb50\n[\u003c0\u003e] do_syscall_64+0x94/0x1a0\n[\u003c0\u003e] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n\nI wrote an fstest to reproduce this deadlock without my replacement lock\nand verified that the deadlock exists with our existing locking.\n\nTo fix this simply don\u0027t take the extent lock for the entire duration of\nthe fiemap. This is safe in general because we keep track of where we\nare when we\u0027re searching the tree, so if an ordered extent updates in\nthe middle of our fiemap call we\u0027ll still emit the correct extents\nbecause we know what offset we were on before.\n\nThe only place we maintain the lock is searching delalloc. Since the\ndelalloc stuff can change during writeback we want to lock the extent\nrange so we have a consistent view of delalloc at the time we\u0027re\nchecking to see if we need to set the delalloc flag.\n\nWith this patch applied we no longer deadlock with my testcase.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35784",
"url": "https://www.suse.com/security/cve/CVE-2024-35784"
},
{
"category": "external",
"summary": "SUSE Bug 1224804 for CVE-2024-35784",
"url": "https://bugzilla.suse.com/1224804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35784"
},
{
"cve": "CVE-2024-35786",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35786"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/nouveau: fix stale locked mutex in nouveau_gem_ioctl_pushbuf\n\nIf VM_BIND is enabled on the client the legacy submission ioctl can\u0027t be\nused, however if a client tries to do so regardless it will return an\nerror. In this case the clients mutex remained unlocked leading to a\ndeadlock inside nouveau_drm_postclose or any other nouveau ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35786",
"url": "https://www.suse.com/security/cve/CVE-2024-35786"
},
{
"category": "external",
"summary": "SUSE Bug 1224714 for CVE-2024-35786",
"url": "https://bugzilla.suse.com/1224714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35786"
},
{
"cve": "CVE-2024-35788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35788"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35788",
"url": "https://www.suse.com/security/cve/CVE-2024-35788"
},
{
"category": "external",
"summary": "SUSE Bug 1224709 for CVE-2024-35788",
"url": "https://bugzilla.suse.com/1224709"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35788"
},
{
"cve": "CVE-2024-35789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35789"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes\n\nWhen moving a station out of a VLAN and deleting the VLAN afterwards, the\nfast_rx entry still holds a pointer to the VLAN\u0027s netdev, which can cause\nuse-after-free bugs. Fix this by immediately calling ieee80211_check_fast_rx\nafter the VLAN change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35789",
"url": "https://www.suse.com/security/cve/CVE-2024-35789"
},
{
"category": "external",
"summary": "SUSE Bug 1224749 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1224749"
},
{
"category": "external",
"summary": "SUSE Bug 1227320 for CVE-2024-35789",
"url": "https://bugzilla.suse.com/1227320"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35789"
},
{
"cve": "CVE-2024-35790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35790"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: altmodes/displayport: create sysfs nodes as driver\u0027s default device attribute group\n\nThe DisplayPort driver\u0027s sysfs nodes may be present to the userspace before\ntypec_altmode_set_drvdata() completes in dp_altmode_probe. This means that\na sysfs read can trigger a NULL pointer error by deferencing dp-\u003ehpd in\nhpd_show or dp-\u003elock in pin_assignment_show, as dev_get_drvdata() returns\nNULL in those cases.\n\nRemove manual sysfs node creation in favor of adding attribute group as\ndefault for devices bound to the driver. The ATTRIBUTE_GROUPS() macro is\nnot used here otherwise the path to the sysfs nodes is no longer compliant\nwith the ABI.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35790",
"url": "https://www.suse.com/security/cve/CVE-2024-35790"
},
{
"category": "external",
"summary": "SUSE Bug 1224712 for CVE-2024-35790",
"url": "https://bugzilla.suse.com/1224712"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35790"
},
{
"cve": "CVE-2024-35791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35791"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Flush pages under kvm-\u003elock to fix UAF in svm_register_enc_region()\n\nDo the cache flush of converted pages in svm_register_enc_region() before\ndropping kvm-\u003elock to fix use-after-free issues where region and/or its\narray of pages could be freed by a different task, e.g. if userspace has\n__unregister_enc_region_locked() already queued up for the region.\n\nNote, the \"obvious\" alternative of using local variables doesn\u0027t fully\nresolve the bug, as region-\u003epages is also dynamically allocated. I.e. the\nregion structure itself would be fine, but region-\u003epages could be freed.\n\nFlushing multiple pages under kvm-\u003elock is unfortunate, but the entire\nflow is a rare slow path, and the manual flush is only needed on CPUs that\nlack coherency for encrypted memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35791",
"url": "https://www.suse.com/security/cve/CVE-2024-35791"
},
{
"category": "external",
"summary": "SUSE Bug 1224725 for CVE-2024-35791",
"url": "https://bugzilla.suse.com/1224725"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35791"
},
{
"cve": "CVE-2024-35794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35794"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndm-raid: really frozen sync_thread during suspend\n\n1) commit f52f5c71f3d4 (\"md: fix stopping sync thread\") remove\n MD_RECOVERY_FROZEN from __md_stop_writes() and doesn\u0027t realize that\n dm-raid relies on __md_stop_writes() to frozen sync_thread\n indirectly. Fix this problem by adding MD_RECOVERY_FROZEN in\n md_stop_writes(), and since stop_sync_thread() is only used for\n dm-raid in this case, also move stop_sync_thread() to\n md_stop_writes().\n2) The flag MD_RECOVERY_FROZEN doesn\u0027t mean that sync thread is frozen,\n it only prevent new sync_thread to start, and it can\u0027t stop the\n running sync thread; In order to frozen sync_thread, after seting the\n flag, stop_sync_thread() should be used.\n3) The flag MD_RECOVERY_FROZEN doesn\u0027t mean that writes are stopped, use\n it as condition for md_stop_writes() in raid_postsuspend() doesn\u0027t\n look correct. Consider that reentrant stop_sync_thread() do nothing,\n always call md_stop_writes() in raid_postsuspend().\n4) raid_message can set/clear the flag MD_RECOVERY_FROZEN at anytime,\n and if MD_RECOVERY_FROZEN is cleared while the array is suspended,\n new sync_thread can start unexpected. Fix this by disallow\n raid_message() to change sync_thread status during suspend.\n\nNote that after commit f52f5c71f3d4 (\"md: fix stopping sync thread\"), the\ntest shell/lvconvert-raid-reshape.sh start to hang in stop_sync_thread(),\nand with previous fixes, the test won\u0027t hang there anymore, however, the\ntest will still fail and complain that ext4 is corrupted. And with this\npatch, the test won\u0027t hang due to stop_sync_thread() or fail due to ext4\nis corrupted anymore. However, there is still a deadlock related to\ndm-raid456 that will be fixed in following patches.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35794",
"url": "https://www.suse.com/security/cve/CVE-2024-35794"
},
{
"category": "external",
"summary": "SUSE Bug 1224706 for CVE-2024-35794",
"url": "https://bugzilla.suse.com/1224706"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35794"
},
{
"cve": "CVE-2024-35795",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35795"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: fix deadlock while reading mqd from debugfs\n\nAn errant disk backup on my desktop got into debugfs and triggered the\nfollowing deadlock scenario in the amdgpu debugfs files. The machine\nalso hard-resets immediately after those lines are printed (although I\nwasn\u0027t able to reproduce that part when reading by hand):\n\n[ 1318.016074][ T1082] ======================================================\n[ 1318.016607][ T1082] WARNING: possible circular locking dependency detected\n[ 1318.017107][ T1082] 6.8.0-rc7-00015-ge0c8221b72c0 #17 Not tainted\n[ 1318.017598][ T1082] ------------------------------------------------------\n[ 1318.018096][ T1082] tar/1082 is trying to acquire lock:\n[ 1318.018585][ T1082] ffff98c44175d6a0 (\u0026mm-\u003emmap_lock){++++}-{3:3}, at: __might_fault+0x40/0x80\n[ 1318.019084][ T1082]\n[ 1318.019084][ T1082] but task is already holding lock:\n[ 1318.020052][ T1082] ffff98c4c13f55f8 (reservation_ww_class_mutex){+.+.}-{3:3}, at: amdgpu_debugfs_mqd_read+0x6a/0x250 [amdgpu]\n[ 1318.020607][ T1082]\n[ 1318.020607][ T1082] which lock already depends on the new lock.\n[ 1318.020607][ T1082]\n[ 1318.022081][ T1082]\n[ 1318.022081][ T1082] the existing dependency chain (in reverse order) is:\n[ 1318.023083][ T1082]\n[ 1318.023083][ T1082] -\u003e #2 (reservation_ww_class_mutex){+.+.}-{3:3}:\n[ 1318.024114][ T1082] __ww_mutex_lock.constprop.0+0xe0/0x12f0\n[ 1318.024639][ T1082] ww_mutex_lock+0x32/0x90\n[ 1318.025161][ T1082] dma_resv_lockdep+0x18a/0x330\n[ 1318.025683][ T1082] do_one_initcall+0x6a/0x350\n[ 1318.026210][ T1082] kernel_init_freeable+0x1a3/0x310\n[ 1318.026728][ T1082] kernel_init+0x15/0x1a0\n[ 1318.027242][ T1082] ret_from_fork+0x2c/0x40\n[ 1318.027759][ T1082] ret_from_fork_asm+0x11/0x20\n[ 1318.028281][ T1082]\n[ 1318.028281][ T1082] -\u003e #1 (reservation_ww_class_acquire){+.+.}-{0:0}:\n[ 1318.029297][ T1082] dma_resv_lockdep+0x16c/0x330\n[ 1318.029790][ T1082] do_one_initcall+0x6a/0x350\n[ 1318.030263][ T1082] kernel_init_freeable+0x1a3/0x310\n[ 1318.030722][ T1082] kernel_init+0x15/0x1a0\n[ 1318.031168][ T1082] ret_from_fork+0x2c/0x40\n[ 1318.031598][ T1082] ret_from_fork_asm+0x11/0x20\n[ 1318.032011][ T1082]\n[ 1318.032011][ T1082] -\u003e #0 (\u0026mm-\u003emmap_lock){++++}-{3:3}:\n[ 1318.032778][ T1082] __lock_acquire+0x14bf/0x2680\n[ 1318.033141][ T1082] lock_acquire+0xcd/0x2c0\n[ 1318.033487][ T1082] __might_fault+0x58/0x80\n[ 1318.033814][ T1082] amdgpu_debugfs_mqd_read+0x103/0x250 [amdgpu]\n[ 1318.034181][ T1082] full_proxy_read+0x55/0x80\n[ 1318.034487][ T1082] vfs_read+0xa7/0x360\n[ 1318.034788][ T1082] ksys_read+0x70/0xf0\n[ 1318.035085][ T1082] do_syscall_64+0x94/0x180\n[ 1318.035375][ T1082] entry_SYSCALL_64_after_hwframe+0x46/0x4e\n[ 1318.035664][ T1082]\n[ 1318.035664][ T1082] other info that might help us debug this:\n[ 1318.035664][ T1082]\n[ 1318.036487][ T1082] Chain exists of:\n[ 1318.036487][ T1082] \u0026mm-\u003emmap_lock --\u003e reservation_ww_class_acquire --\u003e reservation_ww_class_mutex\n[ 1318.036487][ T1082]\n[ 1318.037310][ T1082] Possible unsafe locking scenario:\n[ 1318.037310][ T1082]\n[ 1318.037838][ T1082] CPU0 CPU1\n[ 1318.038101][ T1082] ---- ----\n[ 1318.038350][ T1082] lock(reservation_ww_class_mutex);\n[ 1318.038590][ T1082] lock(reservation_ww_class_acquire);\n[ 1318.038839][ T1082] lock(reservation_ww_class_mutex);\n[ 1318.039083][ T1082] rlock(\u0026mm-\u003emmap_lock);\n[ 1318.039328][ T1082]\n[ 1318.039328][ T1082] *** DEADLOCK ***\n[ 1318.039328][ T1082]\n[ 1318.040029][ T1082] 1 lock held by tar/1082:\n[ 1318.040259][ T1082] #0: ffff98c4c13f55f8 (reservation_ww_class_mutex){+.+.}-{3:3}, at: amdgpu_debugfs_mqd_read+0x6a/0x250 [amdgpu]\n[ 1318.040560][ T1082]\n[ 1318.040560][ T1082] stack backtrace:\n[\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35795",
"url": "https://www.suse.com/security/cve/CVE-2024-35795"
},
{
"category": "external",
"summary": "SUSE Bug 1224634 for CVE-2024-35795",
"url": "https://bugzilla.suse.com/1224634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35795"
},
{
"cve": "CVE-2024-35796",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35796"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ll_temac: platform_get_resource replaced by wrong function\n\nThe function platform_get_resource was replaced with\ndevm_platform_ioremap_resource_byname and is called using 0 as name.\n\nThis eventually ends up in platform_get_resource_byname in the call\nstack, where it causes a null pointer in strcmp.\n\n\tif (type == resource_type(r) \u0026\u0026 !strcmp(r-\u003ename, name))\n\nIt should have been replaced with devm_platform_ioremap_resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35796",
"url": "https://www.suse.com/security/cve/CVE-2024-35796"
},
{
"category": "external",
"summary": "SUSE Bug 1224615 for CVE-2024-35796",
"url": "https://bugzilla.suse.com/1224615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35796"
},
{
"cve": "CVE-2024-35799",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35799"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Prevent crash when disable stream\n\n[Why]\nDisabling stream encoder invokes a function that no longer exists.\n\n[How]\nCheck if the function declaration is NULL in disable stream encoder.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35799",
"url": "https://www.suse.com/security/cve/CVE-2024-35799"
},
{
"category": "external",
"summary": "SUSE Bug 1224740 for CVE-2024-35799",
"url": "https://bugzilla.suse.com/1224740"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35799"
},
{
"cve": "CVE-2024-35800",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35800"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi: fix panic in kdump kernel\n\nCheck if get_next_variable() is actually valid pointer before\ncalling it. In kdump kernel this method is set to NULL that causes\npanic during the kexec-ed kernel boot.\n\nTested with QEMU and OVMF firmware.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35800",
"url": "https://www.suse.com/security/cve/CVE-2024-35800"
},
{
"category": "external",
"summary": "SUSE Bug 1224507 for CVE-2024-35800",
"url": "https://bugzilla.suse.com/1224507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35800"
},
{
"cve": "CVE-2024-35801",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35801"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/fpu: Keep xfd_state in sync with MSR_IA32_XFD\n\nCommit 672365477ae8 (\"x86/fpu: Update XFD state where required\") and\ncommit 8bf26758ca96 (\"x86/fpu: Add XFD state to fpstate\") introduced a\nper CPU variable xfd_state to keep the MSR_IA32_XFD value cached, in\norder to avoid unnecessary writes to the MSR.\n\nOn CPU hotplug MSR_IA32_XFD is reset to the init_fpstate.xfd, which\nwipes out any stale state. But the per CPU cached xfd value is not\nreset, which brings them out of sync.\n\nAs a consequence a subsequent xfd_update_state() might fail to update\nthe MSR which in turn can result in XRSTOR raising a #NM in kernel\nspace, which crashes the kernel.\n\nTo fix this, introduce xfd_set_state() to write xfd_state together\nwith MSR_IA32_XFD, and use it in all places that set MSR_IA32_XFD.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35801",
"url": "https://www.suse.com/security/cve/CVE-2024-35801"
},
{
"category": "external",
"summary": "SUSE Bug 1224732 for CVE-2024-35801",
"url": "https://bugzilla.suse.com/1224732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35801"
},
{
"cve": "CVE-2024-35803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35803"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/efistub: Call mixed mode boot services on the firmware\u0027s stack\n\nNormally, the EFI stub calls into the EFI boot services using the stack\nthat was live when the stub was entered. According to the UEFI spec,\nthis stack needs to be at least 128k in size - this might seem large but\nall asynchronous processing and event handling in EFI runs from the same\nstack and so quite a lot of space may be used in practice.\n\nIn mixed mode, the situation is a bit different: the bootloader calls\nthe 32-bit EFI stub entry point, which calls the decompressor\u0027s 32-bit\nentry point, where the boot stack is set up, using a fixed allocation\nof 16k. This stack is still in use when the EFI stub is started in\n64-bit mode, and so all calls back into the EFI firmware will be using\nthe decompressor\u0027s limited boot stack.\n\nDue to the placement of the boot stack right after the boot heap, any\nstack overruns have gone unnoticed. However, commit\n\n 5c4feadb0011983b (\"x86/decompressor: Move global symbol references to C code\")\n\nmoved the definition of the boot heap into C code, and now the boot\nstack is placed right at the base of BSS, where any overruns will\ncorrupt the end of the .data section.\n\nWhile it would be possible to work around this by increasing the size of\nthe boot stack, doing so would affect all x86 systems, and mixed mode\nsystems are a tiny (and shrinking) fraction of the x86 installed base.\n\nSo instead, record the firmware stack pointer value when entering from\nthe 32-bit firmware, and switch to this stack every time a EFI boot\nservice call is made.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35803",
"url": "https://www.suse.com/security/cve/CVE-2024-35803"
},
{
"category": "external",
"summary": "SUSE Bug 1224742 for CVE-2024-35803",
"url": "https://bugzilla.suse.com/1224742"
},
{
"category": "external",
"summary": "SUSE Bug 1225314 for CVE-2024-35803",
"url": "https://bugzilla.suse.com/1225314"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35803"
},
{
"cve": "CVE-2024-35804",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35804"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Mark target gfn of emulated atomic instruction as dirty\n\nWhen emulating an atomic access on behalf of the guest, mark the target\ngfn dirty if the CMPXCHG by KVM is attempted and doesn\u0027t fault. This\nfixes a bug where KVM effectively corrupts guest memory during live\nmigration by writing to guest memory without informing userspace that the\npage is dirty.\n\nMarking the page dirty got unintentionally dropped when KVM\u0027s emulated\nCMPXCHG was converted to do a user access. Before that, KVM explicitly\nmapped the guest page into kernel memory, and marked the page dirty during\nthe unmap phase.\n\nMark the page dirty even if the CMPXCHG fails, as the old data is written\nback on failure, i.e. the page is still written. The value written is\nguaranteed to be the same because the operation is atomic, but KVM\u0027s ABI\nis that all writes are dirty logged regardless of the value written. And\nmore importantly, that\u0027s what KVM did before the buggy commit.\n\nHuge kudos to the folks on the Cc list (and many others), who did all the\nactual work of triaging and debugging.\n\nbase-commit: 6769ea8da8a93ed4630f1ce64df6aafcaabfce64",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35804",
"url": "https://www.suse.com/security/cve/CVE-2024-35804"
},
{
"category": "external",
"summary": "SUSE Bug 1224638 for CVE-2024-35804",
"url": "https://bugzilla.suse.com/1224638"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35804"
},
{
"cve": "CVE-2024-35806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35806"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: Always disable interrupts when taking cgr_lock\n\nsmp_call_function_single disables IRQs when executing the callback. To\nprevent deadlocks, we must disable IRQs when taking cgr_lock elsewhere.\nThis is already done by qman_update_cgr and qman_delete_cgr; fix the\nother lockers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35806",
"url": "https://www.suse.com/security/cve/CVE-2024-35806"
},
{
"category": "external",
"summary": "SUSE Bug 1224699 for CVE-2024-35806",
"url": "https://bugzilla.suse.com/1224699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35806"
},
{
"cve": "CVE-2024-35808",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35808"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmd/dm-raid: don\u0027t call md_reap_sync_thread() directly\n\nCurrently md_reap_sync_thread() is called from raid_message() directly\nwithout holding \u0027reconfig_mutex\u0027, this is definitely unsafe because\nmd_reap_sync_thread() can change many fields that is protected by\n\u0027reconfig_mutex\u0027.\n\nHowever, hold \u0027reconfig_mutex\u0027 here is still problematic because this\nwill cause deadlock, for example, commit 130443d60b1b (\"md: refactor\nidle/frozen_sync_thread() to fix deadlock\").\n\nFix this problem by using stop_sync_thread() to unregister sync_thread,\nlike md/raid did.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35808",
"url": "https://www.suse.com/security/cve/CVE-2024-35808"
},
{
"category": "external",
"summary": "SUSE Bug 1224623 for CVE-2024-35808",
"url": "https://bugzilla.suse.com/1224623"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35808"
},
{
"cve": "CVE-2024-35809",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35809"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI/PM: Drain runtime-idle callbacks before driver removal\n\nA race condition between the .runtime_idle() callback and the .remove()\ncallback in the rtsx_pcr PCI driver leads to a kernel crash due to an\nunhandled page fault [1].\n\nThe problem is that rtsx_pci_runtime_idle() is not expected to be running\nafter pm_runtime_get_sync() has been called, but the latter doesn\u0027t really\nguarantee that. It only guarantees that the suspend and resume callbacks\nwill not be running when it returns.\n\nHowever, if a .runtime_idle() callback is already running when\npm_runtime_get_sync() is called, the latter will notice that the runtime PM\nstatus of the device is RPM_ACTIVE and it will return right away without\nwaiting for the former to complete. In fact, it cannot wait for\n.runtime_idle() to complete because it may be called from that callback (it\narguably does not make much sense to do that, but it is not strictly\nprohibited).\n\nThus in general, whoever is providing a .runtime_idle() callback needs\nto protect it from running in parallel with whatever code runs after\npm_runtime_get_sync(). [Note that .runtime_idle() will not start after\npm_runtime_get_sync() has returned, but it may continue running then if it\nhas started earlier.]\n\nOne way to address that race condition is to call pm_runtime_barrier()\nafter pm_runtime_get_sync() (not before it, because a nonzero value of the\nruntime PM usage counter is necessary to prevent runtime PM callbacks from\nbeing invoked) to wait for the .runtime_idle() callback to complete should\nit be running at that point. A suitable place for doing that is in\npci_device_remove() which calls pm_runtime_get_sync() before removing the\ndriver, so it may as well call pm_runtime_barrier() subsequently, which\nwill prevent the race in question from occurring, not just in the rtsx_pcr\ndriver, but in any PCI drivers providing .runtime_idle() callbacks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35809",
"url": "https://www.suse.com/security/cve/CVE-2024-35809"
},
{
"category": "external",
"summary": "SUSE Bug 1224738 for CVE-2024-35809",
"url": "https://bugzilla.suse.com/1224738"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35809"
},
{
"cve": "CVE-2024-35810",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35810"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Fix the lifetime of the bo cursor memory\n\nThe cleanup can be dispatched while the atomic update is still active,\nwhich means that the memory acquired in the atomic update needs to\nnot be invalidated by the cleanup. The buffer objects in vmw_plane_state\ninstead of using the builtin map_and_cache were trying to handle\nthe lifetime of the mapped memory themselves, leading to crashes.\n\nUse the map_and_cache instead of trying to manage the lifetime of the\nbuffer objects held by the vmw_plane_state.\n\nFixes kernel oops\u0027es in IGT\u0027s kms_cursor_legacy forked-bo.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35810",
"url": "https://www.suse.com/security/cve/CVE-2024-35810"
},
{
"category": "external",
"summary": "SUSE Bug 1224626 for CVE-2024-35810",
"url": "https://bugzilla.suse.com/1224626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35810"
},
{
"cve": "CVE-2024-35811",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35811"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: brcmfmac: Fix use-after-free bug in brcmf_cfg80211_detach\n\nThis is the candidate patch of CVE-2023-47233 :\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-47233\n\nIn brcm80211 driver,it starts with the following invoking chain\nto start init a timeout worker:\n\n-\u003ebrcmf_usb_probe\n -\u003ebrcmf_usb_probe_cb\n -\u003ebrcmf_attach\n -\u003ebrcmf_bus_started\n -\u003ebrcmf_cfg80211_attach\n -\u003ewl_init_priv\n -\u003ebrcmf_init_escan\n -\u003eINIT_WORK(\u0026cfg-\u003eescan_timeout_work,\n\t\t brcmf_cfg80211_escan_timeout_worker);\n\nIf we disconnect the USB by hotplug, it will call\nbrcmf_usb_disconnect to make cleanup. The invoking chain is :\n\nbrcmf_usb_disconnect\n -\u003ebrcmf_usb_disconnect_cb\n -\u003ebrcmf_detach\n -\u003ebrcmf_cfg80211_detach\n -\u003ekfree(cfg);\n\nWhile the timeout woker may still be running. This will cause\na use-after-free bug on cfg in brcmf_cfg80211_escan_timeout_worker.\n\nFix it by deleting the timer and canceling the worker in\nbrcmf_cfg80211_detach.\n\n[arend.vanspriel@broadcom.com: keep timer delete as is and cancel work just before free]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35811",
"url": "https://www.suse.com/security/cve/CVE-2024-35811"
},
{
"category": "external",
"summary": "SUSE Bug 1224592 for CVE-2024-35811",
"url": "https://bugzilla.suse.com/1224592"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35811"
},
{
"cve": "CVE-2024-35812",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35812"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35812",
"url": "https://www.suse.com/security/cve/CVE-2024-35812"
},
{
"category": "external",
"summary": "SUSE Bug 1224624 for CVE-2024-35812",
"url": "https://bugzilla.suse.com/1224624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35812"
},
{
"cve": "CVE-2024-35813",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35813"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: core: Avoid negative index with array access\n\nCommit 4d0c8d0aef63 (\"mmc: core: Use mrq.sbc in close-ended ffu\") assigns\nprev_idata = idatas[i - 1], but doesn\u0027t check that the iterator i is\ngreater than zero. Let\u0027s fix this by adding a check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35813",
"url": "https://www.suse.com/security/cve/CVE-2024-35813"
},
{
"category": "external",
"summary": "SUSE Bug 1224618 for CVE-2024-35813",
"url": "https://bugzilla.suse.com/1224618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35813"
},
{
"cve": "CVE-2024-35814",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35814"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nswiotlb: Fix double-allocation of slots due to broken alignment handling\n\nCommit bbb73a103fbb (\"swiotlb: fix a braino in the alignment check fix\"),\nwhich was a fix for commit 0eee5ae10256 (\"swiotlb: fix slot alignment\nchecks\"), causes a functional regression with vsock in a virtual machine\nusing bouncing via a restricted DMA SWIOTLB pool.\n\nWhen virtio allocates the virtqueues for the vsock device using\ndma_alloc_coherent(), the SWIOTLB search can return page-unaligned\nallocations if \u0027area-\u003eindex\u0027 was left unaligned by a previous allocation\nfrom the buffer:\n\n # Final address in brackets is the SWIOTLB address returned to the caller\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1645-1649/7168 (0x98326800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1649-1653/7168 (0x98328800)\n | virtio-pci 0000:00:07.0: orig_addr 0x0 alloc_size 0x2000, iotlb_align_mask 0x800 stride 0x2: got slot 1653-1657/7168 (0x9832a800)\n\nThis ends badly (typically buffer corruption and/or a hang) because\nswiotlb_alloc() is expecting a page-aligned allocation and so blindly\nreturns a pointer to the \u0027struct page\u0027 corresponding to the allocation,\ntherefore double-allocating the first half (2KiB slot) of the 4KiB page.\n\nFix the problem by treating the allocation alignment separately to any\nadditional alignment requirements from the device, using the maximum\nof the two as the stride to search the buffer slots and taking care\nto ensure a minimum of page-alignment for buffers larger than a page.\n\nThis also resolves swiotlb allocation failures occuring due to the\ninclusion of ~PAGE_MASK in \u0027iotlb_align_mask\u0027 for large allocations and\nresulting in alignment requirements exceeding swiotlb_max_mapping_size().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35814",
"url": "https://www.suse.com/security/cve/CVE-2024-35814"
},
{
"category": "external",
"summary": "SUSE Bug 1224602 for CVE-2024-35814",
"url": "https://bugzilla.suse.com/1224602"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35814"
},
{
"cve": "CVE-2024-35815",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35815"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion\n\nThe first kiocb_set_cancel_fn() argument may point at a struct kiocb\nthat is not embedded inside struct aio_kiocb. With the current code,\ndepending on the compiler, the req-\u003eki_ctx read happens either before\nthe IOCB_AIO_RW test or after that test. Move the req-\u003eki_ctx read such\nthat it is guaranteed that the IOCB_AIO_RW test happens first.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35815",
"url": "https://www.suse.com/security/cve/CVE-2024-35815"
},
{
"category": "external",
"summary": "SUSE Bug 1224685 for CVE-2024-35815",
"url": "https://bugzilla.suse.com/1224685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35815"
},
{
"cve": "CVE-2024-35817",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35817"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag\n\nOtherwise after the GTT bo is released, the GTT and gart space is freed\nbut amdgpu_ttm_backend_unbind will not clear the gart page table entry\nand leave valid mapping entry pointing to the stale system page. Then\nif GPU access the gart address mistakely, it will read undefined value\ninstead page fault, harder to debug and reproduce the real issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35817",
"url": "https://www.suse.com/security/cve/CVE-2024-35817"
},
{
"category": "external",
"summary": "SUSE Bug 1224736 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1224736"
},
{
"category": "external",
"summary": "SUSE Bug 1225313 for CVE-2024-35817",
"url": "https://bugzilla.suse.com/1225313"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35817"
},
{
"cve": "CVE-2024-35819",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35819"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoc: fsl: qbman: Use raw spinlock for cgr_lock\n\nsmp_call_function always runs its callback in hard IRQ context, even on\nPREEMPT_RT, where spinlocks can sleep. So we need to use a raw spinlock\nfor cgr_lock to ensure we aren\u0027t waiting on a sleeping task.\n\nAlthough this bug has existed for a while, it was not apparent until\ncommit ef2a8d5478b9 (\"net: dpaa: Adjust queue depth on rate change\")\nwhich invokes smp_call_function_single via qman_update_cgr_safe every\ntime a link goes up or down.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35819",
"url": "https://www.suse.com/security/cve/CVE-2024-35819"
},
{
"category": "external",
"summary": "SUSE Bug 1224683 for CVE-2024-35819",
"url": "https://bugzilla.suse.com/1224683"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35819"
},
{
"cve": "CVE-2024-35821",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35821"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nubifs: Set page uptodate in the correct place\n\nPage cache reads are lockless, so setting the freshly allocated page\nuptodate before we\u0027ve overwritten it with the data it\u0027s supposed to have\nin it will allow a simultaneous reader to see old data. Move the call\nto SetPageUptodate into ubifs_write_end(), which is after we copied the\nnew data into the page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35821",
"url": "https://www.suse.com/security/cve/CVE-2024-35821"
},
{
"category": "external",
"summary": "SUSE Bug 1224629 for CVE-2024-35821",
"url": "https://bugzilla.suse.com/1224629"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35821"
},
{
"cve": "CVE-2024-35822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: udc: remove warning when queue disabled ep\n\nIt is possible trigger below warning message from mass storage function,\n\nWARNING: CPU: 6 PID: 3839 at drivers/usb/gadget/udc/core.c:294 usb_ep_queue+0x7c/0x104\npc : usb_ep_queue+0x7c/0x104\nlr : fsg_main_thread+0x494/0x1b3c\n\nRoot cause is mass storage function try to queue request from main thread,\nbut other thread may already disable ep when function disable.\n\nAs there is no function failure in the driver, in order to avoid effort\nto fix warning, change WARN_ON_ONCE() in usb_ep_queue() to pr_debug().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35822",
"url": "https://www.suse.com/security/cve/CVE-2024-35822"
},
{
"category": "external",
"summary": "SUSE Bug 1224739 for CVE-2024-35822",
"url": "https://bugzilla.suse.com/1224739"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35822"
},
{
"cve": "CVE-2024-35823",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35823"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvt: fix unicode buffer corruption when deleting characters\n\nThis is the same issue that was fixed for the VGA text buffer in commit\n39cdb68c64d8 (\"vt: fix memory overlapping when deleting chars in the\nbuffer\"). The cure is also the same i.e. replace memcpy() with memmove()\ndue to the overlaping buffers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35823",
"url": "https://www.suse.com/security/cve/CVE-2024-35823"
},
{
"category": "external",
"summary": "SUSE Bug 1224692 for CVE-2024-35823",
"url": "https://bugzilla.suse.com/1224692"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35823"
},
{
"cve": "CVE-2024-35824",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35824"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmisc: lis3lv02d_i2c: Fix regulators getting en-/dis-abled twice on suspend/resume\n\nWhen not configured for wakeup lis3lv02d_i2c_suspend() will call\nlis3lv02d_poweroff() even if the device has already been turned off\nby the runtime-suspend handler and if configured for wakeup and\nthe device is runtime-suspended at this point then it is not turned\nback on to serve as a wakeup source.\n\nBefore commit b1b9f7a49440 (\"misc: lis3lv02d_i2c: Add missing setting\nof the reg_ctrl callback\"), lis3lv02d_poweroff() failed to disable\nthe regulators which as a side effect made calling poweroff() twice ok.\n\nNow that poweroff() correctly disables the regulators, doing this twice\ntriggers a WARN() in the regulator core:\n\nunbalanced disables for regulator-dummy\nWARNING: CPU: 1 PID: 92 at drivers/regulator/core.c:2999 _regulator_disable\n...\n\nFix lis3lv02d_i2c_suspend() to not call poweroff() a second time if\nalready runtime-suspended and add a poweron() call when necessary to\nmake wakeup work.\n\nlis3lv02d_i2c_resume() has similar issues, with an added weirness that\nit always powers on the device if it is runtime suspended, after which\nthe first runtime-resume will call poweron() again, causing the enabled\ncount for the regulator to increase by 1 every suspend/resume. These\nunbalanced regulator_enable() calls cause the regulator to never\nbe turned off and trigger the following WARN() on driver unbind:\n\nWARNING: CPU: 1 PID: 1724 at drivers/regulator/core.c:2396 _regulator_put\n\nFix this by making lis3lv02d_i2c_resume() mirror the new suspend().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35824",
"url": "https://www.suse.com/security/cve/CVE-2024-35824"
},
{
"category": "external",
"summary": "SUSE Bug 1224609 for CVE-2024-35824",
"url": "https://bugzilla.suse.com/1224609"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35824"
},
{
"cve": "CVE-2024-35825",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35825"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: ncm: Fix handling of zero block length packets\n\nWhile connecting to a Linux host with CDC_NCM_NTB_DEF_SIZE_TX\nset to 65536, it has been observed that we receive short packets,\nwhich come at interval of 5-10 seconds sometimes and have block\nlength zero but still contain 1-2 valid datagrams present.\n\nAccording to the NCM spec:\n\n\"If wBlockLength = 0x0000, the block is terminated by a\nshort packet. In this case, the USB transfer must still\nbe shorter than dwNtbInMaxSize or dwNtbOutMaxSize. If\nexactly dwNtbInMaxSize or dwNtbOutMaxSize bytes are sent,\nand the size is a multiple of wMaxPacketSize for the\ngiven pipe, then no ZLP shall be sent.\n\nwBlockLength= 0x0000 must be used with extreme care, because\nof the possibility that the host and device may get out of\nsync, and because of test issues.\n\nwBlockLength = 0x0000 allows the sender to reduce latency by\nstarting to send a very large NTB, and then shortening it when\nthe sender discovers that there\u0027s not sufficient data to justify\nsending a large NTB\"\n\nHowever, there is a potential issue with the current implementation,\nas it checks for the occurrence of multiple NTBs in a single\ngiveback by verifying if the leftover bytes to be processed is zero\nor not. If the block length reads zero, we would process the same\nNTB infintely because the leftover bytes is never zero and it leads\nto a crash. Fix this by bailing out if block length reads zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35825",
"url": "https://www.suse.com/security/cve/CVE-2024-35825"
},
{
"category": "external",
"summary": "SUSE Bug 1224681 for CVE-2024-35825",
"url": "https://bugzilla.suse.com/1224681"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35825"
},
{
"cve": "CVE-2024-35828",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35828"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: libertas: fix some memleaks in lbs_allocate_cmd_buffer()\n\nIn the for statement of lbs_allocate_cmd_buffer(), if the allocation of\ncmdarray[i].cmdbuf fails, both cmdarray and cmdarray[i].cmdbuf needs to\nbe freed. Otherwise, there will be memleaks in lbs_allocate_cmd_buffer().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35828",
"url": "https://www.suse.com/security/cve/CVE-2024-35828"
},
{
"category": "external",
"summary": "SUSE Bug 1224622 for CVE-2024-35828",
"url": "https://bugzilla.suse.com/1224622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35828"
},
{
"cve": "CVE-2024-35829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35829"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/lima: fix a memleak in lima_heap_alloc\n\nWhen lima_vm_map_bo fails, the resources need to be deallocated, or\nthere will be memleaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35829",
"url": "https://www.suse.com/security/cve/CVE-2024-35829"
},
{
"category": "external",
"summary": "SUSE Bug 1224707 for CVE-2024-35829",
"url": "https://bugzilla.suse.com/1224707"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35829"
},
{
"cve": "CVE-2024-35830",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35830"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: tc358743: register v4l2 async device only after successful setup\n\nEnsure the device has been setup correctly before registering the v4l2\nasync device, thus allowing userspace to access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35830",
"url": "https://www.suse.com/security/cve/CVE-2024-35830"
},
{
"category": "external",
"summary": "SUSE Bug 1224680 for CVE-2024-35830",
"url": "https://bugzilla.suse.com/1224680"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35830"
},
{
"cve": "CVE-2024-35833",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35833"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA\n\nThis dma_alloc_coherent() is undone neither in the remove function, nor in\nthe error handling path of fsl_qdma_probe().\n\nSwitch to the managed version to fix both issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35833",
"url": "https://www.suse.com/security/cve/CVE-2024-35833"
},
{
"category": "external",
"summary": "SUSE Bug 1224632 for CVE-2024-35833",
"url": "https://bugzilla.suse.com/1224632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35833"
},
{
"cve": "CVE-2024-35834",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35834"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxsk: recycle buffer in case Rx queue was full\n\nAdd missing xsk_buff_free() call when __xsk_rcv_zc() failed to produce\ndescriptor to XSK Rx queue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35834",
"url": "https://www.suse.com/security/cve/CVE-2024-35834"
},
{
"category": "external",
"summary": "SUSE Bug 1224620 for CVE-2024-35834",
"url": "https://bugzilla.suse.com/1224620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35834"
},
{
"cve": "CVE-2024-35835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35835"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: fix a double-free in arfs_create_groups\n\nWhen `in` allocated by kvzalloc fails, arfs_create_groups will free\nft-\u003eg and return an error. However, arfs_create_table, the only caller of\narfs_create_groups, will hold this error and call to\nmlx5e_destroy_flow_table, in which the ft-\u003eg will be freed again.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35835",
"url": "https://www.suse.com/security/cve/CVE-2024-35835"
},
{
"category": "external",
"summary": "SUSE Bug 1224605 for CVE-2024-35835",
"url": "https://bugzilla.suse.com/1224605"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35835"
},
{
"cve": "CVE-2024-35836",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35836"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix pin dump crash for rebound module\n\nWhen a kernel module is unbound but the pin resources were not entirely\nfreed (other kernel module instance of the same PCI device have had kept\nthe reference to that pin), and kernel module is again bound, the pin\nproperties would not be updated (the properties are only assigned when\nmemory for the pin is allocated), prop pointer still points to the\nkernel module memory of the kernel module which was deallocated on the\nunbind.\n\nIf the pin dump is invoked in this state, the result is a kernel crash.\nPrevent the crash by storing persistent pin properties in dpll subsystem,\ncopy the content from the kernel module when pin is allocated, instead of\nusing memory of the kernel module.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35836",
"url": "https://www.suse.com/security/cve/CVE-2024-35836"
},
{
"category": "external",
"summary": "SUSE Bug 1224633 for CVE-2024-35836",
"url": "https://bugzilla.suse.com/1224633"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35836"
},
{
"cve": "CVE-2024-35837",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35837"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: clear BM pool before initialization\n\nRegister value persist after booting the kernel using\nkexec which results in kernel panic. Thus clear the\nBM pool registers before initialisation to fix the issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35837",
"url": "https://www.suse.com/security/cve/CVE-2024-35837"
},
{
"category": "external",
"summary": "SUSE Bug 1224500 for CVE-2024-35837",
"url": "https://bugzilla.suse.com/1224500"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35837"
},
{
"cve": "CVE-2024-35838",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35838"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: fix potential sta-link leak\n\nWhen a station is allocated, links are added but not\nset to valid yet (e.g. during connection to an AP MLD),\nwe might remove the station without ever marking links\nvalid, and leak them. Fix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35838",
"url": "https://www.suse.com/security/cve/CVE-2024-35838"
},
{
"category": "external",
"summary": "SUSE Bug 1224613 for CVE-2024-35838",
"url": "https://bugzilla.suse.com/1224613"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35838"
},
{
"cve": "CVE-2024-35841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: tls, fix WARNIING in __sk_msg_free\n\nA splice with MSG_SPLICE_PAGES will cause tls code to use the\ntls_sw_sendmsg_splice path in the TLS sendmsg code to move the user\nprovided pages from the msg into the msg_pl. This will loop over the\nmsg until msg_pl is full, checked by sk_msg_full(msg_pl). The user\ncan also set the MORE flag to hint stack to delay sending until receiving\nmore pages and ideally a full buffer.\n\nIf the user adds more pages to the msg than can fit in the msg_pl\nscatterlist (MAX_MSG_FRAGS) we should ignore the MORE flag and send\nthe buffer anyways.\n\nWhat actually happens though is we abort the msg to msg_pl scatterlist\nsetup and then because we forget to set \u0027full record\u0027 indicating we\ncan no longer consume data without a send we fallthrough to the \u0027continue\u0027\npath which will check if msg_data_left(msg) has more bytes to send and\nthen attempts to fit them in the already full msg_pl. Then next\niteration of sender doing send will encounter a full msg_pl and throw\nthe warning in the syzbot report.\n\nTo fix simply check if we have a full_record in splice code path and\nif not send the msg regardless of MORE flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35841",
"url": "https://www.suse.com/security/cve/CVE-2024-35841"
},
{
"category": "external",
"summary": "SUSE Bug 1224687 for CVE-2024-35841",
"url": "https://bugzilla.suse.com/1224687"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35841"
},
{
"cve": "CVE-2024-35842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: mediatek: sof-common: Add NULL check for normal_link string\n\nIt\u0027s not granted that all entries of struct sof_conn_stream declare\na `normal_link` (a non-SOF, direct link) string, and this is the case\nfor SoCs that support only SOF paths (hence do not support both direct\nand SOF usecases).\n\nFor example, in the case of MT8188 there is no normal_link string in\nany of the sof_conn_stream entries and there will be more drivers\ndoing that in the future.\n\nTo avoid possible NULL pointer KPs, add a NULL check for `normal_link`.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35842",
"url": "https://www.suse.com/security/cve/CVE-2024-35842"
},
{
"category": "external",
"summary": "SUSE Bug 1224688 for CVE-2024-35842",
"url": "https://bugzilla.suse.com/1224688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35842"
},
{
"cve": "CVE-2024-35845",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35845"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: dbg-tlv: ensure NUL termination\n\nThe iwl_fw_ini_debug_info_tlv is used as a string, so we must\nensure the string is terminated correctly before using it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35845",
"url": "https://www.suse.com/security/cve/CVE-2024-35845"
},
{
"category": "external",
"summary": "SUSE Bug 1224731 for CVE-2024-35845",
"url": "https://bugzilla.suse.com/1224731"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35845"
},
{
"cve": "CVE-2024-35847",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35847"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nirqchip/gic-v3-its: Prevent double free on error\n\nThe error handling path in its_vpe_irq_domain_alloc() causes a double free\nwhen its_vpe_init() fails after successfully allocating at least one\ninterrupt. This happens because its_vpe_irq_domain_free() frees the\ninterrupts along with the area bitmap and the vprop_page and\nits_vpe_irq_domain_alloc() subsequently frees the area bitmap and the\nvprop_page again.\n\nFix this by unconditionally invoking its_vpe_irq_domain_free() which\nhandles all cases correctly and by removing the bitmap/vprop_page freeing\nfrom its_vpe_irq_domain_alloc().\n\n[ tglx: Massaged change log ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35847",
"url": "https://www.suse.com/security/cve/CVE-2024-35847"
},
{
"category": "external",
"summary": "SUSE Bug 1224697 for CVE-2024-35847",
"url": "https://bugzilla.suse.com/1224697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35847"
},
{
"cve": "CVE-2024-35849",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35849"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix information leak in btrfs_ioctl_logical_to_ino()\n\nSyzbot reported the following information leak for in\nbtrfs_ioctl_logical_to_ino():\n\n BUG: KMSAN: kernel-infoleak in instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n BUG: KMSAN: kernel-infoleak in _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n instrument_copy_to_user include/linux/instrumented.h:114 [inline]\n _copy_to_user+0xbc/0x110 lib/usercopy.c:40\n copy_to_user include/linux/uaccess.h:191 [inline]\n btrfs_ioctl_logical_to_ino+0x440/0x750 fs/btrfs/ioctl.c:3499\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Uninit was created at:\n __kmalloc_large_node+0x231/0x370 mm/slub.c:3921\n __do_kmalloc_node mm/slub.c:3954 [inline]\n __kmalloc_node+0xb07/0x1060 mm/slub.c:3973\n kmalloc_node include/linux/slab.h:648 [inline]\n kvmalloc_node+0xc0/0x2d0 mm/util.c:634\n kvmalloc include/linux/slab.h:766 [inline]\n init_data_container+0x49/0x1e0 fs/btrfs/backref.c:2779\n btrfs_ioctl_logical_to_ino+0x17c/0x750 fs/btrfs/ioctl.c:3480\n btrfs_ioctl+0x714/0x1260\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:904 [inline]\n __se_sys_ioctl+0x261/0x450 fs/ioctl.c:890\n __x64_sys_ioctl+0x96/0xe0 fs/ioctl.c:890\n x64_sys_call+0x1883/0x3b50 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/common.c:52 [inline]\n do_syscall_64+0xcf/0x1e0 arch/x86/entry/common.c:83\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\n Bytes 40-65535 of 65536 are uninitialized\n Memory access of size 65536 starts at ffff888045a40000\n\nThis happens, because we\u0027re copying a \u0027struct btrfs_data_container\u0027 back\nto user-space. This btrfs_data_container is allocated in\n\u0027init_data_container()\u0027 via kvmalloc(), which does not zero-fill the\nmemory.\n\nFix this by using kvzalloc() which zeroes out the memory on allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35849",
"url": "https://www.suse.com/security/cve/CVE-2024-35849"
},
{
"category": "external",
"summary": "SUSE Bug 1224733 for CVE-2024-35849",
"url": "https://bugzilla.suse.com/1224733"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35849"
},
{
"cve": "CVE-2024-35850",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35850"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: fix NULL-deref on non-serdev setup\n\nQualcomm ROME controllers can be registered from the Bluetooth line\ndiscipline and in this case the HCI UART serdev pointer is NULL.\n\nAdd the missing sanity check to prevent a NULL-pointer dereference when\nsetup() is called for a non-serdev controller.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35850",
"url": "https://www.suse.com/security/cve/CVE-2024-35850"
},
{
"category": "external",
"summary": "SUSE Bug 1224600 for CVE-2024-35850",
"url": "https://bugzilla.suse.com/1224600"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35850"
},
{
"cve": "CVE-2024-35851",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35851"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: fix NULL-deref on non-serdev suspend\n\nQualcomm ROME controllers can be registered from the Bluetooth line\ndiscipline and in this case the HCI UART serdev pointer is NULL.\n\nAdd the missing sanity check to prevent a NULL-pointer dereference when\nwakeup() is called for a non-serdev controller during suspend.\n\nJust return true for now to restore the original behaviour and address\nthe crash with pre-6.2 kernels, which do not have commit e9b3e5b8c657\n(\"Bluetooth: hci_qca: only assign wakeup with serial port support\") that\ncauses the crash to happen already at setup() time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35851",
"url": "https://www.suse.com/security/cve/CVE-2024-35851"
},
{
"category": "external",
"summary": "SUSE Bug 1224509 for CVE-2024-35851",
"url": "https://bugzilla.suse.com/1224509"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35851"
},
{
"cve": "CVE-2024-35852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix memory leak when canceling rehash work\n\nThe rehash delayed work is rescheduled with a delay if the number of\ncredits at end of the work is not negative as supposedly it means that\nthe migration ended. Otherwise, it is rescheduled immediately.\n\nAfter \"mlxsw: spectrum_acl_tcam: Fix possible use-after-free during\nrehash\" the above is no longer accurate as a non-negative number of\ncredits is no longer indicative of the migration being done. It can also\nhappen if the work encountered an error in which case the migration will\nresume the next time the work is scheduled.\n\nThe significance of the above is that it is possible for the work to be\npending and associated with hints that were allocated when the migration\nstarted. This leads to the hints being leaked [1] when the work is\ncanceled while pending as part of ACL region dismantle.\n\nFix by freeing the hints if hints are associated with a work that was\ncanceled while pending.\n\nBlame the original commit since the reliance on not having a pending\nwork associated with hints is fragile.\n\n[1]\nunreferenced object 0xffff88810e7c3000 (size 256):\n comm \"kworker/0:16\", pid 176, jiffies 4295460353\n hex dump (first 32 bytes):\n 00 30 95 11 81 88 ff ff 61 00 00 00 00 00 00 80 .0......a.......\n 00 00 61 00 40 00 00 00 00 00 00 00 04 00 00 00 ..a.@...........\n backtrace (crc 2544ddb9):\n [\u003c00000000cf8cfab3\u003e] kmalloc_trace+0x23f/0x2a0\n [\u003c000000004d9a1ad9\u003e] objagg_hints_get+0x42/0x390\n [\u003c000000000b143cf3\u003e] mlxsw_sp_acl_erp_rehash_hints_get+0xca/0x400\n [\u003c0000000059bdb60a\u003e] mlxsw_sp_acl_tcam_vregion_rehash_work+0x868/0x1160\n [\u003c00000000e81fd734\u003e] process_one_work+0x59c/0xf20\n [\u003c00000000ceee9e81\u003e] worker_thread+0x799/0x12c0\n [\u003c00000000bda6fe39\u003e] kthread+0x246/0x300\n [\u003c0000000070056d23\u003e] ret_from_fork+0x34/0x70\n [\u003c00000000dea2b93e\u003e] ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35852",
"url": "https://www.suse.com/security/cve/CVE-2024-35852"
},
{
"category": "external",
"summary": "SUSE Bug 1224502 for CVE-2024-35852",
"url": "https://bugzilla.suse.com/1224502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35852"
},
{
"cve": "CVE-2024-35854",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35854"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix possible use-after-free during rehash\n\nThe rehash delayed work migrates filters from one region to another\naccording to the number of available credits.\n\nThe migrated from region is destroyed at the end of the work if the\nnumber of credits is non-negative as the assumption is that this is\nindicative of migration being complete. This assumption is incorrect as\na non-negative number of credits can also be the result of a failed\nmigration.\n\nThe destruction of a region that still has filters referencing it can\nresult in a use-after-free [1].\n\nFix by not destroying the region if migration failed.\n\n[1]\nBUG: KASAN: slab-use-after-free in mlxsw_sp_acl_ctcam_region_entry_remove+0x21d/0x230\nRead of size 8 at addr ffff8881735319e8 by task kworker/0:31/3858\n\nCPU: 0 PID: 3858 Comm: kworker/0:31 Tainted: G W 6.9.0-rc2-custom-00782-gf2275c2157d8 #5\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc6/0x120\n print_report+0xce/0x670\n kasan_report+0xd7/0x110\n mlxsw_sp_acl_ctcam_region_entry_remove+0x21d/0x230\n mlxsw_sp_acl_ctcam_entry_del+0x2e/0x70\n mlxsw_sp_acl_atcam_entry_del+0x81/0x210\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x3cd/0xb50\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x157/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\nAllocated by task 174:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n __kasan_kmalloc+0x8f/0xa0\n __kmalloc+0x19c/0x360\n mlxsw_sp_acl_tcam_region_create+0xdf/0x9c0\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x954/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30\n\nFreed by task 7:\n kasan_save_stack+0x33/0x60\n kasan_save_track+0x14/0x30\n kasan_save_free_info+0x3b/0x60\n poison_slab_object+0x102/0x170\n __kasan_slab_free+0x14/0x30\n kfree+0xc1/0x290\n mlxsw_sp_acl_tcam_region_destroy+0x272/0x310\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x731/0x1300\n process_one_work+0x8eb/0x19b0\n worker_thread+0x6c9/0xf70\n kthread+0x2c9/0x3b0\n ret_from_fork+0x4d/0x80\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35854",
"url": "https://www.suse.com/security/cve/CVE-2024-35854"
},
{
"category": "external",
"summary": "SUSE Bug 1224636 for CVE-2024-35854",
"url": "https://bugzilla.suse.com/1224636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35854"
},
{
"cve": "CVE-2024-35860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35860"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: support deferring bpf_link dealloc to after RCU grace period\n\nBPF link for some program types is passed as a \"context\" which can be\nused by those BPF programs to look up additional information. E.g., for\nmulti-kprobes and multi-uprobes, link is used to fetch BPF cookie values.\n\nBecause of this runtime dependency, when bpf_link refcnt drops to zero\nthere could still be active BPF programs running accessing link data.\n\nThis patch adds generic support to defer bpf_link dealloc callback to\nafter RCU GP, if requested. This is done by exposing two different\ndeallocation callbacks, one synchronous and one deferred. If deferred\none is provided, bpf_link_free() will schedule dealloc_deferred()\ncallback to happen after RCU GP.\n\nBPF is using two flavors of RCU: \"classic\" non-sleepable one and RCU\ntasks trace one. The latter is used when sleepable BPF programs are\nused. bpf_link_free() accommodates that by checking underlying BPF\nprogram\u0027s sleepable flag, and goes either through normal RCU GP only for\nnon-sleepable, or through RCU tasks trace GP *and* then normal RCU GP\n(taking into account rcu_trace_implies_rcu_gp() optimization), if BPF\nprogram is sleepable.\n\nWe use this for multi-kprobe and multi-uprobe links, which dereference\nlink during program run. We also preventively switch raw_tp link to use\ndeferred dealloc callback, as upcoming changes in bpf-next tree expose\nraw_tp link data (specifically, cookie value) to BPF program at runtime\nas well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35860",
"url": "https://www.suse.com/security/cve/CVE-2024-35860"
},
{
"category": "external",
"summary": "SUSE Bug 1224531 for CVE-2024-35860",
"url": "https://bugzilla.suse.com/1224531"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35860"
},
{
"cve": "CVE-2024-35861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35861"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35861",
"url": "https://www.suse.com/security/cve/CVE-2024-35861"
},
{
"category": "external",
"summary": "SUSE Bug 1224766 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1224766"
},
{
"category": "external",
"summary": "SUSE Bug 1225312 for CVE-2024-35861",
"url": "https://bugzilla.suse.com/1225312"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35861"
},
{
"cve": "CVE-2024-35862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_network_name_deleted()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35862",
"url": "https://www.suse.com/security/cve/CVE-2024-35862"
},
{
"category": "external",
"summary": "SUSE Bug 1224764 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1224764"
},
{
"category": "external",
"summary": "SUSE Bug 1225311 for CVE-2024-35862",
"url": "https://bugzilla.suse.com/1225311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35862"
},
{
"cve": "CVE-2024-35863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35863"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35863",
"url": "https://www.suse.com/security/cve/CVE-2024-35863"
},
{
"category": "external",
"summary": "SUSE Bug 1224763 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1224763"
},
{
"category": "external",
"summary": "SUSE Bug 1225011 for CVE-2024-35863",
"url": "https://bugzilla.suse.com/1225011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35863"
},
{
"cve": "CVE-2024-35864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35864"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_lease_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35864",
"url": "https://www.suse.com/security/cve/CVE-2024-35864"
},
{
"category": "external",
"summary": "SUSE Bug 1224765 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1224765"
},
{
"category": "external",
"summary": "SUSE Bug 1225309 for CVE-2024-35864",
"url": "https://bugzilla.suse.com/1225309"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35864"
},
{
"cve": "CVE-2024-35865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35865"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in smb2_is_valid_oplock_break()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35865",
"url": "https://www.suse.com/security/cve/CVE-2024-35865"
},
{
"category": "external",
"summary": "SUSE Bug 1224668 for CVE-2024-35865",
"url": "https://bugzilla.suse.com/1224668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35865"
},
{
"cve": "CVE-2024-35866",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35866"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_dump_full_key()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35866",
"url": "https://www.suse.com/security/cve/CVE-2024-35866"
},
{
"category": "external",
"summary": "SUSE Bug 1224667 for CVE-2024-35866",
"url": "https://bugzilla.suse.com/1224667"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35866"
},
{
"cve": "CVE-2024-35867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35867"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_show()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35867",
"url": "https://www.suse.com/security/cve/CVE-2024-35867"
},
{
"category": "external",
"summary": "SUSE Bug 1224664 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1224664"
},
{
"category": "external",
"summary": "SUSE Bug 1225012 for CVE-2024-35867",
"url": "https://bugzilla.suse.com/1225012"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35867"
},
{
"cve": "CVE-2024-35868",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35868"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix potential UAF in cifs_stats_proc_write()\n\nSkip sessions that are being teared down (status == SES_EXITING) to\navoid UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35868",
"url": "https://www.suse.com/security/cve/CVE-2024-35868"
},
{
"category": "external",
"summary": "SUSE Bug 1224678 for CVE-2024-35868",
"url": "https://bugzilla.suse.com/1224678"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35868"
},
{
"cve": "CVE-2024-35869",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35869"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: guarantee refcounted children from parent session\n\nAvoid potential use-after-free bugs when walking DFS referrals,\nmounting and performing DFS failover by ensuring that all children\nfrom parent @tcon-\u003eses are also refcounted. They\u0027re all needed across\nthe entire DFS mount. Get rid of @tcon-\u003edfs_ses_list while we\u0027re at\nit, too.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35869",
"url": "https://www.suse.com/security/cve/CVE-2024-35869"
},
{
"category": "external",
"summary": "SUSE Bug 1224679 for CVE-2024-35869",
"url": "https://bugzilla.suse.com/1224679"
},
{
"category": "external",
"summary": "SUSE Bug 1226328 for CVE-2024-35869",
"url": "https://bugzilla.suse.com/1226328"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35869"
},
{
"cve": "CVE-2024-35870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix UAF in smb2_reconnect_server()\n\nThe UAF bug is due to smb2_reconnect_server() accessing a session that\nis already being teared down by another thread that is executing\n__cifs_put_smb_ses(). This can happen when (a) the client has\nconnection to the server but no session or (b) another thread ends up\nsetting @ses-\u003eses_status again to something different than\nSES_EXITING.\n\nTo fix this, we need to make sure to unconditionally set\n@ses-\u003eses_status to SES_EXITING and prevent any other threads from\nsetting a new status while we\u0027re still tearing it down.\n\nThe following can be reproduced by adding some delay to right after\nthe ipc is freed in __cifs_put_smb_ses() - which will give\nsmb2_reconnect_server() worker a chance to run and then accessing\n@ses-\u003eipc:\n\nkinit ...\nmount.cifs //srv/share /mnt/1 -o sec=krb5,nohandlecache,echo_interval=10\n[disconnect srv]\nls /mnt/1 \u0026\u003e/dev/null\nsleep 30\nkdestroy\n[reconnect srv]\nsleep 10\numount /mnt/1\n...\nCIFS: VFS: Verify user has a krb5 ticket and keyutils is installed\nCIFS: VFS: \\\\srv Send error in SessSetup = -126\nCIFS: VFS: Verify user has a krb5 ticket and keyutils is installed\nCIFS: VFS: \\\\srv Send error in SessSetup = -126\ngeneral protection fault, probably for non-canonical address\n0x6b6b6b6b6b6b6b6b: 0000 [#1] PREEMPT SMP NOPTI\nCPU: 3 PID: 50 Comm: kworker/3:1 Not tainted 6.9.0-rc2 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-1.fc39\n04/01/2014\nWorkqueue: cifsiod smb2_reconnect_server [cifs]\nRIP: 0010:__list_del_entry_valid_or_report+0x33/0xf0\nCode: 4f 08 48 85 d2 74 42 48 85 c9 74 59 48 b8 00 01 00 00 00 00 ad\nde 48 39 c2 74 61 48 b8 22 01 00 00 00 00 74 69 \u003c48\u003e 8b 01 48 39 f8 75\n7b 48 8b 72 08 48 39 c6 0f 85 88 00 00 00 b8\nRSP: 0018:ffffc900001bfd70 EFLAGS: 00010a83\nRAX: dead000000000122 RBX: ffff88810da53838 RCX: 6b6b6b6b6b6b6b6b\nRDX: 6b6b6b6b6b6b6b6b RSI: ffffffffc02f6878 RDI: ffff88810da53800\nRBP: ffff88810da53800 R08: 0000000000000001 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000001 R12: ffff88810c064000\nR13: 0000000000000001 R14: ffff88810c064000 R15: ffff8881039cc000\nFS: 0000000000000000(0000) GS:ffff888157c00000(0000)\nknlGS:0000000000000000\nCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\nCR2: 00007fe3728b1000 CR3: 000000010caa4000 CR4: 0000000000750ef0\nPKRU: 55555554\nCall Trace:\n \u003cTASK\u003e\n ? die_addr+0x36/0x90\n ? exc_general_protection+0x1c1/0x3f0\n ? asm_exc_general_protection+0x26/0x30\n ? __list_del_entry_valid_or_report+0x33/0xf0\n __cifs_put_smb_ses+0x1ae/0x500 [cifs]\n smb2_reconnect_server+0x4ed/0x710 [cifs]\n process_one_work+0x205/0x6b0\n worker_thread+0x191/0x360\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe2/0x110\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35870",
"url": "https://www.suse.com/security/cve/CVE-2024-35870"
},
{
"category": "external",
"summary": "SUSE Bug 1224672 for CVE-2024-35870",
"url": "https://bugzilla.suse.com/1224672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35870"
},
{
"cve": "CVE-2024-35872",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35872"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/secretmem: fix GUP-fast succeeding on secretmem folios\n\nfolio_is_secretmem() currently relies on secretmem folios being LRU\nfolios, to save some cycles.\n\nHowever, folios might reside in a folio batch without the LRU flag set, or\ntemporarily have their LRU flag cleared. Consequently, the LRU flag is\nunreliable for this purpose.\n\nIn particular, this is the case when secretmem_fault() allocates a fresh\npage and calls filemap_add_folio()-\u003efolio_add_lru(). The folio might be\nadded to the per-cpu folio batch and won\u0027t get the LRU flag set until the\nbatch was drained using e.g., lru_add_drain().\n\nConsequently, folio_is_secretmem() might not detect secretmem folios and\nGUP-fast can succeed in grabbing a secretmem folio, crashing the kernel\nwhen we would later try reading/writing to the folio, because the folio\nhas been unmapped from the directmap.\n\nFix it by removing that unreliable check.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35872",
"url": "https://www.suse.com/security/cve/CVE-2024-35872"
},
{
"category": "external",
"summary": "SUSE Bug 1224530 for CVE-2024-35872",
"url": "https://bugzilla.suse.com/1224530"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35872"
},
{
"cve": "CVE-2024-35875",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35875"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/coco: Require seeding RNG with RDRAND on CoCo systems\n\nThere are few uses of CoCo that don\u0027t rely on working cryptography and\nhence a working RNG. Unfortunately, the CoCo threat model means that the\nVM host cannot be trusted and may actively work against guests to\nextract secrets or manipulate computation. Since a malicious host can\nmodify or observe nearly all inputs to guests, the only remaining source\nof entropy for CoCo guests is RDRAND.\n\nIf RDRAND is broken -- due to CPU hardware fault -- the RNG as a whole\nis meant to gracefully continue on gathering entropy from other sources,\nbut since there aren\u0027t other sources on CoCo, this is catastrophic.\nThis is mostly a concern at boot time when initially seeding the RNG, as\nafter that the consequences of a broken RDRAND are much more\ntheoretical.\n\nSo, try at boot to seed the RNG using 256 bits of RDRAND output. If this\nfails, panic(). This will also trigger if the system is booted without\nRDRAND, as RDRAND is essential for a safe CoCo boot.\n\nAdd this deliberately to be \"just a CoCo x86 driver feature\" and not\npart of the RNG itself. Many device drivers and platforms have some\ndesire to contribute something to the RNG, and add_device_randomness()\nis specifically meant for this purpose.\n\nAny driver can call it with seed data of any quality, or even garbage\nquality, and it can only possibly make the quality of the RNG better or\nhave no effect, but can never make it worse.\n\nRather than trying to build something into the core of the RNG, consider\nthe particular CoCo issue just a CoCo issue, and therefore separate it\nall out into driver (well, arch/platform) code.\n\n [ bp: Massage commit message. ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35875",
"url": "https://www.suse.com/security/cve/CVE-2024-35875"
},
{
"category": "external",
"summary": "SUSE Bug 1224665 for CVE-2024-35875",
"url": "https://bugzilla.suse.com/1224665"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35875"
},
{
"cve": "CVE-2024-35877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35877"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/mm/pat: fix VM_PAT handling in COW mappings\n\nPAT handling won\u0027t do the right thing in COW mappings: the first PTE (or,\nin fact, all PTEs) can be replaced during write faults to point at anon\nfolios. Reliably recovering the correct PFN and cachemode using\nfollow_phys() from PTEs will not work in COW mappings.\n\nUsing follow_phys(), we might just get the address+protection of the anon\nfolio (which is very wrong), or fail on swap/nonswap entries, failing\nfollow_phys() and triggering a WARN_ON_ONCE() in untrack_pfn() and\ntrack_pfn_copy(), not properly calling free_pfn_range().\n\nIn free_pfn_range(), we either wouldn\u0027t call memtype_free() or would call\nit with the wrong range, possibly leaking memory.\n\nTo fix that, let\u0027s update follow_phys() to refuse returning anon folios,\nand fallback to using the stored PFN inside vma-\u003evm_pgoff for COW mappings\nif we run into that.\n\nWe will now properly handle untrack_pfn() with COW mappings, where we\ndon\u0027t need the cachemode. We\u0027ll have to fail fork()-\u003etrack_pfn_copy() if\nthe first page was replaced by an anon folio, though: we\u0027d have to store\nthe cachemode in the VMA to make this work, likely growing the VMA size.\n\nFor now, lets keep it simple and let track_pfn_copy() just fail in that\ncase: it would have failed in the past with swap/nonswap entries already,\nand it would have done the wrong thing with anon folios.\n\nSimple reproducer to trigger the WARN_ON_ONCE() in untrack_pfn():\n\n\u003c--- C reproducer ---\u003e\n #include \u003cstdio.h\u003e\n #include \u003csys/mman.h\u003e\n #include \u003cunistd.h\u003e\n #include \u003cliburing.h\u003e\n\n int main(void)\n {\n struct io_uring_params p = {};\n int ring_fd;\n size_t size;\n char *map;\n\n ring_fd = io_uring_setup(1, \u0026p);\n if (ring_fd \u003c 0) {\n perror(\"io_uring_setup\");\n return 1;\n }\n size = p.sq_off.array + p.sq_entries * sizeof(unsigned);\n\n /* Map the submission queue ring MAP_PRIVATE */\n map = mmap(0, size, PROT_READ | PROT_WRITE, MAP_PRIVATE,\n ring_fd, IORING_OFF_SQ_RING);\n if (map == MAP_FAILED) {\n perror(\"mmap\");\n return 1;\n }\n\n /* We have at least one page. Let\u0027s COW it. */\n *map = 0;\n pause();\n return 0;\n }\n\u003c--- C reproducer ---\u003e\n\nOn a system with 16 GiB RAM and swap configured:\n # ./iouring \u0026\n # memhog 16G\n # killall iouring\n[ 301.552930] ------------[ cut here ]------------\n[ 301.553285] WARNING: CPU: 7 PID: 1402 at arch/x86/mm/pat/memtype.c:1060 untrack_pfn+0xf4/0x100\n[ 301.553989] Modules linked in: binfmt_misc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_g\n[ 301.558232] CPU: 7 PID: 1402 Comm: iouring Not tainted 6.7.5-100.fc38.x86_64 #1\n[ 301.558772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebu4\n[ 301.559569] RIP: 0010:untrack_pfn+0xf4/0x100\n[ 301.559893] Code: 75 c4 eb cf 48 8b 43 10 8b a8 e8 00 00 00 3b 6b 28 74 b8 48 8b 7b 30 e8 ea 1a f7 000\n[ 301.561189] RSP: 0018:ffffba2c0377fab8 EFLAGS: 00010282\n[ 301.561590] RAX: 00000000ffffffea RBX: ffff9208c8ce9cc0 RCX: 000000010455e047\n[ 301.562105] RDX: 07fffffff0eb1e0a RSI: 0000000000000000 RDI: ffff9208c391d200\n[ 301.562628] RBP: 0000000000000000 R08: ffffba2c0377fab8 R09: 0000000000000000\n[ 301.563145] R10: ffff9208d2292d50 R11: 0000000000000002 R12: 00007fea890e0000\n[ 301.563669] R13: 0000000000000000 R14: ffffba2c0377fc08 R15: 0000000000000000\n[ 301.564186] FS: 0000000000000000(0000) GS:ffff920c2fbc0000(0000) knlGS:0000000000000000\n[ 301.564773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 301.565197] CR2: 00007fea88ee8a20 CR3: 00000001033a8000 CR4: 0000000000750ef0\n[ 301.565725] PKRU: 55555554\n[ 301.565944] Call Trace:\n[ 301.566148] \u003cTASK\u003e\n[ 301.566325] ? untrack_pfn+0xf4/0x100\n[ 301.566618] ? __warn+0x81/0x130\n[ 301.566876] ? untrack_pfn+0xf4/0x100\n[ 3\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35877",
"url": "https://www.suse.com/security/cve/CVE-2024-35877"
},
{
"category": "external",
"summary": "SUSE Bug 1224525 for CVE-2024-35877",
"url": "https://bugzilla.suse.com/1224525"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35877"
},
{
"cve": "CVE-2024-35878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: module: prevent NULL pointer dereference in vsnprintf()\n\nIn of_modalias(), we can get passed the str and len parameters which would\ncause a kernel oops in vsnprintf() since it only allows passing a NULL ptr\nwhen the length is also 0. Also, we need to filter out the negative values\nof the len parameter as these will result in a really huge buffer since\nsnprintf() takes size_t parameter while ours is ssize_t...\n\nFound by Linux Verification Center (linuxtesting.org) with the Svace static\nanalysis tool.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35878",
"url": "https://www.suse.com/security/cve/CVE-2024-35878"
},
{
"category": "external",
"summary": "SUSE Bug 1224671 for CVE-2024-35878",
"url": "https://bugzilla.suse.com/1224671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35878"
},
{
"cve": "CVE-2024-35879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35879"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nof: dynamic: Synchronize of_changeset_destroy() with the devlink removals\n\nIn the following sequence:\n 1) of_platform_depopulate()\n 2) of_overlay_remove()\n\nDuring the step 1, devices are destroyed and devlinks are removed.\nDuring the step 2, OF nodes are destroyed but\n__of_changeset_entry_destroy() can raise warnings related to missing\nof_node_put():\n ERROR: memory leak, expected refcount 1 instead of 2 ...\n\nIndeed, during the devlink removals performed at step 1, the removal\nitself releasing the device (and the attached of_node) is done by a job\nqueued in a workqueue and so, it is done asynchronously with respect to\nfunction calls.\nWhen the warning is present, of_node_put() will be called but wrongly\ntoo late from the workqueue job.\n\nIn order to be sure that any ongoing devlink removals are done before\nthe of_node destruction, synchronize the of_changeset_destroy() with the\ndevlink removals.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35879",
"url": "https://www.suse.com/security/cve/CVE-2024-35879"
},
{
"category": "external",
"summary": "SUSE Bug 1224524 for CVE-2024-35879",
"url": "https://bugzilla.suse.com/1224524"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35879"
},
{
"cve": "CVE-2024-35883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35883"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe\n\nIn function pci1xxxx_spi_probe, there is a potential null pointer that\nmay be caused by a failed memory allocation by the function devm_kzalloc.\nHence, a null pointer check needs to be added to prevent null pointer\ndereferencing later in the code.\n\nTo fix this issue, spi_bus-\u003espi_int[iter] should be checked. The memory\nallocated by devm_kzalloc will be automatically released, so just directly\nreturn -ENOMEM without worrying about memory leaks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35883",
"url": "https://www.suse.com/security/cve/CVE-2024-35883"
},
{
"category": "external",
"summary": "SUSE Bug 1224521 for CVE-2024-35883",
"url": "https://bugzilla.suse.com/1224521"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35883"
},
{
"cve": "CVE-2024-35885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35885"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxbf_gige: stop interface during shutdown\n\nThe mlxbf_gige driver intermittantly encounters a NULL pointer\nexception while the system is shutting down via \"reboot\" command.\nThe mlxbf_driver will experience an exception right after executing\nits shutdown() method. One example of this exception is:\n\nUnable to handle kernel NULL pointer dereference at virtual address 0000000000000070\nMem abort info:\n ESR = 0x0000000096000004\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\nData abort info:\n ISV = 0, ISS = 0x00000004\n CM = 0, WnR = 0\nuser pgtable: 4k pages, 48-bit VAs, pgdp=000000011d373000\n[0000000000000070] pgd=0000000000000000, p4d=0000000000000000\nInternal error: Oops: 96000004 [#1] SMP\nCPU: 0 PID: 13 Comm: ksoftirqd/0 Tainted: G S OE 5.15.0-bf.6.gef6992a #1\nHardware name: https://www.mellanox.com BlueField SoC/BlueField SoC, BIOS 4.0.2.12669 Apr 21 2023\npstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : mlxbf_gige_handle_tx_complete+0xc8/0x170 [mlxbf_gige]\nlr : mlxbf_gige_poll+0x54/0x160 [mlxbf_gige]\nsp : ffff8000080d3c10\nx29: ffff8000080d3c10 x28: ffffcce72cbb7000 x27: ffff8000080d3d58\nx26: ffff0000814e7340 x25: ffff331cd1a05000 x24: ffffcce72c4ea008\nx23: ffff0000814e4b40 x22: ffff0000814e4d10 x21: ffff0000814e4128\nx20: 0000000000000000 x19: ffff0000814e4a80 x18: ffffffffffffffff\nx17: 000000000000001c x16: ffffcce72b4553f4 x15: ffff80008805b8a7\nx14: 0000000000000000 x13: 0000000000000030 x12: 0101010101010101\nx11: 7f7f7f7f7f7f7f7f x10: c2ac898b17576267 x9 : ffffcce720fa5404\nx8 : ffff000080812138 x7 : 0000000000002e9a x6 : 0000000000000080\nx5 : ffff00008de3b000 x4 : 0000000000000000 x3 : 0000000000000001\nx2 : 0000000000000000 x1 : 0000000000000000 x0 : 0000000000000000\nCall trace:\n mlxbf_gige_handle_tx_complete+0xc8/0x170 [mlxbf_gige]\n mlxbf_gige_poll+0x54/0x160 [mlxbf_gige]\n __napi_poll+0x40/0x1c8\n net_rx_action+0x314/0x3a0\n __do_softirq+0x128/0x334\n run_ksoftirqd+0x54/0x6c\n smpboot_thread_fn+0x14c/0x190\n kthread+0x10c/0x110\n ret_from_fork+0x10/0x20\nCode: 8b070000 f9000ea0 f95056c0 f86178a1 (b9407002)\n---[ end trace 7cc3941aa0d8e6a4 ]---\nKernel panic - not syncing: Oops: Fatal exception in interrupt\nKernel Offset: 0x4ce722520000 from 0xffff800008000000\nPHYS_OFFSET: 0x80000000\nCPU features: 0x000005c1,a3330e5a\nMemory Limit: none\n---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nDuring system shutdown, the mlxbf_gige driver\u0027s shutdown() is always executed.\nHowever, the driver\u0027s stop() method will only execute if networking interface\nconfiguration logic within the Linux distribution has been setup to do so.\n\nIf shutdown() executes but stop() does not execute, NAPI remains enabled\nand this can lead to an exception if NAPI is scheduled while the hardware\ninterface has only been partially deinitialized.\n\nThe networking interface managed by the mlxbf_gige driver must be properly\nstopped during system shutdown so that IFF_UP is cleared, the hardware\ninterface is put into a clean state, and NAPI is fully deinitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35885",
"url": "https://www.suse.com/security/cve/CVE-2024-35885"
},
{
"category": "external",
"summary": "SUSE Bug 1224519 for CVE-2024-35885",
"url": "https://bugzilla.suse.com/1224519"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35885"
},
{
"cve": "CVE-2024-35887",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35887"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: fix use-after-free bugs caused by ax25_ds_del_timer\n\nWhen the ax25 device is detaching, the ax25_dev_device_down()\ncalls ax25_ds_del_timer() to cleanup the slave_timer. When\nthe timer handler is running, the ax25_ds_del_timer() that\ncalls del_timer() in it will return directly. As a result,\nthe use-after-free bugs could happen, one of the scenarios\nis shown below:\n\n (Thread 1) | (Thread 2)\n | ax25_ds_timeout()\nax25_dev_device_down() |\n ax25_ds_del_timer() |\n del_timer() |\n ax25_dev_put() //FREE |\n | ax25_dev-\u003e //USE\n\nIn order to mitigate bugs, when the device is detaching, use\ntimer_shutdown_sync() to stop the timer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35887",
"url": "https://www.suse.com/security/cve/CVE-2024-35887"
},
{
"category": "external",
"summary": "SUSE Bug 1224663 for CVE-2024-35887",
"url": "https://bugzilla.suse.com/1224663"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35887"
},
{
"cve": "CVE-2024-35889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35889"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nidpf: fix kernel panic on unknown packet types\n\nIn the very rare case where a packet type is unknown to the driver,\nidpf_rx_process_skb_fields would return early without calling\neth_type_trans to set the skb protocol / the network layer handler.\nThis is especially problematic if tcpdump is running when such a\npacket is received, i.e. it would cause a kernel panic.\n\nInstead, call eth_type_trans for every single packet, even when\nthe packet type is unknown.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35889",
"url": "https://www.suse.com/security/cve/CVE-2024-35889"
},
{
"category": "external",
"summary": "SUSE Bug 1224517 for CVE-2024-35889",
"url": "https://bugzilla.suse.com/1224517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35889"
},
{
"cve": "CVE-2024-35891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: micrel: Fix potential null pointer dereference\n\nIn lan8814_get_sig_rx() and lan8814_get_sig_tx() ptp_parse_header() may\nreturn NULL as ptp_header due to abnormal packet type or corrupted packet.\nFix this bug by adding ptp_header check.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35891",
"url": "https://www.suse.com/security/cve/CVE-2024-35891"
},
{
"category": "external",
"summary": "SUSE Bug 1224513 for CVE-2024-35891",
"url": "https://bugzilla.suse.com/1224513"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35891"
},
{
"cve": "CVE-2024-35895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, sockmap: Prevent lock inversion deadlock in map delete elem\n\nsyzkaller started using corpuses where a BPF tracing program deletes\nelements from a sockmap/sockhash map. Because BPF tracing programs can be\ninvoked from any interrupt context, locks taken during a map_delete_elem\noperation must be hardirq-safe. Otherwise a deadlock due to lock inversion\nis possible, as reported by lockdep:\n\n CPU0 CPU1\n ---- ----\n lock(\u0026htab-\u003ebuckets[i].lock);\n local_irq_disable();\n lock(\u0026host-\u003elock);\n lock(\u0026htab-\u003ebuckets[i].lock);\n \u003cInterrupt\u003e\n lock(\u0026host-\u003elock);\n\nLocks in sockmap are hardirq-unsafe by design. We expects elements to be\ndeleted from sockmap/sockhash only in task (normal) context with interrupts\nenabled, or in softirq context.\n\nDetect when map_delete_elem operation is invoked from a context which is\n_not_ hardirq-unsafe, that is interrupts are disabled, and bail out with an\nerror.\n\nNote that map updates are not affected by this issue. BPF verifier does not\nallow updating sockmap/sockhash from a BPF tracing program today.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35895",
"url": "https://www.suse.com/security/cve/CVE-2024-35895"
},
{
"category": "external",
"summary": "SUSE Bug 1224511 for CVE-2024-35895",
"url": "https://bugzilla.suse.com/1224511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35895"
},
{
"cve": "CVE-2024-35901",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35901"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mana: Fix Rx DMA datasize and skb_over_panic\n\nmana_get_rxbuf_cfg() aligns the RX buffer\u0027s DMA datasize to be\nmultiple of 64. So a packet slightly bigger than mtu+14, say 1536,\ncan be received and cause skb_over_panic.\n\nSample dmesg:\n[ 5325.237162] skbuff: skb_over_panic: text:ffffffffc043277a len:1536 put:1536 head:ff1100018b517000 data:ff1100018b517100 tail:0x700 end:0x6ea dev:\u003cNULL\u003e\n[ 5325.243689] ------------[ cut here ]------------\n[ 5325.245748] kernel BUG at net/core/skbuff.c:192!\n[ 5325.247838] invalid opcode: 0000 [#1] PREEMPT SMP NOPTI\n[ 5325.258374] RIP: 0010:skb_panic+0x4f/0x60\n[ 5325.302941] Call Trace:\n[ 5325.304389] \u003cIRQ\u003e\n[ 5325.315794] ? skb_panic+0x4f/0x60\n[ 5325.317457] ? asm_exc_invalid_op+0x1f/0x30\n[ 5325.319490] ? skb_panic+0x4f/0x60\n[ 5325.321161] skb_put+0x4e/0x50\n[ 5325.322670] mana_poll+0x6fa/0xb50 [mana]\n[ 5325.324578] __napi_poll+0x33/0x1e0\n[ 5325.326328] net_rx_action+0x12e/0x280\n\nAs discussed internally, this alignment is not necessary. To fix\nthis bug, remove it from the code. So oversized packets will be\nmarked as CQE_RX_TRUNCATED by NIC, and dropped.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35901",
"url": "https://www.suse.com/security/cve/CVE-2024-35901"
},
{
"category": "external",
"summary": "SUSE Bug 1224495 for CVE-2024-35901",
"url": "https://bugzilla.suse.com/1224495"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35901"
},
{
"cve": "CVE-2024-35903",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35903"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86/bpf: Fix IP after emitting call depth accounting\n\nAdjust the IP passed to `emit_patch` so it calculates the correct offset\nfor the CALL instruction if `x86_call_depth_emit_accounting` emits code.\nOtherwise we will skip some instructions and most likely crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35903",
"url": "https://www.suse.com/security/cve/CVE-2024-35903"
},
{
"category": "external",
"summary": "SUSE Bug 1224493 for CVE-2024-35903",
"url": "https://bugzilla.suse.com/1224493"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35903"
},
{
"cve": "CVE-2024-35904",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35904"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nselinux: avoid dereference of garbage after mount failure\n\nIn case kern_mount() fails and returns an error pointer return in the\nerror branch instead of continuing and dereferencing the error pointer.\n\nWhile on it drop the never read static variable selinuxfs_mount.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35904",
"url": "https://www.suse.com/security/cve/CVE-2024-35904"
},
{
"category": "external",
"summary": "SUSE Bug 1224494 for CVE-2024-35904",
"url": "https://bugzilla.suse.com/1224494"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35904"
},
{
"cve": "CVE-2024-35905",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35905"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Protect against int overflow for stack access size\n\nThis patch re-introduces protection against the size of access to stack\nmemory being negative; the access size can appear negative as a result\nof overflowing its signed int representation. This should not actually\nhappen, as there are other protections along the way, but we should\nprotect against it anyway. One code path was missing such protections\n(fixed in the previous patch in the series), causing out-of-bounds array\naccesses in check_stack_range_initialized(). This patch causes the\nverification of a program with such a non-sensical access size to fail.\n\nThis check used to exist in a more indirect way, but was inadvertendly\nremoved in a833a17aeac7.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35905",
"url": "https://www.suse.com/security/cve/CVE-2024-35905"
},
{
"category": "external",
"summary": "SUSE Bug 1224488 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1224488"
},
{
"category": "external",
"summary": "SUSE Bug 1226327 for CVE-2024-35905",
"url": "https://bugzilla.suse.com/1226327"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35905"
},
{
"cve": "CVE-2024-35907",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35907"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxbf_gige: call request_irq() after NAPI initialized\n\nThe mlxbf_gige driver encounters a NULL pointer exception in\nmlxbf_gige_open() when kdump is enabled. The sequence to reproduce\nthe exception is as follows:\na) enable kdump\nb) trigger kdump via \"echo c \u003e /proc/sysrq-trigger\"\nc) kdump kernel executes\nd) kdump kernel loads mlxbf_gige module\ne) the mlxbf_gige module runs its open() as the\n the \"oob_net0\" interface is brought up\nf) mlxbf_gige module will experience an exception\n during its open(), something like:\n\n Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000086000004\n EC = 0x21: IABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x04: level 0 translation fault\n user pgtable: 4k pages, 48-bit VAs, pgdp=00000000e29a4000\n [0000000000000000] pgd=0000000000000000, p4d=0000000000000000\n Internal error: Oops: 0000000086000004 [#1] SMP\n CPU: 0 PID: 812 Comm: NetworkManager Tainted: G OE 5.15.0-1035-bluefield #37-Ubuntu\n Hardware name: https://www.mellanox.com BlueField-3 SmartNIC Main Card/BlueField-3 SmartNIC Main Card, BIOS 4.6.0.13024 Jan 19 2024\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : 0x0\n lr : __napi_poll+0x40/0x230\n sp : ffff800008003e00\n x29: ffff800008003e00 x28: 0000000000000000 x27: 00000000ffffffff\n x26: ffff000066027238 x25: ffff00007cedec00 x24: ffff800008003ec8\n x23: 000000000000012c x22: ffff800008003eb7 x21: 0000000000000000\n x20: 0000000000000001 x19: ffff000066027238 x18: 0000000000000000\n x17: ffff578fcb450000 x16: ffffa870b083c7c0 x15: 0000aaab010441d0\n x14: 0000000000000001 x13: 00726f7272655f65 x12: 6769675f6662786c\n x11: 0000000000000000 x10: 0000000000000000 x9 : ffffa870b0842398\n x8 : 0000000000000004 x7 : fe5a48b9069706ea x6 : 17fdb11fc84ae0d2\n x5 : d94a82549d594f35 x4 : 0000000000000000 x3 : 0000000000400100\n x2 : 0000000000000000 x1 : 0000000000000000 x0 : ffff000066027238\n Call trace:\n 0x0\n net_rx_action+0x178/0x360\n __do_softirq+0x15c/0x428\n __irq_exit_rcu+0xac/0xec\n irq_exit+0x18/0x2c\n handle_domain_irq+0x6c/0xa0\n gic_handle_irq+0xec/0x1b0\n call_on_irq_stack+0x20/0x2c\n do_interrupt_handler+0x5c/0x70\n el1_interrupt+0x30/0x50\n el1h_64_irq_handler+0x18/0x2c\n el1h_64_irq+0x7c/0x80\n __setup_irq+0x4c0/0x950\n request_threaded_irq+0xf4/0x1bc\n mlxbf_gige_request_irqs+0x68/0x110 [mlxbf_gige]\n mlxbf_gige_open+0x5c/0x170 [mlxbf_gige]\n __dev_open+0x100/0x220\n __dev_change_flags+0x16c/0x1f0\n dev_change_flags+0x2c/0x70\n do_setlink+0x220/0xa40\n __rtnl_newlink+0x56c/0x8a0\n rtnl_newlink+0x58/0x84\n rtnetlink_rcv_msg+0x138/0x3c4\n netlink_rcv_skb+0x64/0x130\n rtnetlink_rcv+0x20/0x30\n netlink_unicast+0x2ec/0x360\n netlink_sendmsg+0x278/0x490\n __sock_sendmsg+0x5c/0x6c\n ____sys_sendmsg+0x290/0x2d4\n ___sys_sendmsg+0x84/0xd0\n __sys_sendmsg+0x70/0xd0\n __arm64_sys_sendmsg+0x2c/0x40\n invoke_syscall+0x78/0x100\n el0_svc_common.constprop.0+0x54/0x184\n do_el0_svc+0x30/0xac\n el0_svc+0x48/0x160\n el0t_64_sync_handler+0xa4/0x12c\n el0t_64_sync+0x1a4/0x1a8\n Code: bad PC value\n ---[ end trace 7d1c3f3bf9d81885 ]---\n Kernel panic - not syncing: Oops: Fatal exception in interrupt\n Kernel Offset: 0x2870a7a00000 from 0xffff800008000000\n PHYS_OFFSET: 0x80000000\n CPU features: 0x0,000005c1,a3332a5a\n Memory Limit: none\n ---[ end Kernel panic - not syncing: Oops: Fatal exception in interrupt ]---\n\nThe exception happens because there is a pending RX interrupt before the\ncall to request_irq(RX IRQ) executes. Then, the RX IRQ handler fires\nimmediately after this request_irq() completes. The\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35907",
"url": "https://www.suse.com/security/cve/CVE-2024-35907"
},
{
"category": "external",
"summary": "SUSE Bug 1224492 for CVE-2024-35907",
"url": "https://bugzilla.suse.com/1224492"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35907"
},
{
"cve": "CVE-2024-35909",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35909"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: wwan: t7xx: Split 64bit accesses to fix alignment issues\n\nSome of the registers are aligned on a 32bit boundary, causing\nalignment faults on 64bit platforms.\n\n Unable to handle kernel paging request at virtual address ffffffc084a1d004\n Mem abort info:\n ESR = 0x0000000096000061\n EC = 0x25: DABT (current EL), IL = 32 bits\n SET = 0, FnV = 0\n EA = 0, S1PTW = 0\n FSC = 0x21: alignment fault\n Data abort info:\n ISV = 0, ISS = 0x00000061, ISS2 = 0x00000000\n CM = 0, WnR = 1, TnD = 0, TagAccess = 0\n GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n swapper pgtable: 4k pages, 39-bit VAs, pgdp=0000000046ad6000\n [ffffffc084a1d004] pgd=100000013ffff003, p4d=100000013ffff003, pud=100000013ffff003, pmd=0068000020a00711\n Internal error: Oops: 0000000096000061 [#1] SMP\n Modules linked in: mtk_t7xx(+) qcserial pppoe ppp_async option nft_fib_inet nf_flow_table_inet mt7921u(O) mt7921s(O) mt7921e(O) mt7921_common(O) iwlmvm(O) iwldvm(O) usb_wwan rndis_host qmi_wwan pppox ppp_generic nft_reject_ipv6 nft_reject_ipv4 nft_reject_inet nft_reject nft_redir nft_quota nft_numgen nft_nat nft_masq nft_log nft_limit nft_hash nft_flow_offload nft_fib_ipv6 nft_fib_ipv4 nft_fib nft_ct nft_chain_nat nf_tables nf_nat nf_flow_table nf_conntrack mt7996e(O) mt792x_usb(O) mt792x_lib(O) mt7915e(O) mt76_usb(O) mt76_sdio(O) mt76_connac_lib(O) mt76(O) mac80211(O) iwlwifi(O) huawei_cdc_ncm cfg80211(O) cdc_ncm cdc_ether wwan usbserial usbnet slhc sfp rtc_pcf8563 nfnetlink nf_reject_ipv6 nf_reject_ipv4 nf_log_syslog nf_defrag_ipv6 nf_defrag_ipv4 mt6577_auxadc mdio_i2c libcrc32c compat(O) cdc_wdm cdc_acm at24 crypto_safexcel pwm_fan i2c_gpio i2c_smbus industrialio i2c_algo_bit i2c_mux_reg i2c_mux_pca954x i2c_mux_pca9541 i2c_mux_gpio i2c_mux dummy oid_registry tun sha512_arm64 sha1_ce sha1_generic seqiv\n md5 geniv des_generic libdes cbc authencesn authenc leds_gpio xhci_plat_hcd xhci_pci xhci_mtk_hcd xhci_hcd nvme nvme_core gpio_button_hotplug(O) dm_mirror dm_region_hash dm_log dm_crypt dm_mod dax usbcore usb_common ptp aquantia pps_core mii tpm encrypted_keys trusted\n CPU: 3 PID: 5266 Comm: kworker/u9:1 Tainted: G O 6.6.22 #0\n Hardware name: Bananapi BPI-R4 (DT)\n Workqueue: md_hk_wq t7xx_fsm_uninit [mtk_t7xx]\n pstate: 804000c5 (Nzcv daIF +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : t7xx_cldma_hw_set_start_addr+0x1c/0x3c [mtk_t7xx]\n lr : t7xx_cldma_start+0xac/0x13c [mtk_t7xx]\n sp : ffffffc085d63d30\n x29: ffffffc085d63d30 x28: 0000000000000000 x27: 0000000000000000\n x26: 0000000000000000 x25: ffffff80c804f2c0 x24: ffffff80ca196c05\n x23: 0000000000000000 x22: ffffff80c814b9b8 x21: ffffff80c814b128\n x20: 0000000000000001 x19: ffffff80c814b080 x18: 0000000000000014\n x17: 0000000055c9806b x16: 000000007c5296d0 x15: 000000000f6bca68\n x14: 00000000dbdbdce4 x13: 000000001aeaf72a x12: 0000000000000001\n x11: 0000000000000000 x10: 0000000000000000 x9 : 0000000000000000\n x8 : ffffff80ca1ef6b4 x7 : ffffff80c814b818 x6 : 0000000000000018\n x5 : 0000000000000870 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 000000010a947000 x1 : ffffffc084a1d004 x0 : ffffffc084a1d004\n Call trace:\n t7xx_cldma_hw_set_start_addr+0x1c/0x3c [mtk_t7xx]\n t7xx_fsm_uninit+0x578/0x5ec [mtk_t7xx]\n process_one_work+0x154/0x2a0\n worker_thread+0x2ac/0x488\n kthread+0xe0/0xec\n ret_from_fork+0x10/0x20\n Code: f9400800 91001000 8b214001 d50332bf (f9000022)\n ---[ end trace 0000000000000000 ]---\n\nThe inclusion of io-64-nonatomic-lo-hi.h indicates that all 64bit\naccesses can be replaced by pairs of nonatomic 32bit access. Fix\nalignment by forcing all accesses to be 32bit on 64bit platforms.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35909",
"url": "https://www.suse.com/security/cve/CVE-2024-35909"
},
{
"category": "external",
"summary": "SUSE Bug 1224491 for CVE-2024-35909",
"url": "https://bugzilla.suse.com/1224491"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35909"
},
{
"cve": "CVE-2024-35911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35911"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nice: fix memory corruption bug with suspend and rebuild\n\nThe ice driver would previously panic after suspend. This is caused\nfrom the driver *only* calling the ice_vsi_free_q_vectors() function by\nitself, when it is suspending. Since commit b3e7b3a6ee92 (\"ice: prevent\nNULL pointer deref during reload\") the driver has zeroed out\nnum_q_vectors, and only restored it in ice_vsi_cfg_def().\n\nThis further causes the ice_rebuild() function to allocate a zero length\nbuffer, after which num_q_vectors is updated, and then the new value of\nnum_q_vectors is used to index into the zero length buffer, which\ncorrupts memory.\n\nThe fix entails making sure all the code referencing num_q_vectors only\ndoes so after it has been reset via ice_vsi_cfg_def().\n\nI didn\u0027t perform a full bisect, but I was able to test against 6.1.77\nkernel and that ice driver works fine for suspend/resume with no panic,\nso sometime since then, this problem was introduced.\n\nAlso clean up an un-needed init of a local variable in the function\nbeing modified.\n\nPANIC from 6.8.0-rc1:\n\n[1026674.915596] PM: suspend exit\n[1026675.664697] ice 0000:17:00.1: PTP reset successful\n[1026675.664707] ice 0000:17:00.1: 2755 msecs passed between update to cached PHC time\n[1026675.667660] ice 0000:b1:00.0: PTP reset successful\n[1026675.675944] ice 0000:b1:00.0: 2832 msecs passed between update to cached PHC time\n[1026677.137733] ixgbe 0000:31:00.0 ens787: NIC Link is Up 1 Gbps, Flow Control: None\n[1026677.190201] BUG: kernel NULL pointer dereference, address: 0000000000000010\n[1026677.192753] ice 0000:17:00.0: PTP reset successful\n[1026677.192764] ice 0000:17:00.0: 4548 msecs passed between update to cached PHC time\n[1026677.197928] #PF: supervisor read access in kernel mode\n[1026677.197933] #PF: error_code(0x0000) - not-present page\n[1026677.197937] PGD 1557a7067 P4D 0\n[1026677.212133] ice 0000:b1:00.1: PTP reset successful\n[1026677.212143] ice 0000:b1:00.1: 4344 msecs passed between update to cached PHC time\n[1026677.212575]\n[1026677.243142] Oops: 0000 [#1] PREEMPT SMP NOPTI\n[1026677.247918] CPU: 23 PID: 42790 Comm: kworker/23:0 Kdump: loaded Tainted: G W 6.8.0-rc1+ #1\n[1026677.257989] Hardware name: Intel Corporation M50CYP2SBSTD/M50CYP2SBSTD, BIOS SE5C620.86B.01.01.0005.2202160810 02/16/2022\n[1026677.269367] Workqueue: ice ice_service_task [ice]\n[1026677.274592] RIP: 0010:ice_vsi_rebuild_set_coalesce+0x130/0x1e0 [ice]\n[1026677.281421] Code: 0f 84 3a ff ff ff 41 0f b7 74 ec 02 66 89 b0 22 02 00 00 81 e6 ff 1f 00 00 e8 ec fd ff ff e9 35 ff ff ff 48 8b 43 30 49 63 ed \u003c41\u003e 0f b7 34 24 41 83 c5 01 48 8b 3c e8 66 89 b7 aa 02 00 00 81 e6\n[1026677.300877] RSP: 0018:ff3be62a6399bcc0 EFLAGS: 00010202\n[1026677.306556] RAX: ff28691e28980828 RBX: ff28691e41099828 RCX: 0000000000188000\n[1026677.314148] RDX: 0000000000000000 RSI: 0000000000000010 RDI: ff28691e41099828\n[1026677.321730] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n[1026677.329311] R10: 0000000000000007 R11: ffffffffffffffc0 R12: 0000000000000010\n[1026677.336896] R13: 0000000000000000 R14: 0000000000000000 R15: ff28691e0eaa81a0\n[1026677.344472] FS: 0000000000000000(0000) GS:ff28693cbffc0000(0000) knlGS:0000000000000000\n[1026677.353000] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[1026677.359195] CR2: 0000000000000010 CR3: 0000000128df4001 CR4: 0000000000771ef0\n[1026677.366779] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[1026677.374369] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[1026677.381952] PKRU: 55555554\n[1026677.385116] Call Trace:\n[1026677.388023] \u003cTASK\u003e\n[1026677.390589] ? __die+0x20/0x70\n[1026677.394105] ? page_fault_oops+0x82/0x160\n[1026677.398576] ? do_user_addr_fault+0x65/0x6a0\n[1026677.403307] ? exc_page_fault+0x6a/0x150\n[1026677.407694] ? asm_exc_page_fault+0x22/0x30\n[1026677.412349] ? ice_vsi_rebuild_set_coalesce+0x130/0x1e0 [ice]\n[1026677.4186\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35911",
"url": "https://www.suse.com/security/cve/CVE-2024-35911"
},
{
"category": "external",
"summary": "SUSE Bug 1224486 for CVE-2024-35911",
"url": "https://bugzilla.suse.com/1224486"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35911"
},
{
"cve": "CVE-2024-35912",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35912"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: rfi: fix potential response leaks\n\nIf the rx payload length check fails, or if kmemdup() fails,\nwe still need to free the command response. Fix that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35912",
"url": "https://www.suse.com/security/cve/CVE-2024-35912"
},
{
"category": "external",
"summary": "SUSE Bug 1224487 for CVE-2024-35912",
"url": "https://bugzilla.suse.com/1224487"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35912"
},
{
"cve": "CVE-2024-35914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35914"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: Fix error cleanup path in nfsd_rename()\n\nCommit a8b0026847b8 (\"rename(): avoid a deadlock in the case of parents\nhaving no common ancestor\") added an error bail out path. However this\npath does not drop the remount protection that has been acquired. Fix\nthe cleanup path to properly drop the remount protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35914",
"url": "https://www.suse.com/security/cve/CVE-2024-35914"
},
{
"category": "external",
"summary": "SUSE Bug 1224482 for CVE-2024-35914",
"url": "https://bugzilla.suse.com/1224482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35914"
},
{
"cve": "CVE-2024-35915",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35915"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet\n\nsyzbot reported the following uninit-value access issue [1][2]:\n\nnci_rx_work() parses and processes received packet. When the payload\nlength is zero, each message type handler reads uninitialized payload\nand KMSAN detects this issue. The receipt of a packet with a zero-size\npayload is considered unexpected, and therefore, such packets should be\nsilently discarded.\n\nThis patch resolved this issue by checking payload size before calling\neach message type handler codes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35915",
"url": "https://www.suse.com/security/cve/CVE-2024-35915"
},
{
"category": "external",
"summary": "SUSE Bug 1224479 for CVE-2024-35915",
"url": "https://bugzilla.suse.com/1224479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35915"
},
{
"cve": "CVE-2024-35916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35916"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma-buf: Fix NULL pointer dereference in sanitycheck()\n\nIf due to a memory allocation failure mock_chain() returns NULL, it is\npassed to dma_fence_enable_sw_signaling() resulting in NULL pointer\ndereference there.\n\nCall dma_fence_enable_sw_signaling() only if mock_chain() succeeds.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35916",
"url": "https://www.suse.com/security/cve/CVE-2024-35916"
},
{
"category": "external",
"summary": "SUSE Bug 1224480 for CVE-2024-35916",
"url": "https://bugzilla.suse.com/1224480"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35916"
},
{
"cve": "CVE-2024-35917",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35917"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/bpf: Fix bpf_plt pointer arithmetic\n\nKui-Feng Lee reported a crash on s390x triggered by the\ndummy_st_ops/dummy_init_ptr_arg test [1]:\n\n [\u003c0000000000000002\u003e] 0x2\n [\u003c00000000009d5cde\u003e] bpf_struct_ops_test_run+0x156/0x250\n [\u003c000000000033145a\u003e] __sys_bpf+0xa1a/0xd00\n [\u003c00000000003319dc\u003e] __s390x_sys_bpf+0x44/0x50\n [\u003c0000000000c4382c\u003e] __do_syscall+0x244/0x300\n [\u003c0000000000c59a40\u003e] system_call+0x70/0x98\n\nThis is caused by GCC moving memcpy() after assignments in\nbpf_jit_plt(), resulting in NULL pointers being written instead of\nthe return and the target addresses.\n\nLooking at the GCC internals, the reordering is allowed because the\nalias analysis thinks that the memcpy() destination and the assignments\u0027\nleft-hand-sides are based on different objects: new_plt and\nbpf_plt_ret/bpf_plt_target respectively, and therefore they cannot\nalias.\n\nThis is in turn due to a violation of the C standard:\n\n When two pointers are subtracted, both shall point to elements of the\n same array object, or one past the last element of the array object\n ...\n\nFrom the C\u0027s perspective, bpf_plt_ret and bpf_plt are distinct objects\nand cannot be subtracted. In the practical terms, doing so confuses the\nGCC\u0027s alias analysis.\n\nThe code was written this way in order to let the C side know a few\noffsets defined in the assembly. While nice, this is by no means\nnecessary. Fix the noncompliance by hardcoding these offsets.\n\n[1] https://lore.kernel.org/bpf/c9923c1d-971d-4022-8dc8-1364e929d34c@gmail.com/",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35917",
"url": "https://www.suse.com/security/cve/CVE-2024-35917"
},
{
"category": "external",
"summary": "SUSE Bug 1224481 for CVE-2024-35917",
"url": "https://bugzilla.suse.com/1224481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35917"
},
{
"cve": "CVE-2024-35921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mediatek: vcodec: Fix oops when HEVC init fails\n\nThe stateless HEVC decoder saves the instance pointer in the context\nregardless if the initialization worked or not. This caused a use after\nfree, when the pointer is freed in case of a failure in the deinit\nfunction.\nOnly store the instance pointer when the initialization was successful,\nto solve this issue.\n\n Hardware name: Acer Tomato (rev3 - 4) board (DT)\n pstate: 80400009 (Nzcv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n pc : vcodec_vpu_send_msg+0x4c/0x190 [mtk_vcodec_dec]\n lr : vcodec_send_ap_ipi+0x78/0x170 [mtk_vcodec_dec]\n sp : ffff80008750bc20\n x29: ffff80008750bc20 x28: ffff1299f6d70000 x27: 0000000000000000\n x26: 0000000000000000 x25: 0000000000000000 x24: 0000000000000000\n x23: ffff80008750bc98 x22: 000000000000a003 x21: ffffd45c4cfae000\n x20: 0000000000000010 x19: ffff1299fd668310 x18: 000000000000001a\n x17: 000000040044ffff x16: ffffd45cb15dc648 x15: 0000000000000000\n x14: ffff1299c08da1c0 x13: ffffd45cb1f87a10 x12: ffffd45cb2f5fe80\n x11: 0000000000000001 x10: 0000000000001b30 x9 : ffffd45c4d12b488\n x8 : 1fffe25339380d81 x7 : 0000000000000001 x6 : ffff1299c9c06c00\n x5 : 0000000000000132 x4 : 0000000000000000 x3 : 0000000000000000\n x2 : 0000000000000010 x1 : ffff80008750bc98 x0 : 0000000000000000\n Call trace:\n vcodec_vpu_send_msg+0x4c/0x190 [mtk_vcodec_dec]\n vcodec_send_ap_ipi+0x78/0x170 [mtk_vcodec_dec]\n vpu_dec_deinit+0x1c/0x30 [mtk_vcodec_dec]\n vdec_hevc_slice_deinit+0x30/0x98 [mtk_vcodec_dec]\n vdec_if_deinit+0x38/0x68 [mtk_vcodec_dec]\n mtk_vcodec_dec_release+0x20/0x40 [mtk_vcodec_dec]\n fops_vcodec_release+0x64/0x118 [mtk_vcodec_dec]\n v4l2_release+0x7c/0x100\n __fput+0x80/0x2d8\n __fput_sync+0x58/0x70\n __arm64_sys_close+0x40/0x90\n invoke_syscall+0x50/0x128\n el0_svc_common.constprop.0+0x48/0xf0\n do_el0_svc+0x24/0x38\n el0_svc+0x38/0xd8\n el0t_64_sync_handler+0xc0/0xc8\n el0t_64_sync+0x1a8/0x1b0\n Code: d503201f f9401660 b900127f b900227f (f9400400)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35921",
"url": "https://www.suse.com/security/cve/CVE-2024-35921"
},
{
"category": "external",
"summary": "SUSE Bug 1224477 for CVE-2024-35921",
"url": "https://bugzilla.suse.com/1224477"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35921"
},
{
"cve": "CVE-2024-35922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfbmon: prevent division by zero in fb_videomode_from_videomode()\n\nThe expression htotal * vtotal can have a zero value on\noverflow. It is necessary to prevent division by zero like in\nfb_var_to_videomode().\n\nFound by Linux Verification Center (linuxtesting.org) with Svace.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35922",
"url": "https://www.suse.com/security/cve/CVE-2024-35922"
},
{
"category": "external",
"summary": "SUSE Bug 1224660 for CVE-2024-35922",
"url": "https://bugzilla.suse.com/1224660"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35922"
},
{
"cve": "CVE-2024-35924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35924"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: ucsi: Limit read size on v1.2\n\nBetween UCSI 1.2 and UCSI 2.0, the size of the MESSAGE_IN region was\nincreased from 16 to 256. In order to avoid overflowing reads for older\nsystems, add a mechanism to use the read UCSI version to truncate read\nsizes on UCSI v1.2.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35924",
"url": "https://www.suse.com/security/cve/CVE-2024-35924"
},
{
"category": "external",
"summary": "SUSE Bug 1224657 for CVE-2024-35924",
"url": "https://bugzilla.suse.com/1224657"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35924"
},
{
"cve": "CVE-2024-35927",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35927"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm: Check output polling initialized before disabling\n\nIn drm_kms_helper_poll_disable() check if output polling\nsupport is initialized before disabling polling. If not flag\nthis as a warning.\nAdditionally in drm_mode_config_helper_suspend() and\ndrm_mode_config_helper_resume() calls, that re the callers of these\nfunctions, avoid invoking them if polling is not initialized.\nFor drivers like hyperv-drm, that do not initialize connector\npolling, if suspend is called without this check, it leads to\nsuspend failure with following stack\n[ 770.719392] Freezing remaining freezable tasks ... (elapsed 0.001 seconds) done.\n[ 770.720592] printk: Suspending console(s) (use no_console_suspend to debug)\n[ 770.948823] ------------[ cut here ]------------\n[ 770.948824] WARNING: CPU: 1 PID: 17197 at kernel/workqueue.c:3162 __flush_work.isra.0+0x212/0x230\n[ 770.948831] Modules linked in: rfkill nft_counter xt_conntrack xt_owner udf nft_compat crc_itu_t nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables nfnetlink vfat fat mlx5_ib ib_uverbs ib_core mlx5_core intel_rapl_msr intel_rapl_common kvm_amd ccp mlxfw kvm psample hyperv_drm tls drm_shmem_helper drm_kms_helper irqbypass pcspkr syscopyarea sysfillrect sysimgblt hv_balloon hv_utils joydev drm fuse xfs libcrc32c pci_hyperv pci_hyperv_intf sr_mod sd_mod cdrom t10_pi sg hv_storvsc scsi_transport_fc hv_netvsc serio_raw hyperv_keyboard hid_hyperv crct10dif_pclmul crc32_pclmul crc32c_intel hv_vmbus ghash_clmulni_intel dm_mirror dm_region_hash dm_log dm_mod\n[ 770.948863] CPU: 1 PID: 17197 Comm: systemd-sleep Not tainted 5.14.0-362.2.1.el9_3.x86_64 #1\n[ 770.948865] Hardware name: Microsoft Corporation Virtual Machine/Virtual Machine, BIOS Hyper-V UEFI Release v4.1 05/09/2022\n[ 770.948866] RIP: 0010:__flush_work.isra.0+0x212/0x230\n[ 770.948869] Code: 8b 4d 00 4c 8b 45 08 89 ca 48 c1 e9 04 83 e2 08 83 e1 0f 83 ca 02 89 c8 48 0f ba 6d 00 03 e9 25 ff ff ff 0f 0b e9 4e ff ff ff \u003c0f\u003e 0b 45 31 ed e9 44 ff ff ff e8 8f 89 b2 00 66 66 2e 0f 1f 84 00\n[ 770.948870] RSP: 0018:ffffaf4ac213fb10 EFLAGS: 00010246\n[ 770.948871] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff8c992857\n[ 770.948872] RDX: 0000000000000001 RSI: 0000000000000001 RDI: ffff9aad82b00330\n[ 770.948873] RBP: ffff9aad82b00330 R08: 0000000000000000 R09: ffff9aad87ee3d10\n[ 770.948874] R10: 0000000000000200 R11: 0000000000000000 R12: ffff9aad82b00330\n[ 770.948874] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001\n[ 770.948875] FS: 00007ff1b2f6bb40(0000) GS:ffff9aaf37d00000(0000) knlGS:0000000000000000\n[ 770.948878] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 770.948878] CR2: 0000555f345cb666 CR3: 00000001462dc005 CR4: 0000000000370ee0\n[ 770.948879] Call Trace:\n[ 770.948880] \u003cTASK\u003e\n[ 770.948881] ? show_trace_log_lvl+0x1c4/0x2df\n[ 770.948884] ? show_trace_log_lvl+0x1c4/0x2df\n[ 770.948886] ? __cancel_work_timer+0x103/0x190\n[ 770.948887] ? __flush_work.isra.0+0x212/0x230\n[ 770.948889] ? __warn+0x81/0x110\n[ 770.948891] ? __flush_work.isra.0+0x212/0x230\n[ 770.948892] ? report_bug+0x10a/0x140\n[ 770.948895] ? handle_bug+0x3c/0x70\n[ 770.948898] ? exc_invalid_op+0x14/0x70\n[ 770.948899] ? asm_exc_invalid_op+0x16/0x20\n[ 770.948903] ? __flush_work.isra.0+0x212/0x230\n[ 770.948905] __cancel_work_timer+0x103/0x190\n[ 770.948907] ? _raw_spin_unlock_irqrestore+0xa/0x30\n[ 770.948910] drm_kms_helper_poll_disable+0x1e/0x40 [drm_kms_helper]\n[ 770.948923] drm_mode_config_helper_suspend+0x1c/0x80 [drm_kms_helper]\n[ 770.948933] ? __pfx_vmbus_suspend+0x10/0x10 [hv_vmbus]\n[ 770.948942] hyperv_vmbus_suspend+0x17/0x40 [hyperv_drm]\n[ 770.948944] ? __pfx_vmbus_suspend+0x10/0x10 [hv_vmbus]\n[ 770.948951] dpm_run_callback+0x4c/0x140\n[ 770.948954] __device_suspend_noir\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35927",
"url": "https://www.suse.com/security/cve/CVE-2024-35927"
},
{
"category": "external",
"summary": "SUSE Bug 1224654 for CVE-2024-35927",
"url": "https://bugzilla.suse.com/1224654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35927"
},
{
"cve": "CVE-2024-35928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35928"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35928",
"url": "https://www.suse.com/security/cve/CVE-2024-35928"
},
{
"category": "external",
"summary": "SUSE Bug 1224653 for CVE-2024-35928",
"url": "https://bugzilla.suse.com/1224653"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35928"
},
{
"cve": "CVE-2024-35930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc()\n\nThe call to lpfc_sli4_resume_rpi() in lpfc_rcv_padisc() may return an\nunsuccessful status. In such cases, the elsiocb is not issued, the\ncompletion is not called, and thus the elsiocb resource is leaked.\n\nCheck return value after calling lpfc_sli4_resume_rpi() and conditionally\nrelease the elsiocb resource.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35930",
"url": "https://www.suse.com/security/cve/CVE-2024-35930"
},
{
"category": "external",
"summary": "SUSE Bug 1224651 for CVE-2024-35930",
"url": "https://bugzilla.suse.com/1224651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35930"
},
{
"cve": "CVE-2024-35931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: Skip do PCI error slot reset during RAS recovery\n\nWhy:\n The PCI error slot reset maybe triggered after inject ue to UMC multi times, this\n caused system hang.\n [ 557.371857] amdgpu 0000:af:00.0: amdgpu: GPU reset succeeded, trying to resume\n [ 557.373718] [drm] PCIE GART of 512M enabled.\n [ 557.373722] [drm] PTB located at 0x0000031FED700000\n [ 557.373788] [drm] VRAM is lost due to GPU reset!\n [ 557.373789] [drm] PSP is resuming...\n [ 557.547012] mlx5_core 0000:55:00.0: mlx5_pci_err_detected Device state = 1 pci_status: 0. Exit, result = 3, need reset\n [ 557.547067] [drm] PCI error: detected callback, state(1)!!\n [ 557.547069] [drm] No support for XGMI hive yet...\n [ 557.548125] mlx5_core 0000:55:00.0: mlx5_pci_slot_reset Device state = 1 pci_status: 0. Enter\n [ 557.607763] mlx5_core 0000:55:00.0: wait vital counter value 0x16b5b after 1 iterations\n [ 557.607777] mlx5_core 0000:55:00.0: mlx5_pci_slot_reset Device state = 1 pci_status: 1. Exit, err = 0, result = 5, recovered\n [ 557.610492] [drm] PCI error: slot reset callback!!\n ...\n [ 560.689382] amdgpu 0000:3f:00.0: amdgpu: GPU reset(2) succeeded!\n [ 560.689546] amdgpu 0000:5a:00.0: amdgpu: GPU reset(2) succeeded!\n [ 560.689562] general protection fault, probably for non-canonical address 0x5f080b54534f611f: 0000 [#1] SMP NOPTI\n [ 560.701008] CPU: 16 PID: 2361 Comm: kworker/u448:9 Tainted: G OE 5.15.0-91-generic #101-Ubuntu\n [ 560.712057] Hardware name: Microsoft C278A/C278A, BIOS C2789.5.BS.1C11.AG.1 11/08/2023\n [ 560.720959] Workqueue: amdgpu-reset-hive amdgpu_ras_do_recovery [amdgpu]\n [ 560.728887] RIP: 0010:amdgpu_device_gpu_recover.cold+0xbf1/0xcf5 [amdgpu]\n [ 560.736891] Code: ff 41 89 c6 e9 1b ff ff ff 44 0f b6 45 b0 e9 4f ff ff ff be 01 00 00 00 4c 89 e7 e8 76 c9 8b ff 44 0f b6 45 b0 e9 3c fd ff ff \u003c48\u003e 83 ba 18 02 00 00 00 0f 84 6a f8 ff ff 48 8d 7a 78 be 01 00 00\n [ 560.757967] RSP: 0018:ffa0000032e53d80 EFLAGS: 00010202\n [ 560.763848] RAX: ffa00000001dfd10 RBX: ffa0000000197090 RCX: ffa0000032e53db0\n [ 560.771856] RDX: 5f080b54534f5f07 RSI: 0000000000000000 RDI: ff11000128100010\n [ 560.779867] RBP: ffa0000032e53df0 R08: 0000000000000000 R09: ffffffffffe77f08\n [ 560.787879] R10: 0000000000ffff0a R11: 0000000000000001 R12: 0000000000000000\n [ 560.795889] R13: ffa0000032e53e00 R14: 0000000000000000 R15: 0000000000000000\n [ 560.803889] FS: 0000000000000000(0000) GS:ff11007e7e800000(0000) knlGS:0000000000000000\n [ 560.812973] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [ 560.819422] CR2: 000055a04c118e68 CR3: 0000000007410005 CR4: 0000000000771ee0\n [ 560.827433] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n [ 560.835433] DR3: 0000000000000000 DR6: 00000000fffe07f0 DR7: 0000000000000400\n [ 560.843444] PKRU: 55555554\n [ 560.846480] Call Trace:\n [ 560.849225] \u003cTASK\u003e\n [ 560.851580] ? show_trace_log_lvl+0x1d6/0x2ea\n [ 560.856488] ? show_trace_log_lvl+0x1d6/0x2ea\n [ 560.861379] ? amdgpu_ras_do_recovery+0x1b2/0x210 [amdgpu]\n [ 560.867778] ? show_regs.part.0+0x23/0x29\n [ 560.872293] ? __die_body.cold+0x8/0xd\n [ 560.876502] ? die_addr+0x3e/0x60\n [ 560.880238] ? exc_general_protection+0x1c5/0x410\n [ 560.885532] ? asm_exc_general_protection+0x27/0x30\n [ 560.891025] ? amdgpu_device_gpu_recover.cold+0xbf1/0xcf5 [amdgpu]\n [ 560.898323] amdgpu_ras_do_recovery+0x1b2/0x210 [amdgpu]\n [ 560.904520] process_one_work+0x228/0x3d0\nHow:\n In RAS recovery, mode-1 reset is issued from RAS fatal error handling and expected\n all the nodes in a hive to be reset. no need to issue another mode-1 during this procedure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35931",
"url": "https://www.suse.com/security/cve/CVE-2024-35931"
},
{
"category": "external",
"summary": "SUSE Bug 1224652 for CVE-2024-35931",
"url": "https://bugzilla.suse.com/1224652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35931"
},
{
"cve": "CVE-2024-35932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vc4: don\u0027t check if plane-\u003estate-\u003efb == state-\u003efb\n\nCurrently, when using non-blocking commits, we can see the following\nkernel warning:\n\n[ 110.908514] ------------[ cut here ]------------\n[ 110.908529] refcount_t: underflow; use-after-free.\n[ 110.908620] WARNING: CPU: 0 PID: 1866 at lib/refcount.c:87 refcount_dec_not_one+0xb8/0xc0\n[ 110.908664] Modules linked in: rfcomm snd_seq_dummy snd_hrtimer snd_seq snd_seq_device cmac algif_hash aes_arm64 aes_generic algif_skcipher af_alg bnep hid_logitech_hidpp vc4 brcmfmac hci_uart btbcm brcmutil bluetooth snd_soc_hdmi_codec cfg80211 cec drm_display_helper drm_dma_helper drm_kms_helper snd_soc_core snd_compress snd_pcm_dmaengine fb_sys_fops sysimgblt syscopyarea sysfillrect raspberrypi_hwmon ecdh_generic ecc rfkill libaes i2c_bcm2835 binfmt_misc joydev snd_bcm2835(C) bcm2835_codec(C) bcm2835_isp(C) v4l2_mem2mem videobuf2_dma_contig snd_pcm bcm2835_v4l2(C) raspberrypi_gpiomem bcm2835_mmal_vchiq(C) videobuf2_v4l2 snd_timer videobuf2_vmalloc videobuf2_memops videobuf2_common snd videodev vc_sm_cma(C) mc hid_logitech_dj uio_pdrv_genirq uio i2c_dev drm fuse dm_mod drm_panel_orientation_quirks backlight ip_tables x_tables ipv6\n[ 110.909086] CPU: 0 PID: 1866 Comm: kodi.bin Tainted: G C 6.1.66-v8+ #32\n[ 110.909104] Hardware name: Raspberry Pi 3 Model B Rev 1.2 (DT)\n[ 110.909114] pstate: 60000005 (nZCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 110.909132] pc : refcount_dec_not_one+0xb8/0xc0\n[ 110.909152] lr : refcount_dec_not_one+0xb4/0xc0\n[ 110.909170] sp : ffffffc00913b9c0\n[ 110.909177] x29: ffffffc00913b9c0 x28: 000000556969bbb0 x27: 000000556990df60\n[ 110.909205] x26: 0000000000000002 x25: 0000000000000004 x24: ffffff8004448480\n[ 110.909230] x23: ffffff800570b500 x22: ffffff802e03a7bc x21: ffffffecfca68c78\n[ 110.909257] x20: ffffff8002b42000 x19: ffffff802e03a600 x18: 0000000000000000\n[ 110.909283] x17: 0000000000000011 x16: ffffffffffffffff x15: 0000000000000004\n[ 110.909308] x14: 0000000000000fff x13: ffffffed577e47e0 x12: 0000000000000003\n[ 110.909333] x11: 0000000000000000 x10: 0000000000000027 x9 : c912d0d083728c00\n[ 110.909359] x8 : c912d0d083728c00 x7 : 65646e75203a745f x6 : 746e756f63666572\n[ 110.909384] x5 : ffffffed579f62ee x4 : ffffffed579eb01e x3 : 0000000000000000\n[ 110.909409] x2 : 0000000000000000 x1 : ffffffc00913b750 x0 : 0000000000000001\n[ 110.909434] Call trace:\n[ 110.909441] refcount_dec_not_one+0xb8/0xc0\n[ 110.909461] vc4_bo_dec_usecnt+0x4c/0x1b0 [vc4]\n[ 110.909903] vc4_cleanup_fb+0x44/0x50 [vc4]\n[ 110.910315] drm_atomic_helper_cleanup_planes+0x88/0xa4 [drm_kms_helper]\n[ 110.910669] vc4_atomic_commit_tail+0x390/0x9dc [vc4]\n[ 110.911079] commit_tail+0xb0/0x164 [drm_kms_helper]\n[ 110.911397] drm_atomic_helper_commit+0x1d0/0x1f0 [drm_kms_helper]\n[ 110.911716] drm_atomic_commit+0xb0/0xdc [drm]\n[ 110.912569] drm_mode_atomic_ioctl+0x348/0x4b8 [drm]\n[ 110.913330] drm_ioctl_kernel+0xec/0x15c [drm]\n[ 110.914091] drm_ioctl+0x24c/0x3b0 [drm]\n[ 110.914850] __arm64_sys_ioctl+0x9c/0xd4\n[ 110.914873] invoke_syscall+0x4c/0x114\n[ 110.914897] el0_svc_common+0xd0/0x118\n[ 110.914917] do_el0_svc+0x38/0xd0\n[ 110.914936] el0_svc+0x30/0x8c\n[ 110.914958] el0t_64_sync_handler+0x84/0xf0\n[ 110.914979] el0t_64_sync+0x18c/0x190\n[ 110.914996] ---[ end trace 0000000000000000 ]---\n\nThis happens because, although `prepare_fb` and `cleanup_fb` are\nperfectly balanced, we cannot guarantee consistency in the check\nplane-\u003estate-\u003efb == state-\u003efb. This means that sometimes we can increase\nthe refcount in `prepare_fb` and don\u0027t decrease it in `cleanup_fb`. The\nopposite can also be true.\n\nIn fact, the struct drm_plane .state shouldn\u0027t be accessed directly\nbut instead, the `drm_atomic_get_new_plane_state()` helper function should\nbe used. So, we could stick to this check, but using\n`drm_atomic_get_new_plane_state()`. But actually, this check is not re\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35932",
"url": "https://www.suse.com/security/cve/CVE-2024-35932"
},
{
"category": "external",
"summary": "SUSE Bug 1224650 for CVE-2024-35932",
"url": "https://bugzilla.suse.com/1224650"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35932"
},
{
"cve": "CVE-2024-35933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35933"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: Fix null ptr deref in btintel_read_version\n\nIf hci_cmd_sync_complete() is triggered and skb is NULL, then\nhdev-\u003ereq_skb is NULL, which will cause this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35933",
"url": "https://www.suse.com/security/cve/CVE-2024-35933"
},
{
"category": "external",
"summary": "SUSE Bug 1224640 for CVE-2024-35933",
"url": "https://bugzilla.suse.com/1224640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35933"
},
{
"cve": "CVE-2024-35935",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35935"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: send: handle path ref underflow in header iterate_inode_ref()\n\nChange BUG_ON to proper error handling if building the path buffer\nfails. The pointers are not printed so we don\u0027t accidentally leak kernel\naddresses.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35935",
"url": "https://www.suse.com/security/cve/CVE-2024-35935"
},
{
"category": "external",
"summary": "SUSE Bug 1224645 for CVE-2024-35935",
"url": "https://bugzilla.suse.com/1224645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35935"
},
{
"cve": "CVE-2024-35936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks()\n\nThe unhandled case in btrfs_relocate_sys_chunks() loop is a corruption,\nas it could be caused only by two impossible conditions:\n\n- at first the search key is set up to look for a chunk tree item, with\n offset -1, this is an inexact search and the key-\u003eoffset will contain\n the correct offset upon a successful search, a valid chunk tree item\n cannot have an offset -1\n\n- after first successful search, the found_key corresponds to a chunk\n item, the offset is decremented by 1 before the next loop, it\u0027s\n impossible to find a chunk item there due to alignment and size\n constraints",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35936",
"url": "https://www.suse.com/security/cve/CVE-2024-35936"
},
{
"category": "external",
"summary": "SUSE Bug 1224644 for CVE-2024-35936",
"url": "https://bugzilla.suse.com/1224644"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35936"
},
{
"cve": "CVE-2024-35937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35937"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: cfg80211: check A-MSDU format more carefully\n\nIf it looks like there\u0027s another subframe in the A-MSDU\nbut the header isn\u0027t fully there, we can end up reading\ndata out of bounds, only to discard later. Make this a\nbit more careful and check if the subframe header can\neven be present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35937",
"url": "https://www.suse.com/security/cve/CVE-2024-35937"
},
{
"category": "external",
"summary": "SUSE Bug 1224526 for CVE-2024-35937",
"url": "https://bugzilla.suse.com/1224526"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35937"
},
{
"cve": "CVE-2024-35938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35938"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath11k: decrease MHI channel buffer length to 8KB\n\nCurrently buf_len field of ath11k_mhi_config_qca6390 is assigned\nwith 0, making MHI use a default size, 64KB, to allocate channel\nbuffers. This is likely to fail in some scenarios where system\nmemory is highly fragmented and memory compaction or reclaim is\nnot allowed.\n\nThere is a fail report which is caused by it:\nkworker/u32:45: page allocation failure: order:4, mode:0x40c00(GFP_NOIO|__GFP_COMP), nodemask=(null),cpuset=/,mems_allowed=0\nCPU: 0 PID: 19318 Comm: kworker/u32:45 Not tainted 6.8.0-rc3-1.gae4495f-default #1 openSUSE Tumbleweed (unreleased) 493b6d5b382c603654d7a81fc3c144d59a1dfceb\nWorkqueue: events_unbound async_run_entry_fn\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x47/0x60\n warn_alloc+0x13a/0x1b0\n ? srso_alias_return_thunk+0x5/0xfbef5\n ? __alloc_pages_direct_compact+0xab/0x210\n __alloc_pages_slowpath.constprop.0+0xd3e/0xda0\n __alloc_pages+0x32d/0x350\n ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n __kmalloc_large_node+0x72/0x110\n __kmalloc+0x37c/0x480\n ? mhi_map_single_no_bb+0x77/0xf0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n ? mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n mhi_prepare_channel+0x127/0x2d0 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n __mhi_prepare_for_transfer+0x44/0x80 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n ? __pfx_____mhi_prepare_for_transfer+0x10/0x10 [mhi 40df44e07c05479f7a6e7b90fba9f0e0031a7814]\n device_for_each_child+0x5c/0xa0\n ? __pfx_pci_pm_resume+0x10/0x10\n ath11k_core_resume+0x65/0x100 [ath11k a5094e22d7223135c40d93c8f5321cf09fd85e4e]\n ? srso_alias_return_thunk+0x5/0xfbef5\n ath11k_pci_pm_resume+0x32/0x60 [ath11k_pci 830b7bfc3ea80ebef32e563cafe2cb55e9cc73ec]\n ? srso_alias_return_thunk+0x5/0xfbef5\n dpm_run_callback+0x8c/0x1e0\n device_resume+0x104/0x340\n ? __pfx_dpm_watchdog_handler+0x10/0x10\n async_resume+0x1d/0x30\n async_run_entry_fn+0x32/0x120\n process_one_work+0x168/0x330\n worker_thread+0x2f5/0x410\n ? __pfx_worker_thread+0x10/0x10\n kthread+0xe8/0x120\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x34/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nActually those buffers are used only by QMI target -\u003e host communication.\nAnd for WCN6855 and QCA6390, the largest packet size for that is less\nthan 6KB. So change buf_len field to 8KB, which results in order 1\nallocation if page size is 4KB. In this way, we can at least save some\nmemory, and as well as decrease the possibility of allocation failure\nin those scenarios.\n\nTested-on: WCN6855 hw2.0 PCI WLAN.HSP.1.1-03125-QCAHSPSWPL_V1_V2_SILICONZ_LITE-3.6510.30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35938",
"url": "https://www.suse.com/security/cve/CVE-2024-35938"
},
{
"category": "external",
"summary": "SUSE Bug 1224643 for CVE-2024-35938",
"url": "https://bugzilla.suse.com/1224643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35938"
},
{
"cve": "CVE-2024-35940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npstore/zone: Add a null pointer check to the psz_kmsg_read\n\nkasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35940",
"url": "https://www.suse.com/security/cve/CVE-2024-35940"
},
{
"category": "external",
"summary": "SUSE Bug 1224537 for CVE-2024-35940",
"url": "https://bugzilla.suse.com/1224537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35940"
},
{
"cve": "CVE-2024-35943",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35943"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: ti: Add a null pointer check to the omap_prm_domain_init\n\ndevm_kasprintf() returns a pointer to dynamically allocated memory\nwhich can be NULL upon failure. Ensure the allocation was successful\nby checking the pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35943",
"url": "https://www.suse.com/security/cve/CVE-2024-35943"
},
{
"category": "external",
"summary": "SUSE Bug 1224649 for CVE-2024-35943",
"url": "https://bugzilla.suse.com/1224649"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35943"
},
{
"cve": "CVE-2024-35944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nVMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()\n\nSyzkaller hit \u0027WARNING in dg_dispatch_as_host\u0027 bug.\n\nmemcpy: detected field-spanning write (size 56) of single field \"\u0026dg_info-\u003emsg\"\nat drivers/misc/vmw_vmci/vmci_datagram.c:237 (size 24)\n\nWARNING: CPU: 0 PID: 1555 at drivers/misc/vmw_vmci/vmci_datagram.c:237\ndg_dispatch_as_host+0x88e/0xa60 drivers/misc/vmw_vmci/vmci_datagram.c:237\n\nSome code commentry, based on my understanding:\n\n544 #define VMCI_DG_SIZE(_dg) (VMCI_DG_HEADERSIZE + (size_t)(_dg)-\u003epayload_size)\n/// This is 24 + payload_size\n\nmemcpy(\u0026dg_info-\u003emsg, dg, dg_size);\n\tDestination = dg_info-\u003emsg ---\u003e this is a 24 byte\n\t\t\t\t\tstructure(struct vmci_datagram)\n\tSource = dg --\u003e this is a 24 byte structure (struct vmci_datagram)\n\tSize = dg_size = 24 + payload_size\n\n{payload_size = 56-24 =32} -- Syzkaller managed to set payload_size to 32.\n\n 35 struct delayed_datagram_info {\n 36 struct datagram_entry *entry;\n 37 struct work_struct work;\n 38 bool in_dg_host_queue;\n 39 /* msg and msg_payload must be together. */\n 40 struct vmci_datagram msg;\n 41 u8 msg_payload[];\n 42 };\n\nSo those extra bytes of payload are copied into msg_payload[], a run time\nwarning is seen while fuzzing with Syzkaller.\n\nOne possible way to fix the warning is to split the memcpy() into\ntwo parts -- one -- direct assignment of msg and second taking care of payload.\n\nGustavo quoted:\n\"Under FORTIFY_SOURCE we should not copy data across multiple members\nin a structure.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35944",
"url": "https://www.suse.com/security/cve/CVE-2024-35944"
},
{
"category": "external",
"summary": "SUSE Bug 1224648 for CVE-2024-35944",
"url": "https://bugzilla.suse.com/1224648"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35944"
},
{
"cve": "CVE-2024-35945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35945"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: phy: phy_device: Prevent nullptr exceptions on ISR\n\nIf phydev-\u003eirq is set unconditionally, check\nfor valid interrupt handler or fall back to polling mode to prevent\nnullptr exceptions in interrupt service routine.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35945",
"url": "https://www.suse.com/security/cve/CVE-2024-35945"
},
{
"category": "external",
"summary": "SUSE Bug 1224639 for CVE-2024-35945",
"url": "https://bugzilla.suse.com/1224639"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35945"
},
{
"cve": "CVE-2024-35946",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35946"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: rtw89: fix null pointer access when abort scan\n\nDuring cancel scan we might use vif that weren\u0027t scanning.\nFix this by using the actual scanning vif.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35946",
"url": "https://www.suse.com/security/cve/CVE-2024-35946"
},
{
"category": "external",
"summary": "SUSE Bug 1224646 for CVE-2024-35946",
"url": "https://bugzilla.suse.com/1224646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35946"
},
{
"cve": "CVE-2024-35947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndyndbg: fix old BUG_ON in \u003econtrol parser\n\nFix a BUG_ON from 2009. Even if it looks \"unreachable\" (I didn\u0027t\nreally look), lets make sure by removing it, doing pr_err and return\n-EINVAL instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35947",
"url": "https://www.suse.com/security/cve/CVE-2024-35947"
},
{
"category": "external",
"summary": "SUSE Bug 1224647 for CVE-2024-35947",
"url": "https://bugzilla.suse.com/1224647"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35947"
},
{
"cve": "CVE-2024-35950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/client: Fully protect modes[] with dev-\u003emode_config.mutex\n\nThe modes[] array contains pointers to modes on the connectors\u0027\nmode lists, which are protected by dev-\u003emode_config.mutex.\nThus we need to extend modes[] the same protection or by the\ntime we use it the elements may already be pointing to\nfreed/reused memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35950",
"url": "https://www.suse.com/security/cve/CVE-2024-35950"
},
{
"category": "external",
"summary": "SUSE Bug 1224703 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1224703"
},
{
"category": "external",
"summary": "SUSE Bug 1225310 for CVE-2024-35950",
"url": "https://bugzilla.suse.com/1225310"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-35950"
},
{
"cve": "CVE-2024-35951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr()\n\nSubject: [PATCH] drm/panfrost: Fix the error path in\n panfrost_mmu_map_fault_addr()\n\nIf some the pages or sgt allocation failed, we shouldn\u0027t release the\npages ref we got earlier, otherwise we will end up with unbalanced\nget/put_pages() calls. We should instead leave everything in place\nand let the BO release function deal with extra cleanup when the object\nis destroyed, or let the fault handler try again next time it\u0027s called.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35951",
"url": "https://www.suse.com/security/cve/CVE-2024-35951"
},
{
"category": "external",
"summary": "SUSE Bug 1224701 for CVE-2024-35951",
"url": "https://bugzilla.suse.com/1224701"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35951"
},
{
"cve": "CVE-2024-35952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35952"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/ast: Fix soft lockup\n\nThere is a while-loop in ast_dp_set_on_off() that could lead to\ninfinite-loop. This is because the register, VGACRI-Dx, checked in\nthis API is a scratch register actually controlled by a MCU, named\nDPMCU, in BMC.\n\nThese scratch registers are protected by scu-lock. If suc-lock is not\noff, DPMCU can not update these registers and then host will have soft\nlockup due to never updated status.\n\nDPMCU is used to control DP and relative registers to handshake with\nhost\u0027s VGA driver. Even the most time-consuming task, DP\u0027s link\ntraining, is less than 100ms. 200ms should be enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35952",
"url": "https://www.suse.com/security/cve/CVE-2024-35952"
},
{
"category": "external",
"summary": "SUSE Bug 1224705 for CVE-2024-35952",
"url": "https://bugzilla.suse.com/1224705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35952"
},
{
"cve": "CVE-2024-35953",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35953"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix deadlock in context_xa\n\nivpu_device-\u003econtext_xa is locked both in kernel thread and IRQ context.\nIt requires XA_FLAGS_LOCK_IRQ flag to be passed during initialization\notherwise the lock could be acquired from a thread and interrupted by\nan IRQ that locks it for the second time causing the deadlock.\n\nThis deadlock was reported by lockdep and observed in internal tests.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35953",
"url": "https://www.suse.com/security/cve/CVE-2024-35953"
},
{
"category": "external",
"summary": "SUSE Bug 1224704 for CVE-2024-35953",
"url": "https://bugzilla.suse.com/1224704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35953"
},
{
"cve": "CVE-2024-35954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35954"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: sg: Avoid sg device teardown race\n\nsg_remove_sfp_usercontext() must not use sg_device_destroy() after calling\nscsi_device_put().\n\nsg_device_destroy() is accessing the parent scsi_device request_queue which\nwill already be set to NULL when the preceding call to scsi_device_put()\nremoved the last reference to the parent scsi_device.\n\nThe resulting NULL pointer exception will then crash the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35954",
"url": "https://www.suse.com/security/cve/CVE-2024-35954"
},
{
"category": "external",
"summary": "SUSE Bug 1224675 for CVE-2024-35954",
"url": "https://bugzilla.suse.com/1224675"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35954"
},
{
"cve": "CVE-2024-35955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nkprobes: Fix possible use-after-free issue on kprobe registration\n\nWhen unloading a module, its state is changing MODULE_STATE_LIVE -\u003e\n MODULE_STATE_GOING -\u003e MODULE_STATE_UNFORMED. Each change will take\na time. `is_module_text_address()` and `__module_text_address()`\nworks with MODULE_STATE_LIVE and MODULE_STATE_GOING.\nIf we use `is_module_text_address()` and `__module_text_address()`\nseparately, there is a chance that the first one is succeeded but the\nnext one is failed because module-\u003estate becomes MODULE_STATE_UNFORMED\nbetween those operations.\n\nIn `check_kprobe_address_safe()`, if the second `__module_text_address()`\nis failed, that is ignored because it expected a kernel_text address.\nBut it may have failed simply because module-\u003estate has been changed\nto MODULE_STATE_UNFORMED. In this case, arm_kprobe() will try to modify\nnon-exist module text address (use-after-free).\n\nTo fix this problem, we should not use separated `is_module_text_address()`\nand `__module_text_address()`, but use only `__module_text_address()`\nonce and do `try_module_get(module)` which is only available with\nMODULE_STATE_LIVE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35955",
"url": "https://www.suse.com/security/cve/CVE-2024-35955"
},
{
"category": "external",
"summary": "SUSE Bug 1224676 for CVE-2024-35955",
"url": "https://bugzilla.suse.com/1224676"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35955"
},
{
"cve": "CVE-2024-35956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35956"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: qgroup: fix qgroup prealloc rsv leak in subvolume operations\n\nCreate subvolume, create snapshot and delete subvolume all use\nbtrfs_subvolume_reserve_metadata() to reserve metadata for the changes\ndone to the parent subvolume\u0027s fs tree, which cannot be mediated in the\nnormal way via start_transaction. When quota groups (squota or qgroups)\nare enabled, this reserves qgroup metadata of type PREALLOC. Once the\noperation is associated to a transaction, we convert PREALLOC to\nPERTRANS, which gets cleared in bulk at the end of the transaction.\n\nHowever, the error paths of these three operations were not implementing\nthis lifecycle correctly. They unconditionally converted the PREALLOC to\nPERTRANS in a generic cleanup step regardless of errors or whether the\noperation was fully associated to a transaction or not. This resulted in\nerror paths occasionally converting this rsv to PERTRANS without calling\nrecord_root_in_trans successfully, which meant that unless that root got\nrecorded in the transaction by some other thread, the end of the\ntransaction would not free that root\u0027s PERTRANS, leaking it. Ultimately,\nthis resulted in hitting a WARN in CONFIG_BTRFS_DEBUG builds at unmount\nfor the leaked reservation.\n\nThe fix is to ensure that every qgroup PREALLOC reservation observes the\nfollowing properties:\n\n1. any failure before record_root_in_trans is called successfully\n results in freeing the PREALLOC reservation.\n2. after record_root_in_trans, we convert to PERTRANS, and now the\n transaction owns freeing the reservation.\n\nThis patch enforces those properties on the three operations. Without\nit, generic/269 with squotas enabled at mkfs time would fail in ~5-10\nruns on my system. With this patch, it ran successfully 1000 times in a\nrow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35956",
"url": "https://www.suse.com/security/cve/CVE-2024-35956"
},
{
"category": "external",
"summary": "SUSE Bug 1224674 for CVE-2024-35956",
"url": "https://bugzilla.suse.com/1224674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35956"
},
{
"cve": "CVE-2024-35958",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35958"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ena: Fix incorrect descriptor free behavior\n\nENA has two types of TX queues:\n- queues which only process TX packets arriving from the network stack\n- queues which only process TX packets forwarded to it by XDP_REDIRECT\n or XDP_TX instructions\n\nThe ena_free_tx_bufs() cycles through all descriptors in a TX queue\nand unmaps + frees every descriptor that hasn\u0027t been acknowledged yet\nby the device (uncompleted TX transactions).\nThe function assumes that the processed TX queue is necessarily from\nthe first category listed above and ends up using napi_consume_skb()\nfor descriptors belonging to an XDP specific queue.\n\nThis patch solves a bug in which, in case of a VF reset, the\ndescriptors aren\u0027t freed correctly, leading to crashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35958",
"url": "https://www.suse.com/security/cve/CVE-2024-35958"
},
{
"category": "external",
"summary": "SUSE Bug 1224677 for CVE-2024-35958",
"url": "https://bugzilla.suse.com/1224677"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35958"
},
{
"cve": "CVE-2024-35959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5e: Fix mlx5e_priv_init() cleanup flow\n\nWhen mlx5e_priv_init() fails, the cleanup flow calls mlx5e_selq_cleanup which\ncalls mlx5e_selq_apply() that assures that the `priv-\u003estate_lock` is held using\nlockdep_is_held().\n\nAcquire the state_lock in mlx5e_selq_cleanup().\n\nKernel log:\n=============================\nWARNING: suspicious RCU usage\n6.8.0-rc3_net_next_841a9b5 #1 Not tainted\n-----------------------------\ndrivers/net/ethernet/mellanox/mlx5/core/en/selq.c:124 suspicious rcu_dereference_protected() usage!\n\nother info that might help us debug this:\n\nrcu_scheduler_active = 2, debug_locks = 1\n2 locks held by systemd-modules/293:\n #0: ffffffffa05067b0 (devices_rwsem){++++}-{3:3}, at: ib_register_client+0x109/0x1b0 [ib_core]\n #1: ffff8881096c65c0 (\u0026device-\u003eclient_data_rwsem){++++}-{3:3}, at: add_client_context+0x104/0x1c0 [ib_core]\n\nstack backtrace:\nCPU: 4 PID: 293 Comm: systemd-modules Not tainted 6.8.0-rc3_net_next_841a9b5 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x8a/0xa0\n lockdep_rcu_suspicious+0x154/0x1a0\n mlx5e_selq_apply+0x94/0xa0 [mlx5_core]\n mlx5e_selq_cleanup+0x3a/0x60 [mlx5_core]\n mlx5e_priv_init+0x2be/0x2f0 [mlx5_core]\n mlx5_rdma_setup_rn+0x7c/0x1a0 [mlx5_core]\n rdma_init_netdev+0x4e/0x80 [ib_core]\n ? mlx5_rdma_netdev_free+0x70/0x70 [mlx5_core]\n ipoib_intf_init+0x64/0x550 [ib_ipoib]\n ipoib_intf_alloc+0x4e/0xc0 [ib_ipoib]\n ipoib_add_one+0xb0/0x360 [ib_ipoib]\n add_client_context+0x112/0x1c0 [ib_core]\n ib_register_client+0x166/0x1b0 [ib_core]\n ? 0xffffffffa0573000\n ipoib_init_module+0xeb/0x1a0 [ib_ipoib]\n do_one_initcall+0x61/0x250\n do_init_module+0x8a/0x270\n init_module_from_file+0x8b/0xd0\n idempotent_init_module+0x17d/0x230\n __x64_sys_finit_module+0x61/0xb0\n do_syscall_64+0x71/0x140\n entry_SYSCALL_64_after_hwframe+0x46/0x4e\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35959",
"url": "https://www.suse.com/security/cve/CVE-2024-35959"
},
{
"category": "external",
"summary": "SUSE Bug 1224666 for CVE-2024-35959",
"url": "https://bugzilla.suse.com/1224666"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35959"
},
{
"cve": "CVE-2024-35960",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35960"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Properly link new fs rules into the tree\n\nPreviously, add_rule_fg would only add newly created rules from the\nhandle into the tree when they had a refcount of 1. On the other hand,\ncreate_flow_handle tries hard to find and reference already existing\nidentical rules instead of creating new ones.\n\nThese two behaviors can result in a situation where create_flow_handle\n1) creates a new rule and references it, then\n2) in a subsequent step during the same handle creation references it\n again,\nresulting in a rule with a refcount of 2 that is not linked into the\ntree, will have a NULL parent and root and will result in a crash when\nthe flow group is deleted because del_sw_hw_rule, invoked on rule\ndeletion, assumes node-\u003eparent is != NULL.\n\nThis happened in the wild, due to another bug related to incorrect\nhandling of duplicate pkt_reformat ids, which lead to the code in\ncreate_flow_handle incorrectly referencing a just-added rule in the same\nflow handle, resulting in the problem described above. Full details are\nat [1].\n\nThis patch changes add_rule_fg to add new rules without parents into\nthe tree, properly initializing them and avoiding the crash. This makes\nit more consistent with how rules are added to an FTE in\ncreate_flow_handle.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35960",
"url": "https://www.suse.com/security/cve/CVE-2024-35960"
},
{
"category": "external",
"summary": "SUSE Bug 1224588 for CVE-2024-35960",
"url": "https://bugzilla.suse.com/1224588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35960"
},
{
"cve": "CVE-2024-35961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: Register devlink first under devlink lock\n\nIn case device is having a non fatal FW error during probe, the\ndriver will report the error to user via devlink. This will trigger\na WARN_ON, since mlx5 is calling devlink_register() last.\nIn order to avoid the WARN_ON[1], change mlx5 to invoke devl_register()\nfirst under devlink lock.\n\n[1]\nWARNING: CPU: 5 PID: 227 at net/devlink/health.c:483 devlink_recover_notify.constprop.0+0xb8/0xc0\nCPU: 5 PID: 227 Comm: kworker/u16:3 Not tainted 6.4.0-rc5_for_upstream_min_debug_2023_06_12_12_38 #1\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.13.0-0-gf21b5a4aeb02-prebuilt.qemu.org 04/01/2014\nWorkqueue: mlx5_health0000:08:00.0 mlx5_fw_reporter_err_work [mlx5_core]\nRIP: 0010:devlink_recover_notify.constprop.0+0xb8/0xc0\nCall Trace:\n \u003cTASK\u003e\n ? __warn+0x79/0x120\n ? devlink_recover_notify.constprop.0+0xb8/0xc0\n ? report_bug+0x17c/0x190\n ? handle_bug+0x3c/0x60\n ? exc_invalid_op+0x14/0x70\n ? asm_exc_invalid_op+0x16/0x20\n ? devlink_recover_notify.constprop.0+0xb8/0xc0\n devlink_health_report+0x4a/0x1c0\n mlx5_fw_reporter_err_work+0xa4/0xd0 [mlx5_core]\n process_one_work+0x1bb/0x3c0\n ? process_one_work+0x3c0/0x3c0\n worker_thread+0x4d/0x3c0\n ? process_one_work+0x3c0/0x3c0\n kthread+0xc6/0xf0\n ? kthread_complete_and_exit+0x20/0x20\n ret_from_fork+0x1f/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35961",
"url": "https://www.suse.com/security/cve/CVE-2024-35961"
},
{
"category": "external",
"summary": "SUSE Bug 1224585 for CVE-2024-35961",
"url": "https://bugzilla.suse.com/1224585"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35961"
},
{
"cve": "CVE-2024-35963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35963"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sock: Fix not validating setsockopt user input\n\nCheck user input length before copying data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35963",
"url": "https://www.suse.com/security/cve/CVE-2024-35963"
},
{
"category": "external",
"summary": "SUSE Bug 1224582 for CVE-2024-35963",
"url": "https://bugzilla.suse.com/1224582"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35963"
},
{
"cve": "CVE-2024-35964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: ISO: Fix not validating setsockopt user input\n\nCheck user input length before copying data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35964",
"url": "https://www.suse.com/security/cve/CVE-2024-35964"
},
{
"category": "external",
"summary": "SUSE Bug 1224581 for CVE-2024-35964",
"url": "https://bugzilla.suse.com/1224581"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35964"
},
{
"cve": "CVE-2024-35965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix not validating setsockopt user input\n\nCheck user input length before copying data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35965",
"url": "https://www.suse.com/security/cve/CVE-2024-35965"
},
{
"category": "external",
"summary": "SUSE Bug 1224579 for CVE-2024-35965",
"url": "https://bugzilla.suse.com/1224579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35965"
},
{
"cve": "CVE-2024-35966",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35966"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: Fix not validating setsockopt user input\n\nsyzbot reported rfcomm_sock_setsockopt_old() is copying data without\nchecking user input length.\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset\ninclude/linux/sockptr.h:49 [inline]\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr\ninclude/linux/sockptr.h:55 [inline]\nBUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt_old\nnet/bluetooth/rfcomm/sock.c:632 [inline]\nBUG: KASAN: slab-out-of-bounds in rfcomm_sock_setsockopt+0x893/0xa70\nnet/bluetooth/rfcomm/sock.c:673\nRead of size 4 at addr ffff8880209a8bc3 by task syz-executor632/5064",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35966",
"url": "https://www.suse.com/security/cve/CVE-2024-35966"
},
{
"category": "external",
"summary": "SUSE Bug 1224576 for CVE-2024-35966",
"url": "https://bugzilla.suse.com/1224576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35966"
},
{
"cve": "CVE-2024-35967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35967"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: Fix not validating setsockopt user input\n\nsyzbot reported sco_sock_setsockopt() is copying data without\nchecking user input length.\n\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr_offset\ninclude/linux/sockptr.h:49 [inline]\nBUG: KASAN: slab-out-of-bounds in copy_from_sockptr\ninclude/linux/sockptr.h:55 [inline]\nBUG: KASAN: slab-out-of-bounds in sco_sock_setsockopt+0xc0b/0xf90\nnet/bluetooth/sco.c:893\nRead of size 4 at addr ffff88805f7b15a3 by task syz-executor.5/12578",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35967",
"url": "https://www.suse.com/security/cve/CVE-2024-35967"
},
{
"category": "external",
"summary": "SUSE Bug 1224587 for CVE-2024-35967",
"url": "https://bugzilla.suse.com/1224587"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35967"
},
{
"cve": "CVE-2024-35969",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35969"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: fix race condition between ipv6_get_ifaddr and ipv6_del_addr\n\nAlthough ipv6_get_ifaddr walks inet6_addr_lst under the RCU lock, it\nstill means hlist_for_each_entry_rcu can return an item that got removed\nfrom the list. The memory itself of such item is not freed thanks to RCU\nbut nothing guarantees the actual content of the memory is sane.\n\nIn particular, the reference count can be zero. This can happen if\nipv6_del_addr is called in parallel. ipv6_del_addr removes the entry\nfrom inet6_addr_lst (hlist_del_init_rcu(\u0026ifp-\u003eaddr_lst)) and drops all\nreferences (__in6_ifa_put(ifp) + in6_ifa_put(ifp)). With bad enough\ntiming, this can happen:\n\n1. In ipv6_get_ifaddr, hlist_for_each_entry_rcu returns an entry.\n\n2. Then, the whole ipv6_del_addr is executed for the given entry. The\n reference count drops to zero and kfree_rcu is scheduled.\n\n3. ipv6_get_ifaddr continues and tries to increments the reference count\n (in6_ifa_hold).\n\n4. The rcu is unlocked and the entry is freed.\n\n5. The freed entry is returned.\n\nPrevent increasing of the reference count in such case. The name\nin6_ifa_hold_safe is chosen to mimic the existing fib6_info_hold_safe.\n\n[ 41.506330] refcount_t: addition on 0; use-after-free.\n[ 41.506760] WARNING: CPU: 0 PID: 595 at lib/refcount.c:25 refcount_warn_saturate+0xa5/0x130\n[ 41.507413] Modules linked in: veth bridge stp llc\n[ 41.507821] CPU: 0 PID: 595 Comm: python3 Not tainted 6.9.0-rc2.main-00208-g49563be82afa #14\n[ 41.508479] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n[ 41.509163] RIP: 0010:refcount_warn_saturate+0xa5/0x130\n[ 41.509586] Code: ad ff 90 0f 0b 90 90 c3 cc cc cc cc 80 3d c0 30 ad 01 00 75 a0 c6 05 b7 30 ad 01 01 90 48 c7 c7 38 cc 7a 8c e8 cc 18 ad ff 90 \u003c0f\u003e 0b 90 90 c3 cc cc cc cc 80 3d 98 30 ad 01 00 0f 85 75 ff ff ff\n[ 41.510956] RSP: 0018:ffffbda3c026baf0 EFLAGS: 00010282\n[ 41.511368] RAX: 0000000000000000 RBX: ffff9e9c46914800 RCX: 0000000000000000\n[ 41.511910] RDX: ffff9e9c7ec29c00 RSI: ffff9e9c7ec1c900 RDI: ffff9e9c7ec1c900\n[ 41.512445] RBP: ffff9e9c43660c9c R08: 0000000000009ffb R09: 00000000ffffdfff\n[ 41.512998] R10: 00000000ffffdfff R11: ffffffff8ca58a40 R12: ffff9e9c4339a000\n[ 41.513534] R13: 0000000000000001 R14: ffff9e9c438a0000 R15: ffffbda3c026bb48\n[ 41.514086] FS: 00007fbc4cda1740(0000) GS:ffff9e9c7ec00000(0000) knlGS:0000000000000000\n[ 41.514726] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 41.515176] CR2: 000056233b337d88 CR3: 000000000376e006 CR4: 0000000000370ef0\n[ 41.515713] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000\n[ 41.516252] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400\n[ 41.516799] Call Trace:\n[ 41.517037] \u003cTASK\u003e\n[ 41.517249] ? __warn+0x7b/0x120\n[ 41.517535] ? refcount_warn_saturate+0xa5/0x130\n[ 41.517923] ? report_bug+0x164/0x190\n[ 41.518240] ? handle_bug+0x3d/0x70\n[ 41.518541] ? exc_invalid_op+0x17/0x70\n[ 41.520972] ? asm_exc_invalid_op+0x1a/0x20\n[ 41.521325] ? refcount_warn_saturate+0xa5/0x130\n[ 41.521708] ipv6_get_ifaddr+0xda/0xe0\n[ 41.522035] inet6_rtm_getaddr+0x342/0x3f0\n[ 41.522376] ? __pfx_inet6_rtm_getaddr+0x10/0x10\n[ 41.522758] rtnetlink_rcv_msg+0x334/0x3d0\n[ 41.523102] ? netlink_unicast+0x30f/0x390\n[ 41.523445] ? __pfx_rtnetlink_rcv_msg+0x10/0x10\n[ 41.523832] netlink_rcv_skb+0x53/0x100\n[ 41.524157] netlink_unicast+0x23b/0x390\n[ 41.524484] netlink_sendmsg+0x1f2/0x440\n[ 41.524826] __sys_sendto+0x1d8/0x1f0\n[ 41.525145] __x64_sys_sendto+0x1f/0x30\n[ 41.525467] do_syscall_64+0xa5/0x1b0\n[ 41.525794] entry_SYSCALL_64_after_hwframe+0x72/0x7a\n[ 41.526213] RIP: 0033:0x7fbc4cfcea9a\n[ 41.526528] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb b8 0f 1f 00 f3 0f 1e fa 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 15 b8 2c 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 7e c3 0f 1f 44 00 00 41 54 48 83 ec 30 44 89\n[ 41.527942] RSP: 002b:00007f\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35969",
"url": "https://www.suse.com/security/cve/CVE-2024-35969"
},
{
"category": "external",
"summary": "SUSE Bug 1224580 for CVE-2024-35969",
"url": "https://bugzilla.suse.com/1224580"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35969"
},
{
"cve": "CVE-2024-35971",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35971"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ks8851: Handle softirqs at the end of IRQ thread to fix hang\n\nThe ks8851_irq() thread may call ks8851_rx_pkts() in case there are\nany packets in the MAC FIFO, which calls netif_rx(). This netif_rx()\nimplementation is guarded by local_bh_disable() and local_bh_enable().\nThe local_bh_enable() may call do_softirq() to run softirqs in case\nany are pending. One of the softirqs is net_rx_action, which ultimately\nreaches the driver .start_xmit callback. If that happens, the system\nhangs. The entire call chain is below:\n\nks8851_start_xmit_par from netdev_start_xmit\nnetdev_start_xmit from dev_hard_start_xmit\ndev_hard_start_xmit from sch_direct_xmit\nsch_direct_xmit from __dev_queue_xmit\n__dev_queue_xmit from __neigh_update\n__neigh_update from neigh_update\nneigh_update from arp_process.constprop.0\narp_process.constprop.0 from __netif_receive_skb_one_core\n__netif_receive_skb_one_core from process_backlog\nprocess_backlog from __napi_poll.constprop.0\n__napi_poll.constprop.0 from net_rx_action\nnet_rx_action from __do_softirq\n__do_softirq from call_with_stack\ncall_with_stack from do_softirq\ndo_softirq from __local_bh_enable_ip\n__local_bh_enable_ip from netif_rx\nnetif_rx from ks8851_irq\nks8851_irq from irq_thread_fn\nirq_thread_fn from irq_thread\nirq_thread from kthread\nkthread from ret_from_fork\n\nThe hang happens because ks8851_irq() first locks a spinlock in\nks8851_par.c ks8851_lock_par() spin_lock_irqsave(\u0026ksp-\u003elock, ...)\nand with that spinlock locked, calls netif_rx(). Once the execution\nreaches ks8851_start_xmit_par(), it calls ks8851_lock_par() again\nwhich attempts to claim the already locked spinlock again, and the\nhang happens.\n\nMove the do_softirq() call outside of the spinlock protected section\nof ks8851_irq() by disabling BHs around the entire spinlock protected\nsection of ks8851_irq() handler. Place local_bh_enable() outside of\nthe spinlock protected section, so that it can trigger do_softirq()\nwithout the ks8851_par.c ks8851_lock_par() spinlock being held, and\nsafely call ks8851_start_xmit_par() without attempting to lock the\nalready locked spinlock.\n\nSince ks8851_irq() is protected by local_bh_disable()/local_bh_enable()\nnow, replace netif_rx() with __netif_rx() which is not duplicating the\nlocal_bh_disable()/local_bh_enable() calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35971",
"url": "https://www.suse.com/security/cve/CVE-2024-35971"
},
{
"category": "external",
"summary": "SUSE Bug 1224578 for CVE-2024-35971",
"url": "https://bugzilla.suse.com/1224578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35971"
},
{
"cve": "CVE-2024-35972",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35972"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init()\n\nIf ulp = kzalloc() fails, the allocated edev will leak because it is\nnot properly assigned and the cleanup path will not be able to free it.\nFix it by assigning it properly immediately after allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35972",
"url": "https://www.suse.com/security/cve/CVE-2024-35972"
},
{
"category": "external",
"summary": "SUSE Bug 1224577 for CVE-2024-35972",
"url": "https://bugzilla.suse.com/1224577"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35972"
},
{
"cve": "CVE-2024-35973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35973"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngeneve: fix header validation in geneve[6]_xmit_skb\n\nsyzbot is able to trigger an uninit-value in geneve_xmit() [1]\n\nProblem : While most ip tunnel helpers (like ip_tunnel_get_dsfield())\nuses skb_protocol(skb, true), pskb_inet_may_pull() is only using\nskb-\u003eprotocol.\n\nIf anything else than ETH_P_IPV6 or ETH_P_IP is found in skb-\u003eprotocol,\npskb_inet_may_pull() does nothing at all.\n\nIf a vlan tag was provided by the caller (af_packet in the syzbot case),\nthe network header might not point to the correct location, and skb\nlinear part could be smaller than expected.\n\nAdd skb_vlan_inet_prepare() to perform a complete mac validation.\n\nUse this in geneve for the moment, I suspect we need to adopt this\nmore broadly.\n\nv4 - Jakub reported v3 broke l2_tos_ttl_inherit.sh selftest\n - Only call __vlan_get_protocol() for vlan types.\n\nv2,v3 - Addressed Sabrina comments on v1 and v2\n\n[1]\n\nBUG: KMSAN: uninit-value in geneve_xmit_skb drivers/net/geneve.c:910 [inline]\n BUG: KMSAN: uninit-value in geneve_xmit+0x302d/0x5420 drivers/net/geneve.c:1030\n geneve_xmit_skb drivers/net/geneve.c:910 [inline]\n geneve_xmit+0x302d/0x5420 drivers/net/geneve.c:1030\n __netdev_start_xmit include/linux/netdevice.h:4903 [inline]\n netdev_start_xmit include/linux/netdevice.h:4917 [inline]\n xmit_one net/core/dev.c:3531 [inline]\n dev_hard_start_xmit+0x247/0xa20 net/core/dev.c:3547\n __dev_queue_xmit+0x348d/0x52c0 net/core/dev.c:4335\n dev_queue_xmit include/linux/netdevice.h:3091 [inline]\n packet_xmit+0x9c/0x6c0 net/packet/af_packet.c:276\n packet_snd net/packet/af_packet.c:3081 [inline]\n packet_sendmsg+0x8bb0/0x9ef0 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n __sys_sendto+0x685/0x830 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1d0 net/socket.c:2199\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nUninit was created at:\n slab_post_alloc_hook mm/slub.c:3804 [inline]\n slab_alloc_node mm/slub.c:3845 [inline]\n kmem_cache_alloc_node+0x613/0xc50 mm/slub.c:3888\n kmalloc_reserve+0x13d/0x4a0 net/core/skbuff.c:577\n __alloc_skb+0x35b/0x7a0 net/core/skbuff.c:668\n alloc_skb include/linux/skbuff.h:1318 [inline]\n alloc_skb_with_frags+0xc8/0xbf0 net/core/skbuff.c:6504\n sock_alloc_send_pskb+0xa81/0xbf0 net/core/sock.c:2795\n packet_alloc_skb net/packet/af_packet.c:2930 [inline]\n packet_snd net/packet/af_packet.c:3024 [inline]\n packet_sendmsg+0x722d/0x9ef0 net/packet/af_packet.c:3113\n sock_sendmsg_nosec net/socket.c:730 [inline]\n __sock_sendmsg+0x30f/0x380 net/socket.c:745\n __sys_sendto+0x685/0x830 net/socket.c:2191\n __do_sys_sendto net/socket.c:2203 [inline]\n __se_sys_sendto net/socket.c:2199 [inline]\n __x64_sys_sendto+0x125/0x1d0 net/socket.c:2199\n do_syscall_64+0xd5/0x1f0\n entry_SYSCALL_64_after_hwframe+0x6d/0x75\n\nCPU: 0 PID: 5033 Comm: syz-executor346 Not tainted 6.9.0-rc1-syzkaller-00005-g928a87efa423 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/29/2024",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35973",
"url": "https://www.suse.com/security/cve/CVE-2024-35973"
},
{
"category": "external",
"summary": "SUSE Bug 1224586 for CVE-2024-35973",
"url": "https://bugzilla.suse.com/1224586"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35973"
},
{
"cve": "CVE-2024-35974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nblock: fix q-\u003eblkg_list corruption during disk rebind\n\nMultiple gendisk instances can allocated/added for single request queue\nin case of disk rebind. blkg may still stay in q-\u003eblkg_list when calling\nblkcg_init_disk() for rebind, then q-\u003eblkg_list becomes corrupted.\n\nFix the list corruption issue by:\n\n- add blkg_init_queue() to initialize q-\u003eblkg_list \u0026 q-\u003eblkcg_mutex only\n- move calling blkg_init_queue() into blk_alloc_queue()\n\nThe list corruption should be started since commit f1c006f1c685 (\"blk-cgroup:\nsynchronize pd_free_fn() from blkg_free_workfn() and blkcg_deactivate_policy()\")\nwhich delays removing blkg from q-\u003eblkg_list into blkg_free_workfn().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35974",
"url": "https://www.suse.com/security/cve/CVE-2024-35974"
},
{
"category": "external",
"summary": "SUSE Bug 1224573 for CVE-2024-35974",
"url": "https://bugzilla.suse.com/1224573"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35974"
},
{
"cve": "CVE-2024-35975",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35975"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-pf: Fix transmit scheduler resource leak\n\nInorder to support shaping and scheduling, Upon class creation\nNetdev driver allocates trasmit schedulers.\n\nThe previous patch which added support for Round robin scheduling has\na bug due to which driver is not freeing transmit schedulers post\nclass deletion.\n\nThis patch fixes the same.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35975",
"url": "https://www.suse.com/security/cve/CVE-2024-35975"
},
{
"category": "external",
"summary": "SUSE Bug 1224569 for CVE-2024-35975",
"url": "https://bugzilla.suse.com/1224569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35975"
},
{
"cve": "CVE-2024-35977",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35977"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nplatform/chrome: cros_ec_uart: properly fix race condition\n\nThe cros_ec_uart_probe() function calls devm_serdev_device_open() before\nit calls serdev_device_set_client_ops(). This can trigger a NULL pointer\ndereference:\n\n BUG: kernel NULL pointer dereference, address: 0000000000000000\n ...\n Call Trace:\n \u003cTASK\u003e\n ...\n ? ttyport_receive_buf\n\nA simplified version of crashing code is as follows:\n\n static inline size_t serdev_controller_receive_buf(struct serdev_controller *ctrl,\n const u8 *data,\n size_t count)\n {\n struct serdev_device *serdev = ctrl-\u003eserdev;\n\n if (!serdev || !serdev-\u003eops-\u003ereceive_buf) // CRASH!\n return 0;\n\n return serdev-\u003eops-\u003ereceive_buf(serdev, data, count);\n }\n\nIt assumes that if SERPORT_ACTIVE is set and serdev exists, serdev-\u003eops\nwill also exist. This conflicts with the existing cros_ec_uart_probe()\nlogic, as it first calls devm_serdev_device_open() (which sets\nSERPORT_ACTIVE), and only later sets serdev-\u003eops via\nserdev_device_set_client_ops().\n\nCommit 01f95d42b8f4 (\"platform/chrome: cros_ec_uart: fix race\ncondition\") attempted to fix a similar race condition, but while doing\nso, made the window of error for this race condition to happen much\nwider.\n\nAttempt to fix the race condition again, making sure we fully setup\nbefore calling devm_serdev_device_open().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35977",
"url": "https://www.suse.com/security/cve/CVE-2024-35977"
},
{
"category": "external",
"summary": "SUSE Bug 1224568 for CVE-2024-35977",
"url": "https://bugzilla.suse.com/1224568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35977"
},
{
"cve": "CVE-2024-35978",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35978"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: Fix memory leak in hci_req_sync_complete()\n\nIn \u0027hci_req_sync_complete()\u0027, always free the previous sync\nrequest state before assigning reference to a new one.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35978",
"url": "https://www.suse.com/security/cve/CVE-2024-35978"
},
{
"category": "external",
"summary": "SUSE Bug 1224571 for CVE-2024-35978",
"url": "https://bugzilla.suse.com/1224571"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35978"
},
{
"cve": "CVE-2024-35981",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35981"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Do not send RSS key if it is not supported\n\nThere is a bug when setting the RSS options in virtio_net that can break\nthe whole machine, getting the kernel into an infinite loop.\n\nRunning the following command in any QEMU virtual machine with virtionet\nwill reproduce this problem:\n\n # ethtool -X eth0 hfunc toeplitz\n\nThis is how the problem happens:\n\n1) ethtool_set_rxfh() calls virtnet_set_rxfh()\n\n2) virtnet_set_rxfh() calls virtnet_commit_rss_command()\n\n3) virtnet_commit_rss_command() populates 4 entries for the rss\nscatter-gather\n\n4) Since the command above does not have a key, then the last\nscatter-gatter entry will be zeroed, since rss_key_size == 0.\nsg_buf_size = vi-\u003erss_key_size;\n\n5) This buffer is passed to qemu, but qemu is not happy with a buffer\nwith zero length, and do the following in virtqueue_map_desc() (QEMU\nfunction):\n\n if (!sz) {\n virtio_error(vdev, \"virtio: zero sized buffers are not allowed\");\n\n6) virtio_error() (also QEMU function) set the device as broken\n\n vdev-\u003ebroken = true;\n\n7) Qemu bails out, and do not repond this crazy kernel.\n\n8) The kernel is waiting for the response to come back (function\nvirtnet_send_command())\n\n9) The kernel is waiting doing the following :\n\n while (!virtqueue_get_buf(vi-\u003ecvq, \u0026tmp) \u0026\u0026\n\t !virtqueue_is_broken(vi-\u003ecvq))\n\t cpu_relax();\n\n10) None of the following functions above is true, thus, the kernel\nloops here forever. Keeping in mind that virtqueue_is_broken() does\nnot look at the qemu `vdev-\u003ebroken`, so, it never realizes that the\nvitio is broken at QEMU side.\n\nFix it by not sending RSS commands if the feature is not available in\nthe device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35981",
"url": "https://www.suse.com/security/cve/CVE-2024-35981"
},
{
"category": "external",
"summary": "SUSE Bug 1224565 for CVE-2024-35981",
"url": "https://bugzilla.suse.com/1224565"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35981"
},
{
"cve": "CVE-2024-35982",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35982"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbatman-adv: Avoid infinite loop trying to resize local TT\n\nIf the MTU of one of an attached interface becomes too small to transmit\nthe local translation table then it must be resized to fit inside all\nfragments (when enabled) or a single packet.\n\nBut if the MTU becomes too low to transmit even the header + the VLAN\nspecific part then the resizing of the local TT will never succeed. This\ncan for example happen when the usable space is 110 bytes and 11 VLANs are\non top of batman-adv. In this case, at least 116 byte would be needed.\nThere will just be an endless spam of\n\n batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (110)\n\nin the log but the function will never finish. Problem here is that the\ntimeout will be halved all the time and will then stagnate at 0 and\ntherefore never be able to reduce the table even more.\n\nThere are other scenarios possible with a similar result. The number of\nBATADV_TT_CLIENT_NOPURGE entries in the local TT can for example be too\nhigh to fit inside a packet. Such a scenario can therefore happen also with\nonly a single VLAN + 7 non-purgable addresses - requiring at least 120\nbytes.\n\nWhile this should be handled proactively when:\n\n* interface with too low MTU is added\n* VLAN is added\n* non-purgeable local mac is added\n* MTU of an attached interface is reduced\n* fragmentation setting gets disabled (which most likely requires dropping\n attached interfaces)\n\nnot all of these scenarios can be prevented because batman-adv is only\nconsuming events without the the possibility to prevent these actions\n(non-purgable MAC address added, MTU of an attached interface is reduced).\nIt is therefore necessary to also make sure that the code is able to handle\nalso the situations when there were already incompatible system\nconfiguration are present.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35982",
"url": "https://www.suse.com/security/cve/CVE-2024-35982"
},
{
"category": "external",
"summary": "SUSE Bug 1224566 for CVE-2024-35982",
"url": "https://bugzilla.suse.com/1224566"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35982"
},
{
"cve": "CVE-2024-35984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni2c: smbus: fix NULL function pointer dereference\n\nBaruch reported an OOPS when using the designware controller as target\nonly. Target-only modes break the assumption of one transfer function\nalways being available. Fix this by always checking the pointer in\n__i2c_transfer.\n\n[wsa: dropped the simplification in core-smbus to avoid theoretical regressions]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35984",
"url": "https://www.suse.com/security/cve/CVE-2024-35984"
},
{
"category": "external",
"summary": "SUSE Bug 1224567 for CVE-2024-35984",
"url": "https://bugzilla.suse.com/1224567"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35984"
},
{
"cve": "CVE-2024-35986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35986"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered\n\nThe power_supply frame-work is not really designed for there to be\nlong living in kernel references to power_supply devices.\n\nSpecifically unregistering a power_supply while some other code has\na reference to it triggers a WARN in power_supply_unregister():\n\n\tWARN_ON(atomic_dec_return(\u0026psy-\u003euse_cnt));\n\nFolllowed by the power_supply still getting removed and the\nbacking data freed anyway, leaving the tusb1210 charger-detect code\nwith a dangling reference, resulting in a crash the next time\ntusb1210_get_online() is called.\n\nFix this by only holding the reference in tusb1210_get_online()\nfreeing it at the end of the function. Note this still leaves\na theoretical race window, but it avoids the issue when manually\nrmmod-ing the charger chip driver during development.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35986",
"url": "https://www.suse.com/security/cve/CVE-2024-35986"
},
{
"category": "external",
"summary": "SUSE Bug 1224562 for CVE-2024-35986",
"url": "https://bugzilla.suse.com/1224562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35986"
},
{
"cve": "CVE-2024-35989",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35989"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Fix oops during rmmod on single-CPU platforms\n\nDuring the removal of the idxd driver, registered offline callback is\ninvoked as part of the clean up process. However, on systems with only\none CPU online, no valid target is available to migrate the\nperf context, resulting in a kernel oops:\n\n BUG: unable to handle page fault for address: 000000000002a2b8\n #PF: supervisor write access in kernel mode\n #PF: error_code(0x0002) - not-present page\n PGD 1470e1067 P4D 0\n Oops: 0002 [#1] PREEMPT SMP NOPTI\n CPU: 0 PID: 20 Comm: cpuhp/0 Not tainted 6.8.0-rc6-dsa+ #57\n Hardware name: Intel Corporation AvenueCity/AvenueCity, BIOS BHSDCRB1.86B.2492.D03.2307181620 07/18/2023\n RIP: 0010:mutex_lock+0x2e/0x50\n ...\n Call Trace:\n \u003cTASK\u003e\n __die+0x24/0x70\n page_fault_oops+0x82/0x160\n do_user_addr_fault+0x65/0x6b0\n __pfx___rdmsr_safe_on_cpu+0x10/0x10\n exc_page_fault+0x7d/0x170\n asm_exc_page_fault+0x26/0x30\n mutex_lock+0x2e/0x50\n mutex_lock+0x1e/0x50\n perf_pmu_migrate_context+0x87/0x1f0\n perf_event_cpu_offline+0x76/0x90 [idxd]\n cpuhp_invoke_callback+0xa2/0x4f0\n __pfx_perf_event_cpu_offline+0x10/0x10 [idxd]\n cpuhp_thread_fun+0x98/0x150\n smpboot_thread_fn+0x27/0x260\n smpboot_thread_fn+0x1af/0x260\n __pfx_smpboot_thread_fn+0x10/0x10\n kthread+0x103/0x140\n __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003cTASK\u003e\n\nFix the issue by preventing the migration of the perf context to an\ninvalid target.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35989",
"url": "https://www.suse.com/security/cve/CVE-2024-35989"
},
{
"category": "external",
"summary": "SUSE Bug 1224558 for CVE-2024-35989",
"url": "https://bugzilla.suse.com/1224558"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35989"
},
{
"cve": "CVE-2024-35990",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35990"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndma: xilinx_dpdma: Fix locking\n\nThere are several places where either chan-\u003elock or chan-\u003evchan.lock was\nnot held. Add appropriate locking. This fixes lockdep warnings like\n\n[ 31.077578] ------------[ cut here ]------------\n[ 31.077831] WARNING: CPU: 2 PID: 40 at drivers/dma/xilinx/xilinx_dpdma.c:834 xilinx_dpdma_chan_queue_transfer+0x274/0x5e0\n[ 31.077953] Modules linked in:\n[ 31.078019] CPU: 2 PID: 40 Comm: kworker/u12:1 Not tainted 6.6.20+ #98\n[ 31.078102] Hardware name: xlnx,zynqmp (DT)\n[ 31.078169] Workqueue: events_unbound deferred_probe_work_func\n[ 31.078272] pstate: 600000c5 (nZCv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\n[ 31.078377] pc : xilinx_dpdma_chan_queue_transfer+0x274/0x5e0\n[ 31.078473] lr : xilinx_dpdma_chan_queue_transfer+0x270/0x5e0\n[ 31.078550] sp : ffffffc083bb2e10\n[ 31.078590] x29: ffffffc083bb2e10 x28: 0000000000000000 x27: ffffff880165a168\n[ 31.078754] x26: ffffff880164e920 x25: ffffff880164eab8 x24: ffffff880164d480\n[ 31.078920] x23: ffffff880165a148 x22: ffffff880164e988 x21: 0000000000000000\n[ 31.079132] x20: ffffffc082aa3000 x19: ffffff880164e880 x18: 0000000000000000\n[ 31.079295] x17: 0000000000000000 x16: 0000000000000000 x15: 0000000000000000\n[ 31.079453] x14: 0000000000000000 x13: ffffff8802263dc0 x12: 0000000000000001\n[ 31.079613] x11: 0001ffc083bb2e34 x10: 0001ff880164e98f x9 : 0001ffc082aa3def\n[ 31.079824] x8 : 0001ffc082aa3dec x7 : 0000000000000000 x6 : 0000000000000516\n[ 31.079982] x5 : ffffffc7f8d43000 x4 : ffffff88003c9c40 x3 : ffffffffffffffff\n[ 31.080147] x2 : ffffffc7f8d43000 x1 : 00000000000000c0 x0 : 0000000000000000\n[ 31.080307] Call trace:\n[ 31.080340] xilinx_dpdma_chan_queue_transfer+0x274/0x5e0\n[ 31.080518] xilinx_dpdma_issue_pending+0x11c/0x120\n[ 31.080595] zynqmp_disp_layer_update+0x180/0x3ac\n[ 31.080712] zynqmp_dpsub_plane_atomic_update+0x11c/0x21c\n[ 31.080825] drm_atomic_helper_commit_planes+0x20c/0x684\n[ 31.080951] drm_atomic_helper_commit_tail+0x5c/0xb0\n[ 31.081139] commit_tail+0x234/0x294\n[ 31.081246] drm_atomic_helper_commit+0x1f8/0x210\n[ 31.081363] drm_atomic_commit+0x100/0x140\n[ 31.081477] drm_client_modeset_commit_atomic+0x318/0x384\n[ 31.081634] drm_client_modeset_commit_locked+0x8c/0x24c\n[ 31.081725] drm_client_modeset_commit+0x34/0x5c\n[ 31.081812] __drm_fb_helper_restore_fbdev_mode_unlocked+0x104/0x168\n[ 31.081899] drm_fb_helper_set_par+0x50/0x70\n[ 31.081971] fbcon_init+0x538/0xc48\n[ 31.082047] visual_init+0x16c/0x23c\n[ 31.082207] do_bind_con_driver.isra.0+0x2d0/0x634\n[ 31.082320] do_take_over_console+0x24c/0x33c\n[ 31.082429] do_fbcon_takeover+0xbc/0x1b0\n[ 31.082503] fbcon_fb_registered+0x2d0/0x34c\n[ 31.082663] register_framebuffer+0x27c/0x38c\n[ 31.082767] __drm_fb_helper_initial_config_and_unlock+0x5c0/0x91c\n[ 31.082939] drm_fb_helper_initial_config+0x50/0x74\n[ 31.083012] drm_fbdev_dma_client_hotplug+0xb8/0x108\n[ 31.083115] drm_client_register+0xa0/0xf4\n[ 31.083195] drm_fbdev_dma_setup+0xb0/0x1cc\n[ 31.083293] zynqmp_dpsub_drm_init+0x45c/0x4e0\n[ 31.083431] zynqmp_dpsub_probe+0x444/0x5e0\n[ 31.083616] platform_probe+0x8c/0x13c\n[ 31.083713] really_probe+0x258/0x59c\n[ 31.083793] __driver_probe_device+0xc4/0x224\n[ 31.083878] driver_probe_device+0x70/0x1c0\n[ 31.083961] __device_attach_driver+0x108/0x1e0\n[ 31.084052] bus_for_each_drv+0x9c/0x100\n[ 31.084125] __device_attach+0x100/0x298\n[ 31.084207] device_initial_probe+0x14/0x20\n[ 31.084292] bus_probe_device+0xd8/0xdc\n[ 31.084368] deferred_probe_work_func+0x11c/0x180\n[ 31.084451] process_one_work+0x3ac/0x988\n[ 31.084643] worker_thread+0x398/0x694\n[ 31.084752] kthread+0x1bc/0x1c0\n[ 31.084848] ret_from_fork+0x10/0x20\n[ 31.084932] irq event stamp: 64549\n[ 31.084970] hardirqs last enabled at (64548): [\u003cffffffc081adf35c\u003e] _raw_spin_unlock_irqrestore+0x80/0x90\n[ 31.085157]\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35990",
"url": "https://www.suse.com/security/cve/CVE-2024-35990"
},
{
"category": "external",
"summary": "SUSE Bug 1224559 for CVE-2024-35990",
"url": "https://bugzilla.suse.com/1224559"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35990"
},
{
"cve": "CVE-2024-35991",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35991"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndmaengine: idxd: Convert spinlock to mutex to lock evl workqueue\n\ndrain_workqueue() cannot be called safely in a spinlocked context due to\npossible task rescheduling. In the multi-task scenario, calling\nqueue_work() while drain_workqueue() will lead to a Call Trace as\npushing a work on a draining workqueue is not permitted in spinlocked\ncontext.\n Call Trace:\n \u003cTASK\u003e\n ? __warn+0x7d/0x140\n ? __queue_work+0x2b2/0x440\n ? report_bug+0x1f8/0x200\n ? handle_bug+0x3c/0x70\n ? exc_invalid_op+0x18/0x70\n ? asm_exc_invalid_op+0x1a/0x20\n ? __queue_work+0x2b2/0x440\n queue_work_on+0x28/0x30\n idxd_misc_thread+0x303/0x5a0 [idxd]\n ? __schedule+0x369/0xb40\n ? __pfx_irq_thread_fn+0x10/0x10\n ? irq_thread+0xbc/0x1b0\n irq_thread_fn+0x21/0x70\n irq_thread+0x102/0x1b0\n ? preempt_count_add+0x74/0xa0\n ? __pfx_irq_thread_dtor+0x10/0x10\n ? __pfx_irq_thread+0x10/0x10\n kthread+0x103/0x140\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x31/0x50\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1b/0x30\n \u003c/TASK\u003e\n\nThe current implementation uses a spinlock to protect event log workqueue\nand will lead to the Call Trace due to potential task rescheduling.\n\nTo address the locking issue, convert the spinlock to mutex, allowing\nthe drain_workqueue() to be called in a safe mutex-locked context.\n\nThis change ensures proper synchronization when accessing the event log\nworkqueue, preventing potential Call Trace and improving the overall\nrobustness of the code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35991",
"url": "https://www.suse.com/security/cve/CVE-2024-35991"
},
{
"category": "external",
"summary": "SUSE Bug 1224553 for CVE-2024-35991",
"url": "https://bugzilla.suse.com/1224553"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35991"
},
{
"cve": "CVE-2024-35992",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35992"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nphy: marvell: a3700-comphy: Fix out of bounds read\n\nThere is an out of bounds read access of \u0027gbe_phy_init_fix[fix_idx].addr\u0027\nevery iteration after \u0027fix_idx\u0027 reaches \u0027ARRAY_SIZE(gbe_phy_init_fix)\u0027.\n\nMake sure \u0027gbe_phy_init[addr]\u0027 is used when all elements of\n\u0027gbe_phy_init_fix\u0027 array are handled.\n\nFound by Linux Verification Center (linuxtesting.org) with SVACE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35992",
"url": "https://www.suse.com/security/cve/CVE-2024-35992"
},
{
"category": "external",
"summary": "SUSE Bug 1224555 for CVE-2024-35992",
"url": "https://bugzilla.suse.com/1224555"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35992"
},
{
"cve": "CVE-2024-35995",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35995"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nACPI: CPPC: Use access_width over bit_width for system memory accesses\n\nTo align with ACPI 6.3+, since bit_width can be any 8-bit value, it\ncannot be depended on to be always on a clean 8b boundary. This was\nuncovered on the Cobalt 100 platform.\n\nSError Interrupt on CPU26, code 0xbe000011 -- SError\n CPU: 26 PID: 1510 Comm: systemd-udevd Not tainted 5.15.2.1-13 #1\n Hardware name: MICROSOFT CORPORATION, BIOS MICROSOFT CORPORATION\n pstate: 62400009 (nZCv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=--)\n pc : cppc_get_perf_caps+0xec/0x410\n lr : cppc_get_perf_caps+0xe8/0x410\n sp : ffff8000155ab730\n x29: ffff8000155ab730 x28: ffff0080139d0038 x27: ffff0080139d0078\n x26: 0000000000000000 x25: ffff0080139d0058 x24: 00000000ffffffff\n x23: ffff0080139d0298 x22: ffff0080139d0278 x21: 0000000000000000\n x20: ffff00802b251910 x19: ffff0080139d0000 x18: ffffffffffffffff\n x17: 0000000000000000 x16: ffffdc7e111bad04 x15: ffff00802b251008\n x14: ffffffffffffffff x13: ffff013f1fd63300 x12: 0000000000000006\n x11: ffffdc7e128f4420 x10: 0000000000000000 x9 : ffffdc7e111badec\n x8 : ffff00802b251980 x7 : 0000000000000000 x6 : ffff0080139d0028\n x5 : 0000000000000000 x4 : ffff0080139d0018 x3 : 00000000ffffffff\n x2 : 0000000000000008 x1 : ffff8000155ab7a0 x0 : 0000000000000000\n Kernel panic - not syncing: Asynchronous SError Interrupt\n CPU: 26 PID: 1510 Comm: systemd-udevd Not tainted\n5.15.2.1-13 #1\n Hardware name: MICROSOFT CORPORATION, BIOS MICROSOFT CORPORATION\n Call trace:\n dump_backtrace+0x0/0x1e0\n show_stack+0x24/0x30\n dump_stack_lvl+0x8c/0xb8\n dump_stack+0x18/0x34\n panic+0x16c/0x384\n add_taint+0x0/0xc0\n arm64_serror_panic+0x7c/0x90\n arm64_is_fatal_ras_serror+0x34/0xa4\n do_serror+0x50/0x6c\n el1h_64_error_handler+0x40/0x74\n el1h_64_error+0x7c/0x80\n cppc_get_perf_caps+0xec/0x410\n cppc_cpufreq_cpu_init+0x74/0x400 [cppc_cpufreq]\n cpufreq_online+0x2dc/0xa30\n cpufreq_add_dev+0xc0/0xd4\n subsys_interface_register+0x134/0x14c\n cpufreq_register_driver+0x1b0/0x354\n cppc_cpufreq_init+0x1a8/0x1000 [cppc_cpufreq]\n do_one_initcall+0x50/0x250\n do_init_module+0x60/0x27c\n load_module+0x2300/0x2570\n __do_sys_finit_module+0xa8/0x114\n __arm64_sys_finit_module+0x2c/0x3c\n invoke_syscall+0x78/0x100\n el0_svc_common.constprop.0+0x180/0x1a0\n do_el0_svc+0x84/0xa0\n el0_svc+0x2c/0xc0\n el0t_64_sync_handler+0xa4/0x12c\n el0t_64_sync+0x1a4/0x1a8\n\nInstead, use access_width to determine the size and use the offset and\nwidth to shift and mask the bits to read/write out. Make sure to add a\ncheck for system memory since pcc redefines the access_width to\nsubspace id.\n\nIf access_width is not set, then fall back to using bit_width.\n\n[ rjw: Subject and changelog edits, comment adjustments ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35995",
"url": "https://www.suse.com/security/cve/CVE-2024-35995"
},
{
"category": "external",
"summary": "SUSE Bug 1224557 for CVE-2024-35995",
"url": "https://bugzilla.suse.com/1224557"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35995"
},
{
"cve": "CVE-2024-35997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35997"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up\n\nThe flag I2C_HID_READ_PENDING is used to serialize I2C operations.\nHowever, this is not necessary, because I2C core already has its own\nlocking for that.\n\nMore importantly, this flag can cause a lock-up: if the flag is set in\ni2c_hid_xfer() and an interrupt happens, the interrupt handler\n(i2c_hid_irq) will check this flag and return immediately without doing\nanything, then the interrupt handler will be invoked again in an\ninfinite loop.\n\nSince interrupt handler is an RT task, it takes over the CPU and the\nflag-clearing task never gets scheduled, thus we have a lock-up.\n\nDelete this unnecessary flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35997",
"url": "https://www.suse.com/security/cve/CVE-2024-35997"
},
{
"category": "external",
"summary": "SUSE Bug 1224552 for CVE-2024-35997",
"url": "https://bugzilla.suse.com/1224552"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35997"
},
{
"cve": "CVE-2024-35999",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-35999"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb3: missing lock when picking channel\n\nCoverity spotted a place where we should have been holding the\nchannel lock when accessing the ses channel index.\n\nAddresses-Coverity: 1582039 (\"Data race condition (MISSING_LOCK)\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-35999",
"url": "https://www.suse.com/security/cve/CVE-2024-35999"
},
{
"category": "external",
"summary": "SUSE Bug 1224550 for CVE-2024-35999",
"url": "https://bugzilla.suse.com/1224550"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-35999"
},
{
"cve": "CVE-2024-36002",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36002"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndpll: fix dpll_pin_on_pin_register() for multiple parent pins\n\nIn scenario where pin is registered with multiple parent pins via\ndpll_pin_on_pin_register(..), all belonging to the same dpll device.\nA second call to dpll_pin_on_pin_unregister(..) would cause a call trace,\nas it tries to use already released registration resources (due to fix\nintroduced in b446631f355e). In this scenario pin was registered twice,\nso resources are not yet expected to be release until each registered\npin/pin pair is unregistered.\n\nCurrently, the following crash/call trace is produced when ice driver is\nremoved on the system with installed E810T NIC which includes dpll device:\n\nWARNING: CPU: 51 PID: 9155 at drivers/dpll/dpll_core.c:809 dpll_pin_ops+0x20/0x30\nRIP: 0010:dpll_pin_ops+0x20/0x30\nCall Trace:\n ? __warn+0x7f/0x130\n ? dpll_pin_ops+0x20/0x30\n dpll_msg_add_pin_freq+0x37/0x1d0\n dpll_cmd_pin_get_one+0x1c0/0x400\n ? __nlmsg_put+0x63/0x80\n dpll_pin_event_send+0x93/0x140\n dpll_pin_on_pin_unregister+0x3f/0x100\n ice_dpll_deinit_pins+0xa1/0x230 [ice]\n ice_remove+0xf1/0x210 [ice]\n\nFix by adding a parent pointer as a cookie when creating a registration,\nalso when searching for it. For the regular pins pass NULL, this allows to\ncreate separated registration for each parent the pin is registered with.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36002",
"url": "https://www.suse.com/security/cve/CVE-2024-36002"
},
{
"category": "external",
"summary": "SUSE Bug 1224546 for CVE-2024-36002",
"url": "https://bugzilla.suse.com/1224546"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36002"
},
{
"cve": "CVE-2024-36006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36006"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix incorrect list API usage\n\nBoth the function that migrates all the chunks within a region and the\nfunction that migrates all the entries within a chunk call\nlist_first_entry() on the respective lists without checking that the\nlists are not empty. This is incorrect usage of the API, which leads to\nthe following warning [1].\n\nFix by returning if the lists are empty as there is nothing to migrate\nin this case.\n\n[1]\nWARNING: CPU: 0 PID: 6437 at drivers/net/ethernet/mellanox/mlxsw/spectrum_acl_tcam.c:1266 mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0\u003e\nModules linked in:\nCPU: 0 PID: 6437 Comm: kworker/0:37 Not tainted 6.9.0-rc3-custom-00883-g94a65f079ef6 #39\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_sp_acl_tcam_vchunk_migrate_all+0x1f1/0x2c0\n[...]\nCall Trace:\n \u003cTASK\u003e\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x4a0\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36006",
"url": "https://www.suse.com/security/cve/CVE-2024-36006"
},
{
"category": "external",
"summary": "SUSE Bug 1224541 for CVE-2024-36006",
"url": "https://bugzilla.suse.com/1224541"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36006"
},
{
"cve": "CVE-2024-36007",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36007"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmlxsw: spectrum_acl_tcam: Fix warning during rehash\n\nAs previously explained, the rehash delayed work migrates filters from\none region to another. This is done by iterating over all chunks (all\nthe filters with the same priority) in the region and in each chunk\niterating over all the filters.\n\nWhen the work runs out of credits it stores the current chunk and entry\nas markers in the per-work context so that it would know where to resume\nthe migration from the next time the work is scheduled.\n\nUpon error, the chunk marker is reset to NULL, but without resetting the\nentry markers despite being relative to it. This can result in migration\nbeing resumed from an entry that does not belong to the chunk being\nmigrated. In turn, this will eventually lead to a chunk being iterated\nover as if it is an entry. Because of how the two structures happen to\nbe defined, this does not lead to KASAN splats, but to warnings such as\n[1].\n\nFix by creating a helper that resets all the markers and call it from\nall the places the currently only reset the chunk marker. For good\nmeasures also call it when starting a completely new rehash. Add a\nwarning to avoid future cases.\n\n[1]\nWARNING: CPU: 7 PID: 1076 at drivers/net/ethernet/mellanox/mlxsw/core_acl_flex_keys.c:407 mlxsw_afk_encode+0x242/0x2f0\nModules linked in:\nCPU: 7 PID: 1076 Comm: kworker/7:24 Tainted: G W 6.9.0-rc3-custom-00880-g29e61d91b77b #29\nHardware name: Mellanox Technologies Ltd. MSN3700/VMOD0005, BIOS 5.11 01/06/2019\nWorkqueue: mlxsw_core mlxsw_sp_acl_tcam_vregion_rehash_work\nRIP: 0010:mlxsw_afk_encode+0x242/0x2f0\n[...]\nCall Trace:\n \u003cTASK\u003e\n mlxsw_sp_acl_atcam_entry_add+0xd9/0x3c0\n mlxsw_sp_acl_tcam_entry_create+0x5e/0xa0\n mlxsw_sp_acl_tcam_vchunk_migrate_all+0x109/0x290\n mlxsw_sp_acl_tcam_vregion_rehash_work+0x6c/0x470\n process_one_work+0x151/0x370\n worker_thread+0x2cb/0x3e0\n kthread+0xd0/0x100\n ret_from_fork+0x34/0x50\n \u003c/TASK\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36007",
"url": "https://www.suse.com/security/cve/CVE-2024-36007"
},
{
"category": "external",
"summary": "SUSE Bug 1224543 for CVE-2024-36007",
"url": "https://bugzilla.suse.com/1224543"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36007"
},
{
"cve": "CVE-2024-36009",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36009"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nax25: Fix netdev refcount issue\n\nThe dev_tracker is added to ax25_cb in ax25_bind(). When the\nax25 device is detaching, the dev_tracker of ax25_cb should be\ndeallocated in ax25_kill_by_device() instead of the dev_tracker\nof ax25_dev. The log reported by ref_tracker is shown below:\n\n[ 80.884935] ref_tracker: reference already released.\n[ 80.885150] ref_tracker: allocated in:\n[ 80.885349] ax25_dev_device_up+0x105/0x540\n[ 80.885730] ax25_device_event+0xa4/0x420\n[ 80.885730] notifier_call_chain+0xc9/0x1e0\n[ 80.885730] __dev_notify_flags+0x138/0x280\n[ 80.885730] dev_change_flags+0xd7/0x180\n[ 80.885730] dev_ifsioc+0x6a9/0xa30\n[ 80.885730] dev_ioctl+0x4d8/0xd90\n[ 80.885730] sock_do_ioctl+0x1c2/0x2d0\n[ 80.885730] sock_ioctl+0x38b/0x4f0\n[ 80.885730] __se_sys_ioctl+0xad/0xf0\n[ 80.885730] do_syscall_64+0xc4/0x1b0\n[ 80.885730] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 80.885730] ref_tracker: freed in:\n[ 80.885730] ax25_device_event+0x272/0x420\n[ 80.885730] notifier_call_chain+0xc9/0x1e0\n[ 80.885730] dev_close_many+0x272/0x370\n[ 80.885730] unregister_netdevice_many_notify+0x3b5/0x1180\n[ 80.885730] unregister_netdev+0xcf/0x120\n[ 80.885730] sixpack_close+0x11f/0x1b0\n[ 80.885730] tty_ldisc_kill+0xcb/0x190\n[ 80.885730] tty_ldisc_hangup+0x338/0x3d0\n[ 80.885730] __tty_hangup+0x504/0x740\n[ 80.885730] tty_release+0x46e/0xd80\n[ 80.885730] __fput+0x37f/0x770\n[ 80.885730] __x64_sys_close+0x7b/0xb0\n[ 80.885730] do_syscall_64+0xc4/0x1b0\n[ 80.885730] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n[ 80.893739] ------------[ cut here ]------------\n[ 80.894030] WARNING: CPU: 2 PID: 140 at lib/ref_tracker.c:255 ref_tracker_free+0x47b/0x6b0\n[ 80.894297] Modules linked in:\n[ 80.894929] CPU: 2 PID: 140 Comm: ax25_conn_rel_6 Not tainted 6.9.0-rc4-g8cd26fd90c1a #11\n[ 80.895190] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qem4\n[ 80.895514] RIP: 0010:ref_tracker_free+0x47b/0x6b0\n[ 80.895808] Code: 83 c5 18 4c 89 eb 48 c1 eb 03 8a 04 13 84 c0 0f 85 df 01 00 00 41 83 7d 00 00 75 4b 4c 89 ff 9\n[ 80.896171] RSP: 0018:ffff888009edf8c0 EFLAGS: 00000286\n[ 80.896339] RAX: 1ffff1100141ac00 RBX: 1ffff1100149463b RCX: dffffc0000000000\n[ 80.896502] RDX: 0000000000000001 RSI: 0000000000000246 RDI: ffff88800a0d6518\n[ 80.896925] RBP: ffff888009edf9b0 R08: ffff88806d3288d3 R09: 1ffff1100da6511a\n[ 80.897212] R10: dffffc0000000000 R11: ffffed100da6511b R12: ffff88800a4a31d4\n[ 80.897859] R13: ffff88800a4a31d8 R14: dffffc0000000000 R15: ffff88800a0d6518\n[ 80.898279] FS: 00007fd88b7fe700(0000) GS:ffff88806d300000(0000) knlGS:0000000000000000\n[ 80.899436] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 80.900181] CR2: 00007fd88c001d48 CR3: 000000000993e000 CR4: 00000000000006f0\n...\n[ 80.935774] ref_tracker: sp%d@000000000bb9df3d has 1/1 users at\n[ 80.935774] ax25_bind+0x424/0x4e0\n[ 80.935774] __sys_bind+0x1d9/0x270\n[ 80.935774] __x64_sys_bind+0x75/0x80\n[ 80.935774] do_syscall_64+0xc4/0x1b0\n[ 80.935774] entry_SYSCALL_64_after_hwframe+0x67/0x6f\n\nChange ax25_dev-\u003edev_tracker to the dev_tracker of ax25_cb\nin order to mitigate the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36009",
"url": "https://www.suse.com/security/cve/CVE-2024-36009"
},
{
"category": "external",
"summary": "SUSE Bug 1224542 for CVE-2024-36009",
"url": "https://bugzilla.suse.com/1224542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36009"
},
{
"cve": "CVE-2024-36011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36011"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: HCI: Fix potential null-ptr-deref\n\nFix potential null-ptr-deref in hci_le_big_sync_established_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36011",
"url": "https://www.suse.com/security/cve/CVE-2024-36011"
},
{
"category": "external",
"summary": "SUSE Bug 1225579 for CVE-2024-36011",
"url": "https://bugzilla.suse.com/1225579"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36011"
},
{
"cve": "CVE-2024-36012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36012"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: msft: fix slab-use-after-free in msft_do_close()\n\nTying the msft-\u003edata lifetime to hdev by freeing it in\nhci_release_dev() to fix the following case:\n\n[use]\nmsft_do_close()\n msft = hdev-\u003emsft_data;\n if (!msft) ...(1) \u003c- passed.\n return;\n mutex_lock(\u0026msft-\u003efilter_lock); ...(4) \u003c- used after freed.\n\n[free]\nmsft_unregister()\n msft = hdev-\u003emsft_data;\n hdev-\u003emsft_data = NULL; ...(2)\n kfree(msft); ...(3) \u003c- msft is freed.\n\n==================================================================\nBUG: KASAN: slab-use-after-free in __mutex_lock_common\nkernel/locking/mutex.c:587 [inline]\nBUG: KASAN: slab-use-after-free in __mutex_lock+0x8f/0xc30\nkernel/locking/mutex.c:752\nRead of size 8 at addr ffff888106cbbca8 by task kworker/u5:2/309",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36012",
"url": "https://www.suse.com/security/cve/CVE-2024-36012"
},
{
"category": "external",
"summary": "SUSE Bug 1225502 for CVE-2024-36012",
"url": "https://bugzilla.suse.com/1225502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36012"
},
{
"cve": "CVE-2024-36013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect()\n\nExtend a critical section to prevent chan from early freeing.\nAlso make the l2cap_connect() return type void. Nothing is using the\nreturned value but it is ugly to return a potentially freed pointer.\nMaking it void will help with backports because earlier kernels did use\nthe return value. Now the compile will break for kernels where this\npatch is not a complete fix.\n\nCall stack summary:\n\n[use]\nl2cap_bredr_sig_cmd\n l2cap_connect\n mutex_lock(\u0026conn-\u003echan_lock);\n | chan = pchan-\u003eops-\u003enew_connection(pchan); \u003c- alloc chan\n | __l2cap_chan_add(conn, chan);\n | l2cap_chan_hold(chan);\n | list_add(\u0026chan-\u003elist, \u0026conn-\u003echan_l); ... (1)\n mutex_unlock(\u0026conn-\u003echan_lock);\n chan-\u003econf_state ... (4) \u003c- use after free\n\n[free]\nl2cap_conn_del\n mutex_lock(\u0026conn-\u003echan_lock);\n| foreach chan in conn-\u003echan_l: ... (2)\n| l2cap_chan_put(chan);\n| l2cap_chan_destroy\n| kfree(chan) ... (3) \u003c- chan freed\n mutex_unlock(\u0026conn-\u003echan_lock);\n\n==================================================================\nBUG: KASAN: slab-use-after-free in instrument_atomic_read\ninclude/linux/instrumented.h:68 [inline]\nBUG: KASAN: slab-use-after-free in _test_bit\ninclude/asm-generic/bitops/instrumented-non-atomic.h:141 [inline]\nBUG: KASAN: slab-use-after-free in l2cap_connect+0xa67/0x11a0\nnet/bluetooth/l2cap_core.c:4260\nRead of size 8 at addr ffff88810bf040a0 by task kworker/u3:1/311",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36013",
"url": "https://www.suse.com/security/cve/CVE-2024-36013"
},
{
"category": "external",
"summary": "SUSE Bug 1225578 for CVE-2024-36013",
"url": "https://bugzilla.suse.com/1225578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36013"
},
{
"cve": "CVE-2024-36014",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36014"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/arm/malidp: fix a possible null pointer dereference\n\nIn malidp_mw_connector_reset, new memory is allocated with kzalloc, but\nno check is performed. In order to prevent null pointer dereferencing,\nensure that mw_state is checked before calling\n__drm_atomic_helper_connector_reset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36014",
"url": "https://www.suse.com/security/cve/CVE-2024-36014"
},
{
"category": "external",
"summary": "SUSE Bug 1225593 for CVE-2024-36014",
"url": "https://bugzilla.suse.com/1225593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36014"
},
{
"cve": "CVE-2024-36015",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36015"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nppdev: Add an error check in register_device\n\nIn register_device, the return value of ida_simple_get is unchecked,\nin witch ida_simple_get will use an invalid index value.\n\nTo address this issue, index should be checked after ida_simple_get. When\nthe index value is abnormal, a warning message should be printed, the port\nshould be dropped, and the value should be recorded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36015",
"url": "https://www.suse.com/security/cve/CVE-2024-36015"
},
{
"category": "external",
"summary": "SUSE Bug 1225640 for CVE-2024-36015",
"url": "https://bugzilla.suse.com/1225640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36015"
},
{
"cve": "CVE-2024-36016",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36016"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntty: n_gsm: fix possible out-of-bounds in gsm0_receive()\n\nAssuming the following:\n- side A configures the n_gsm in basic option mode\n- side B sends the header of a basic option mode frame with data length 1\n- side A switches to advanced option mode\n- side B sends 2 data bytes which exceeds gsm-\u003elen\n Reason: gsm-\u003elen is not used in advanced option mode.\n- side A switches to basic option mode\n- side B keeps sending until gsm0_receive() writes past gsm-\u003ebuf\n Reason: Neither gsm-\u003estate nor gsm-\u003elen have been reset after\n reconfiguration.\n\nFix this by changing gsm-\u003ecount to gsm-\u003elen comparison from equal to less\nthan. Also add upper limit checks against the constant MAX_MRU in\ngsm0_receive() and gsm1_receive() to harden against memory corruption of\ngsm-\u003elen and gsm-\u003emru.\n\nAll other checks remain as we still need to limit the data according to the\nuser configuration and actual payload size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36016",
"url": "https://www.suse.com/security/cve/CVE-2024-36016"
},
{
"category": "external",
"summary": "SUSE Bug 1225642 for CVE-2024-36016",
"url": "https://bugzilla.suse.com/1225642"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36016"
},
{
"cve": "CVE-2024-36018",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36018"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnouveau/uvmm: fix addr/range calcs for remap operations\n\ndEQP-VK.sparse_resources.image_rebind.2d_array.r64i.128_128_8\nwas causing a remap operation like the below.\n\nop_remap: prev: 0000003fffed0000 00000000000f0000 00000000a5abd18a 0000000000000000\nop_remap: next:\nop_remap: unmap: 0000003fffed0000 0000000000100000 0\nop_map: map: 0000003ffffc0000 0000000000010000 000000005b1ba33c 00000000000e0000\n\nThis was resulting in an unmap operation from 0x3fffed0000+0xf0000, 0x100000\nwhich was corrupting the pagetables and oopsing the kernel.\n\nFixes the prev + unmap range calcs to use start/end and map back to addr/range.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36018",
"url": "https://www.suse.com/security/cve/CVE-2024-36018"
},
{
"category": "external",
"summary": "SUSE Bug 1225694 for CVE-2024-36018",
"url": "https://bugzilla.suse.com/1225694"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36018"
},
{
"cve": "CVE-2024-36019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36019"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: maple: Fix cache corruption in regcache_maple_drop()\n\nWhen keeping the upper end of a cache block entry, the entry[] array\nmust be indexed by the offset from the base register of the block,\ni.e. max - mas.index.\n\nThe code was indexing entry[] by only the register address, leading\nto an out-of-bounds access that copied some part of the kernel\nmemory over the cache contents.\n\nThis bug was not detected by the regmap KUnit test because it only\ntests with a block of registers starting at 0, so mas.index == 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36019",
"url": "https://www.suse.com/security/cve/CVE-2024-36019"
},
{
"category": "external",
"summary": "SUSE Bug 1225695 for CVE-2024-36019",
"url": "https://bugzilla.suse.com/1225695"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36019"
},
{
"cve": "CVE-2024-36020",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36020"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ni40e: fix vf may be used uninitialized in this function warning\n\nTo fix the regression introduced by commit 52424f974bc5, which causes\nservers hang in very hard to reproduce conditions with resets races.\nUsing two sources for the information is the root cause.\nIn this function before the fix bumping v didn\u0027t mean bumping vf\npointer. But the code used this variables interchangeably, so stale vf\ncould point to different/not intended vf.\n\nRemove redundant \"v\" variable and iterate via single VF pointer across\nwhole function instead to guarantee VF pointer validity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36020",
"url": "https://www.suse.com/security/cve/CVE-2024-36020"
},
{
"category": "external",
"summary": "SUSE Bug 1225698 for CVE-2024-36020",
"url": "https://bugzilla.suse.com/1225698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36020"
},
{
"cve": "CVE-2024-36021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: hns3: fix kernel crash when devlink reload during pf initialization\n\nThe devlink reload process will access the hardware resources,\nbut the register operation is done before the hardware is initialized.\nSo, processing the devlink reload during initialization may lead to kernel\ncrash. This patch fixes this by taking devl_lock during initialization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36021",
"url": "https://www.suse.com/security/cve/CVE-2024-36021"
},
{
"category": "external",
"summary": "SUSE Bug 1225699 for CVE-2024-36021",
"url": "https://bugzilla.suse.com/1225699"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36021"
},
{
"cve": "CVE-2024-36025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36025"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Fix off by one in qla_edif_app_getstats()\n\nThe app_reply-\u003eelem[] array is allocated earlier in this function and it\nhas app_req.num_ports elements. Thus this \u003e comparison needs to be \u003e= to\nprevent memory corruption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36025",
"url": "https://www.suse.com/security/cve/CVE-2024-36025"
},
{
"category": "external",
"summary": "SUSE Bug 1225704 for CVE-2024-36025",
"url": "https://bugzilla.suse.com/1225704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36025"
},
{
"cve": "CVE-2024-36026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11\n\nWhile doing multiple S4 stress tests, GC/RLC/PMFW get into\nan invalid state resulting into hard hangs.\n\nAdding a GFX reset as workaround just before sending the\nMP1_UNLOAD message avoids this failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36026",
"url": "https://www.suse.com/security/cve/CVE-2024-36026"
},
{
"category": "external",
"summary": "SUSE Bug 1225705 for CVE-2024-36026",
"url": "https://bugzilla.suse.com/1225705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36026"
},
{
"cve": "CVE-2024-36029",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36029"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmmc: sdhci-msm: pervent access to suspended controller\n\nGeneric sdhci code registers LED device and uses host-\u003eruntime_suspended\nflag to protect access to it. The sdhci-msm driver doesn\u0027t set this flag,\nwhich causes a crash when LED is accessed while controller is runtime\nsuspended. Fix this by setting the flag correctly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36029",
"url": "https://www.suse.com/security/cve/CVE-2024-36029"
},
{
"category": "external",
"summary": "SUSE Bug 1225708 for CVE-2024-36029",
"url": "https://bugzilla.suse.com/1225708"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36029"
},
{
"cve": "CVE-2024-36030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: fix the double free in rvu_npc_freemem()\n\nClang static checker(scan-build) warning:\ndrivers/net/ethernet/marvell/octeontx2/af/rvu_npc.c:line 2184, column 2\nAttempt to free released memory.\n\nnpc_mcam_rsrcs_deinit() has released \u0027mcam-\u003ecounters.bmap\u0027. Deleted this\nredundant kfree() to fix this double free problem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36030",
"url": "https://www.suse.com/security/cve/CVE-2024-36030"
},
{
"category": "external",
"summary": "SUSE Bug 1225712 for CVE-2024-36030",
"url": "https://bugzilla.suse.com/1225712"
},
{
"category": "external",
"summary": "SUSE Bug 1226326 for CVE-2024-36030",
"url": "https://bugzilla.suse.com/1226326"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-36030"
},
{
"cve": "CVE-2024-36032",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36032"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: fix info leak when fetching fw build id\n\nAdd the missing sanity checks and move the 255-byte build-id buffer off\nthe stack to avoid leaking stack data through debugfs in case the\nbuild-info reply is malformed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36032",
"url": "https://www.suse.com/security/cve/CVE-2024-36032"
},
{
"category": "external",
"summary": "SUSE Bug 1225720 for CVE-2024-36032",
"url": "https://bugzilla.suse.com/1225720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "low"
}
],
"title": "CVE-2024-36032"
},
{
"cve": "CVE-2024-36880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36880"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: qca: add missing firmware sanity checks\n\nAdd the missing sanity checks when parsing the firmware files before\ndownloading them to avoid accessing and corrupting memory beyond the\nvmalloced buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36880",
"url": "https://www.suse.com/security/cve/CVE-2024-36880"
},
{
"category": "external",
"summary": "SUSE Bug 1225722 for CVE-2024-36880",
"url": "https://bugzilla.suse.com/1225722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36880"
},
{
"cve": "CVE-2024-36885",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36885"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36885",
"url": "https://www.suse.com/security/cve/CVE-2024-36885"
},
{
"category": "external",
"summary": "SUSE Bug 1225728 for CVE-2024-36885",
"url": "https://bugzilla.suse.com/1225728"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36885"
},
{
"cve": "CVE-2024-36890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36890"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmm/slab: make __free(kfree) accept error pointers\n\nCurrently, if an automatically freed allocation is an error pointer that\nwill lead to a crash. An example of this is in wm831x_gpio_dbg_show().\n\n 171\tchar *label __free(kfree) = gpiochip_dup_line_label(chip, i);\n 172\tif (IS_ERR(label)) {\n 173\t\tdev_err(wm831x-\u003edev, \"Failed to duplicate label\\n\");\n 174\t\tcontinue;\n 175 }\n\nThe auto clean up function should check for error pointers as well,\notherwise we\u0027re going to keep hitting issues like this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36890",
"url": "https://www.suse.com/security/cve/CVE-2024-36890"
},
{
"category": "external",
"summary": "SUSE Bug 1225714 for CVE-2024-36890",
"url": "https://bugzilla.suse.com/1225714"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36890"
},
{
"cve": "CVE-2024-36891",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36891"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmaple_tree: fix mas_empty_area_rev() null pointer dereference\n\nCurrently the code calls mas_start() followed by mas_data_end() if the\nmaple state is MA_START, but mas_start() may return with the maple state\nnode == NULL. This will lead to a null pointer dereference when checking\ninformation in the NULL node, which is done in mas_data_end().\n\nAvoid setting the offset if there is no node by waiting until after the\nmaple state is checked for an empty or single entry state.\n\nA user could trigger the events to cause a kernel oops by unmapping all\nvmas to produce an empty maple tree, then mapping a vma that would cause\nthe scenario described above.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36891",
"url": "https://www.suse.com/security/cve/CVE-2024-36891"
},
{
"category": "external",
"summary": "SUSE Bug 1225710 for CVE-2024-36891",
"url": "https://bugzilla.suse.com/1225710"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36891"
},
{
"cve": "CVE-2024-36893",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36893"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: Check for port partner validity before consuming it\n\ntypec_register_partner() does not guarantee partner registration\nto always succeed. In the event of failure, port-\u003epartner is set\nto the error value or NULL. Given that port-\u003epartner validity is\nnot checked, this results in the following crash:\n\nUnable to handle kernel NULL pointer dereference at virtual address xx\n pc : run_state_machine+0x1bc8/0x1c08\n lr : run_state_machine+0x1b90/0x1c08\n..\n Call trace:\n run_state_machine+0x1bc8/0x1c08\n tcpm_state_machine_work+0x94/0xe4\n kthread_worker_fn+0x118/0x328\n kthread+0x1d0/0x23c\n ret_from_fork+0x10/0x20\n\nTo prevent the crash, check for port-\u003epartner validity before\nderefencing it in all the call sites.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36893",
"url": "https://www.suse.com/security/cve/CVE-2024-36893"
},
{
"category": "external",
"summary": "SUSE Bug 1225748 for CVE-2024-36893",
"url": "https://bugzilla.suse.com/1225748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36893"
},
{
"cve": "CVE-2024-36894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete\n\nFFS based applications can utilize the aio_cancel() callback to dequeue\npending USB requests submitted to the UDC. There is a scenario where the\nFFS application issues an AIO cancel call, while the UDC is handling a\nsoft disconnect. For a DWC3 based implementation, the callstack looks\nlike the following:\n\n DWC3 Gadget FFS Application\ndwc3_gadget_soft_disconnect() ...\n --\u003e dwc3_stop_active_transfers()\n --\u003e dwc3_gadget_giveback(-ESHUTDOWN)\n --\u003e ffs_epfile_async_io_complete() ffs_aio_cancel()\n --\u003e usb_ep_free_request() --\u003e usb_ep_dequeue()\n\nThere is currently no locking implemented between the AIO completion\nhandler and AIO cancel, so the issue occurs if the completion routine is\nrunning in parallel to an AIO cancel call coming from the FFS application.\nAs the completion call frees the USB request (io_data-\u003ereq) the FFS\napplication is also referencing it for the usb_ep_dequeue() call. This can\nlead to accessing a stale/hanging pointer.\n\ncommit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus consistently\")\nrelocated the usb_ep_free_request() into ffs_epfile_async_io_complete().\nHowever, in order to properly implement locking to mitigate this issue, the\nspinlock can\u0027t be added to ffs_epfile_async_io_complete(), as\nusb_ep_dequeue() (if successfully dequeuing a USB request) will call the\nfunction driver\u0027s completion handler in the same context. Hence, leading\ninto a deadlock.\n\nFix this issue by moving the usb_ep_free_request() back to\nffs_user_copy_worker(), and ensuring that it explicitly sets io_data-\u003ereq\nto NULL after freeing it within the ffs-\u003eeps_lock. This resolves the race\ncondition above, as the ffs_aio_cancel() routine will not continue\nattempting to dequeue a request that has already been freed, or the\nffs_user_copy_work() not freeing the USB request until the AIO cancel is\ndone referencing it.\n\nThis fix depends on\n commit b566d38857fc (\"usb: gadget: f_fs: use io_data-\u003estatus\n consistently\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36894",
"url": "https://www.suse.com/security/cve/CVE-2024-36894"
},
{
"category": "external",
"summary": "SUSE Bug 1225749 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1225749"
},
{
"category": "external",
"summary": "SUSE Bug 1226139 for CVE-2024-36894",
"url": "https://bugzilla.suse.com/1226139"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-36894"
},
{
"cve": "CVE-2024-36895",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36895"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: gadget: uvc: use correct buffer size when parsing configfs lists\n\nThis commit fixes uvc gadget support on 32-bit platforms.\n\nCommit 0df28607c5cb (\"usb: gadget: uvc: Generalise helper functions for\nreuse\") introduced a helper function __uvcg_iter_item_entries() to aid\nwith parsing lists of items on configfs attributes stores. This function\nis a generalization of another very similar function, which used a\nstack-allocated temporary buffer of fixed size for each item in the list\nand used the sizeof() operator to check for potential buffer overruns.\nThe new function was changed to allocate the now variably sized temp\nbuffer on heap, but wasn\u0027t properly updated to also check for max buffer\nsize using the computed size instead of sizeof() operator.\n\nAs a result, the maximum item size was 7 (plus null terminator) on\n64-bit platforms, and 3 on 32-bit ones. While 7 is accidentally just\nbarely enough, 3 is definitely too small for some of UVC configfs\nattributes. For example, dwFrameInteval, specified in 100ns units,\nusually has 6-digit item values, e.g. 166666 for 60fps.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36895",
"url": "https://www.suse.com/security/cve/CVE-2024-36895"
},
{
"category": "external",
"summary": "SUSE Bug 1225750 for CVE-2024-36895",
"url": "https://bugzilla.suse.com/1225750"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "low"
}
],
"title": "CVE-2024-36895"
},
{
"cve": "CVE-2024-36896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36896"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nUSB: core: Fix access violation during port device removal\n\nTesting with KASAN and syzkaller revealed a bug in port.c:disable_store():\nusb_hub_to_struct_hub() can return NULL if the hub that the port belongs to\nis concurrently removed, but the function does not check for this\npossibility before dereferencing the returned value.\n\nIt turns out that the first dereference is unnecessary, since hub-\u003eintfdev\nis the parent of the port device, so it can be changed easily. Adding a\ncheck for hub == NULL prevents further problems.\n\nThe same bug exists in the disable_show() routine, and it can be fixed the\nsame way.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36896",
"url": "https://www.suse.com/security/cve/CVE-2024-36896"
},
{
"category": "external",
"summary": "SUSE Bug 1225734 for CVE-2024-36896",
"url": "https://bugzilla.suse.com/1225734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36896"
},
{
"cve": "CVE-2024-36897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36897"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amd/display: Atom Integrated System Info v2_2 for DCN35\n\nNew request from KMD/VBIOS in order to support new UMA carveout\nmodel. This fixes a null dereference from accessing\nCtx-\u003edc_bios-\u003eintegrated_info while it was NULL.\n\nDAL parses through the BIOS and extracts the necessary\nintegrated_info but was missing a case for the new BIOS\nversion 2.3.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36897",
"url": "https://www.suse.com/security/cve/CVE-2024-36897"
},
{
"category": "external",
"summary": "SUSE Bug 1225735 for CVE-2024-36897",
"url": "https://bugzilla.suse.com/1225735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36897"
},
{
"cve": "CVE-2024-36898",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36898"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngpiolib: cdev: fix uninitialised kfifo\n\nIf a line is requested with debounce, and that results in debouncing\nin software, and the line is subsequently reconfigured to enable edge\ndetection then the allocation of the kfifo to contain edge events is\noverlooked. This results in events being written to and read from an\nuninitialised kfifo. Read events are returned to userspace.\n\nInitialise the kfifo in the case where the software debounce is\nalready active.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36898",
"url": "https://www.suse.com/security/cve/CVE-2024-36898"
},
{
"category": "external",
"summary": "SUSE Bug 1225736 for CVE-2024-36898",
"url": "https://bugzilla.suse.com/1225736"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36898"
},
{
"cve": "CVE-2024-36906",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36906"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nARM: 9381/1: kasan: clear stale stack poison\n\nWe found below OOB crash:\n\n[ 33.452494] ==================================================================\n[ 33.453513] BUG: KASAN: stack-out-of-bounds in refresh_cpu_vm_stats.constprop.0+0xcc/0x2ec\n[ 33.454660] Write of size 164 at addr c1d03d30 by task swapper/0/0\n[ 33.455515]\n[ 33.455767] CPU: 0 PID: 0 Comm: swapper/0 Tainted: G O 6.1.25-mainline #1\n[ 33.456880] Hardware name: Generic DT based system\n[ 33.457555] unwind_backtrace from show_stack+0x18/0x1c\n[ 33.458326] show_stack from dump_stack_lvl+0x40/0x4c\n[ 33.459072] dump_stack_lvl from print_report+0x158/0x4a4\n[ 33.459863] print_report from kasan_report+0x9c/0x148\n[ 33.460616] kasan_report from kasan_check_range+0x94/0x1a0\n[ 33.461424] kasan_check_range from memset+0x20/0x3c\n[ 33.462157] memset from refresh_cpu_vm_stats.constprop.0+0xcc/0x2ec\n[ 33.463064] refresh_cpu_vm_stats.constprop.0 from tick_nohz_idle_stop_tick+0x180/0x53c\n[ 33.464181] tick_nohz_idle_stop_tick from do_idle+0x264/0x354\n[ 33.465029] do_idle from cpu_startup_entry+0x20/0x24\n[ 33.465769] cpu_startup_entry from rest_init+0xf0/0xf4\n[ 33.466528] rest_init from arch_post_acpi_subsys_init+0x0/0x18\n[ 33.467397]\n[ 33.467644] The buggy address belongs to stack of task swapper/0/0\n[ 33.468493] and is located at offset 112 in frame:\n[ 33.469172] refresh_cpu_vm_stats.constprop.0+0x0/0x2ec\n[ 33.469917]\n[ 33.470165] This frame has 2 objects:\n[ 33.470696] [32, 76) \u0027global_zone_diff\u0027\n[ 33.470729] [112, 276) \u0027global_node_diff\u0027\n[ 33.471294]\n[ 33.472095] The buggy address belongs to the physical page:\n[ 33.472862] page:3cd72da8 refcount:1 mapcount:0 mapping:00000000 index:0x0 pfn:0x41d03\n[ 33.473944] flags: 0x1000(reserved|zone=0)\n[ 33.474565] raw: 00001000 ed741470 ed741470 00000000 00000000 00000000 ffffffff 00000001\n[ 33.475656] raw: 00000000\n[ 33.476050] page dumped because: kasan: bad access detected\n[ 33.476816]\n[ 33.477061] Memory state around the buggy address:\n[ 33.477732] c1d03c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00\n[ 33.478630] c1d03c80: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00\n[ 33.479526] \u003ec1d03d00: 00 04 f2 f2 f2 f2 00 00 00 00 00 00 f1 f1 f1 f1\n[ 33.480415] ^\n[ 33.481195] c1d03d80: 00 00 00 00 00 00 00 00 00 00 04 f3 f3 f3 f3 f3\n[ 33.482088] c1d03e00: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00\n[ 33.482978] ==================================================================\n\nWe find the root cause of this OOB is that arm does not clear stale stack\npoison in the case of cpuidle.\n\nThis patch refer to arch/arm64/kernel/sleep.S to resolve this issue.\n\nFrom cited commit [1] that explain the problem\n\nFunctions which the compiler has instrumented for KASAN place poison on\nthe stack shadow upon entry and remove this poison prior to returning.\n\nIn the case of cpuidle, CPUs exit the kernel a number of levels deep in\nC code. Any instrumented functions on this critical path will leave\nportions of the stack shadow poisoned.\n\nIf CPUs lose context and return to the kernel via a cold path, we\nrestore a prior context saved in __cpu_suspend_enter are forgotten, and\nwe never remove the poison they placed in the stack shadow area by\nfunctions calls between this and the actual exit of the kernel.\n\nThus, (depending on stackframe layout) subsequent calls to instrumented\nfunctions may hit this stale poison, resulting in (spurious) KASAN\nsplats to the console.\n\nTo avoid this, clear any stale poison from the idle thread for a CPU\nprior to bringing a CPU online.\n\nFrom cited commit [2]\n\nExtend to check for CONFIG_KASAN_STACK\n\n[1] commit 0d97e6d8024c (\"arm64: kasan: clear stale stack poison\")\n[2] commit d56a9ef84bd0 (\"kasan, arm64: unpoison stack only with CONFIG_KASAN_STACK\")",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36906",
"url": "https://www.suse.com/security/cve/CVE-2024-36906"
},
{
"category": "external",
"summary": "SUSE Bug 1225715 for CVE-2024-36906",
"url": "https://bugzilla.suse.com/1225715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 0,
"baseSeverity": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36906"
},
{
"cve": "CVE-2024-36918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36918"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check bloom filter map value size\n\nThis patch adds a missing check to bloom filter creating, rejecting\nvalues above KMALLOC_MAX_SIZE. This brings the bloom map in line with\nmany other map types.\n\nThe lack of this protection can cause kernel crashes for value sizes\nthat overflow int\u0027s. Such a crash was caught by syzkaller. The next\npatch adds more guard-rails at a lower level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36918",
"url": "https://www.suse.com/security/cve/CVE-2024-36918"
},
{
"category": "external",
"summary": "SUSE Bug 1225766 for CVE-2024-36918",
"url": "https://bugzilla.suse.com/1225766"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36918"
},
{
"cve": "CVE-2024-36921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36921"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: guard against invalid STA ID on removal\n\nGuard against invalid station IDs in iwl_mvm_mld_rm_sta_id as that would\nresult in out-of-bounds array accesses. This prevents issues should the\ndriver get into a bad state during error handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36921",
"url": "https://www.suse.com/security/cve/CVE-2024-36921"
},
{
"category": "external",
"summary": "SUSE Bug 1225769 for CVE-2024-36921",
"url": "https://bugzilla.suse.com/1225769"
},
{
"category": "external",
"summary": "SUSE Bug 1225850 for CVE-2024-36921",
"url": "https://bugzilla.suse.com/1225850"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-36921"
},
{
"cve": "CVE-2024-36922",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36922"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: read txq-\u003eread_ptr under lock\n\nIf we read txq-\u003eread_ptr without lock, we can read the same\nvalue twice, then obtain the lock, and reclaim from there\nto two different places, but crucially reclaim the same\nentry twice, resulting in the WARN_ONCE() a little later.\nFix that by reading txq-\u003eread_ptr under lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36922",
"url": "https://www.suse.com/security/cve/CVE-2024-36922"
},
{
"category": "external",
"summary": "SUSE Bug 1225805 for CVE-2024-36922",
"url": "https://bugzilla.suse.com/1225805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36922"
},
{
"cve": "CVE-2024-36928",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36928"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/qeth: Fix kernel panic after setting hsuid\n\nSymptom:\nWhen the hsuid attribute is set for the first time on an IQD Layer3\ndevice while the corresponding network interface is already UP,\nthe kernel will try to execute a napi function pointer that is NULL.\n\nExample:\n---------------------------------------------------------------------------\n[ 2057.572696] illegal operation: 0001 ilc:1 [#1] SMP\n[ 2057.572702] Modules linked in: af_iucv qeth_l3 zfcp scsi_transport_fc sunrpc nft_fib_inet nft_fib_ipv4 nft_fib_ipv6 nft_fib nft_reject_inet nf_reject_ipv4 nf_reject_ipv6\nnft_reject nft_ct nf_tables_set nft_chain_nat nf_nat nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 ip_set nf_tables libcrc32c nfnetlink ghash_s390 prng xts aes_s390 des_s390 de\ns_generic sha3_512_s390 sha3_256_s390 sha512_s390 vfio_ccw vfio_mdev mdev vfio_iommu_type1 eadm_sch vfio ext4 mbcache jbd2 qeth_l2 bridge stp llc dasd_eckd_mod qeth dasd_mod\n qdio ccwgroup pkey zcrypt\n[ 2057.572739] CPU: 6 PID: 60182 Comm: stress_client Kdump: loaded Not tainted 4.18.0-541.el8.s390x #1\n[ 2057.572742] Hardware name: IBM 3931 A01 704 (LPAR)\n[ 2057.572744] Krnl PSW : 0704f00180000000 0000000000000002 (0x2)\n[ 2057.572748] R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:3 CC:3 PM:0 RI:0 EA:3\n[ 2057.572751] Krnl GPRS: 0000000000000004 0000000000000000 00000000a3b008d8 0000000000000000\n[ 2057.572754] 00000000a3b008d8 cb923a29c779abc5 0000000000000000 00000000814cfd80\n[ 2057.572756] 000000000000012c 0000000000000000 00000000a3b008d8 00000000a3b008d8\n[ 2057.572758] 00000000bab6d500 00000000814cfd80 0000000091317e46 00000000814cfc68\n[ 2057.572762] Krnl Code:#0000000000000000: 0000 illegal\n \u003e0000000000000002: 0000 illegal\n 0000000000000004: 0000 illegal\n 0000000000000006: 0000 illegal\n 0000000000000008: 0000 illegal\n 000000000000000a: 0000 illegal\n 000000000000000c: 0000 illegal\n 000000000000000e: 0000 illegal\n[ 2057.572800] Call Trace:\n[ 2057.572801] ([\u003c00000000ec639700\u003e] 0xec639700)\n[ 2057.572803] [\u003c00000000913183e2\u003e] net_rx_action+0x2ba/0x398\n[ 2057.572809] [\u003c0000000091515f76\u003e] __do_softirq+0x11e/0x3a0\n[ 2057.572813] [\u003c0000000090ce160c\u003e] do_softirq_own_stack+0x3c/0x58\n[ 2057.572817] ([\u003c0000000090d2cbd6\u003e] do_softirq.part.1+0x56/0x60)\n[ 2057.572822] [\u003c0000000090d2cc60\u003e] __local_bh_enable_ip+0x80/0x98\n[ 2057.572825] [\u003c0000000091314706\u003e] __dev_queue_xmit+0x2be/0xd70\n[ 2057.572827] [\u003c000003ff803dd6d6\u003e] afiucv_hs_send+0x24e/0x300 [af_iucv]\n[ 2057.572830] [\u003c000003ff803dd88a\u003e] iucv_send_ctrl+0x102/0x138 [af_iucv]\n[ 2057.572833] [\u003c000003ff803de72a\u003e] iucv_sock_connect+0x37a/0x468 [af_iucv]\n[ 2057.572835] [\u003c00000000912e7e90\u003e] __sys_connect+0xa0/0xd8\n[ 2057.572839] [\u003c00000000912e9580\u003e] sys_socketcall+0x228/0x348\n[ 2057.572841] [\u003c0000000091514e1a\u003e] system_call+0x2a6/0x2c8\n[ 2057.572843] Last Breaking-Event-Address:\n[ 2057.572844] [\u003c0000000091317e44\u003e] __napi_poll+0x4c/0x1d8\n[ 2057.572846]\n[ 2057.572847] Kernel panic - not syncing: Fatal exception in interrupt\n-------------------------------------------------------------------------------------------\n\nAnalysis:\nThere is one napi structure per out_q: card-\u003eqdio.out_qs[i].napi\nThe napi.poll functions are set during qeth_open().\n\nSince\ncommit 1cfef80d4c2b (\"s390/qeth: Don\u0027t call dev_close/dev_open (DOWN/UP)\")\nqeth_set_offline()/qeth_set_online() no longer call dev_close()/\ndev_open(). So if qeth_free_qdio_queues() cleared\ncard-\u003eqdio.out_qs[i].napi.poll while the network interface was UP and the\ncard was offline, they are not set again.\n\nReproduction:\nchzdev -e $devno layer2=0\nip link set dev $network_interface up\necho 0 \u003e /sys/bus/ccw\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36928",
"url": "https://www.suse.com/security/cve/CVE-2024-36928"
},
{
"category": "external",
"summary": "SUSE Bug 1225775 for CVE-2024-36928",
"url": "https://bugzilla.suse.com/1225775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36928"
},
{
"cve": "CVE-2024-36930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36930"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix null pointer dereference within spi_sync\n\nIf spi_sync() is called with the non-empty queue and the same spi_message\nis then reused, the complete callback for the message remains set while\nthe context is cleared, leading to a null pointer dereference when the\ncallback is invoked from spi_finalize_current_message().\n\nWith function inlining disabled, the call stack might look like this:\n\n _raw_spin_lock_irqsave from complete_with_flags+0x18/0x58\n complete_with_flags from spi_complete+0x8/0xc\n spi_complete from spi_finalize_current_message+0xec/0x184\n spi_finalize_current_message from spi_transfer_one_message+0x2a8/0x474\n spi_transfer_one_message from __spi_pump_transfer_message+0x104/0x230\n __spi_pump_transfer_message from __spi_transfer_message_noqueue+0x30/0xc4\n __spi_transfer_message_noqueue from __spi_sync+0x204/0x248\n __spi_sync from spi_sync+0x24/0x3c\n spi_sync from mcp251xfd_regmap_crc_read+0x124/0x28c [mcp251xfd]\n mcp251xfd_regmap_crc_read [mcp251xfd] from _regmap_raw_read+0xf8/0x154\n _regmap_raw_read from _regmap_bus_read+0x44/0x70\n _regmap_bus_read from _regmap_read+0x60/0xd8\n _regmap_read from regmap_read+0x3c/0x5c\n regmap_read from mcp251xfd_alloc_can_err_skb+0x1c/0x54 [mcp251xfd]\n mcp251xfd_alloc_can_err_skb [mcp251xfd] from mcp251xfd_irq+0x194/0xe70 [mcp251xfd]\n mcp251xfd_irq [mcp251xfd] from irq_thread_fn+0x1c/0x78\n irq_thread_fn from irq_thread+0x118/0x1f4\n irq_thread from kthread+0xd8/0xf4\n kthread from ret_from_fork+0x14/0x28\n\nFix this by also setting message-\u003ecomplete to NULL when the transfer is\ncomplete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36930",
"url": "https://www.suse.com/security/cve/CVE-2024-36930"
},
{
"category": "external",
"summary": "SUSE Bug 1225830 for CVE-2024-36930",
"url": "https://bugzilla.suse.com/1225830"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36930"
},
{
"cve": "CVE-2024-36931",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36931"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/cio: Ensure the copied buf is NUL terminated\n\nCurrently, we allocate a lbuf-sized kernel buffer and copy lbuf from\nuserspace to that buffer. Later, we use scanf on this buffer but we don\u0027t\nensure that the string is terminated inside the buffer, this can lead to\nOOB read when using scanf. Fix this issue by using memdup_user_nul instead.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36931",
"url": "https://www.suse.com/security/cve/CVE-2024-36931"
},
{
"category": "external",
"summary": "SUSE Bug 1225747 for CVE-2024-36931",
"url": "https://bugzilla.suse.com/1225747"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36931"
},
{
"cve": "CVE-2024-36936",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36936"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefi/unaccepted: touch soft lockup during memory accept\n\nCommit 50e782a86c98 (\"efi/unaccepted: Fix soft lockups caused by\nparallel memory acceptance\") has released the spinlock so other CPUs can\ndo memory acceptance in parallel and not triggers softlockup on other\nCPUs.\n\nHowever the softlock up was intermittent shown up if the memory of the\nTD guest is large, and the timeout of softlockup is set to 1 second:\n\n RIP: 0010:_raw_spin_unlock_irqrestore\n Call Trace:\n ? __hrtimer_run_queues\n \u003cIRQ\u003e\n ? hrtimer_interrupt\n ? watchdog_timer_fn\n ? __sysvec_apic_timer_interrupt\n ? __pfx_watchdog_timer_fn\n ? sysvec_apic_timer_interrupt\n \u003c/IRQ\u003e\n ? __hrtimer_run_queues\n \u003cTASK\u003e\n ? hrtimer_interrupt\n ? asm_sysvec_apic_timer_interrupt\n ? _raw_spin_unlock_irqrestore\n ? __sysvec_apic_timer_interrupt\n ? sysvec_apic_timer_interrupt\n accept_memory\n try_to_accept_memory\n do_huge_pmd_anonymous_page\n get_page_from_freelist\n __handle_mm_fault\n __alloc_pages\n __folio_alloc\n ? __tdx_hypercall\n handle_mm_fault\n vma_alloc_folio\n do_user_addr_fault\n do_huge_pmd_anonymous_page\n exc_page_fault\n ? __do_huge_pmd_anonymous_page\n asm_exc_page_fault\n __handle_mm_fault\n\nWhen the local irq is enabled at the end of accept_memory(), the\nsoftlockup detects that the watchdog on single CPU has not been fed for\na while. That is to say, even other CPUs will not be blocked by\nspinlock, the current CPU might be stunk with local irq disabled for a\nwhile, which hurts not only nmi watchdog but also softlockup.\n\nChao Gao pointed out that the memory accept could be time costly and\nthere was similar report before. Thus to avoid any softlocup detection\nduring this stage, give the softlockup a flag to skip the timeout check\nat the end of accept_memory(), by invoking touch_softlockup_watchdog().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36936",
"url": "https://www.suse.com/security/cve/CVE-2024-36936"
},
{
"category": "external",
"summary": "SUSE Bug 1225773 for CVE-2024-36936",
"url": "https://bugzilla.suse.com/1225773"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "low"
}
],
"title": "CVE-2024-36936"
},
{
"cve": "CVE-2024-36940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: core: delete incorrect free in pinctrl_enable()\n\nThe \"pctldev\" struct is allocated in devm_pinctrl_register_and_init().\nIt\u0027s a devm_ managed pointer that is freed by devm_pinctrl_dev_release(),\nso freeing it in pinctrl_enable() will lead to a double free.\n\nThe devm_pinctrl_dev_release() function frees the pindescs and destroys\nthe mutex as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36940",
"url": "https://www.suse.com/security/cve/CVE-2024-36940"
},
{
"category": "external",
"summary": "SUSE Bug 1225840 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225840"
},
{
"category": "external",
"summary": "SUSE Bug 1225841 for CVE-2024-36940",
"url": "https://bugzilla.suse.com/1225841"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "important"
}
],
"title": "CVE-2024-36940"
},
{
"cve": "CVE-2024-36941",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36941"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: nl80211: don\u0027t free NULL coalescing rule\n\nIf the parsing fails, we can dereference a NULL pointer here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36941",
"url": "https://www.suse.com/security/cve/CVE-2024-36941"
},
{
"category": "external",
"summary": "SUSE Bug 1225835 for CVE-2024-36941",
"url": "https://bugzilla.suse.com/1225835"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36941"
},
{
"cve": "CVE-2024-36942",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36942"
}
],
"notes": [
{
"category": "general",
"text": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36942",
"url": "https://www.suse.com/security/cve/CVE-2024-36942"
},
{
"category": "external",
"summary": "SUSE Bug 1225843 for CVE-2024-36942",
"url": "https://bugzilla.suse.com/1225843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36942"
},
{
"cve": "CVE-2024-36944",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36944"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nReapply \"drm/qxl: simplify qxl_fence_wait\"\n\nThis reverts commit 07ed11afb68d94eadd4ffc082b97c2331307c5ea.\n\nStephen Rostedt reports:\n \"I went to run my tests on my VMs and the tests hung on boot up.\n Unfortunately, the most I ever got out was:\n\n [ 93.607888] Testing event system initcall: OK\n [ 93.667730] Running tests on all trace events:\n [ 93.669757] Testing all events: OK\n [ 95.631064] ------------[ cut here ]------------\n Timed out after 60 seconds\"\n\nand further debugging points to a possible circular locking dependency\nbetween the console_owner locking and the worker pool locking.\n\nReverting the commit allows Steve\u0027s VM to boot to completion again.\n\n[ This may obviously result in the \"[TTM] Buffer eviction failed\"\n messages again, which was the reason for that original revert. But at\n this point this seems preferable to a non-booting system... ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36944",
"url": "https://www.suse.com/security/cve/CVE-2024-36944"
},
{
"category": "external",
"summary": "SUSE Bug 1225847 for CVE-2024-36944",
"url": "https://bugzilla.suse.com/1225847"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36944"
},
{
"cve": "CVE-2024-36947",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36947"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nqibfs: fix dentry leak\n\nsimple_recursive_removal() drops the pinning references to all positives\nin subtree. For the cases when its argument has been kept alive by\nthe pinning alone that\u0027s exactly the right thing to do, but here\nthe argument comes from dcache lookup, that needs to be balanced by\nexplicit dput().\n\nFucked-up-by: Al Viro \u003cviro@zeniv.linux.org.uk\u003e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36947",
"url": "https://www.suse.com/security/cve/CVE-2024-36947"
},
{
"category": "external",
"summary": "SUSE Bug 1225856 for CVE-2024-36947",
"url": "https://bugzilla.suse.com/1225856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "low"
}
],
"title": "CVE-2024-36947"
},
{
"cve": "CVE-2024-36949",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36949"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\namd/amdkfd: sync all devices to wait all processes being evicted\n\nIf there are more than one device doing reset in parallel, the first\ndevice will call kfd_suspend_all_processes() to evict all processes\non all devices, this call takes time to finish. other device will\nstart reset and recover without waiting. if the process has not been\nevicted before doing recover, it will be restored, then caused page\nfault.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36949",
"url": "https://www.suse.com/security/cve/CVE-2024-36949"
},
{
"category": "external",
"summary": "SUSE Bug 1225894 for CVE-2024-36949",
"url": "https://bugzilla.suse.com/1225894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36949"
},
{
"cve": "CVE-2024-36950",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36950"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfirewire: ohci: mask bus reset interrupts between ISR and bottom half\n\nIn the FireWire OHCI interrupt handler, if a bus reset interrupt has\noccurred, mask bus reset interrupts until bus_reset_work has serviced and\ncleared the interrupt.\n\nNormally, we always leave bus reset interrupts masked. We infer the bus\nreset from the self-ID interrupt that happens shortly thereafter. A\nscenario where we unmask bus reset interrupts was introduced in 2008 in\na007bb857e0b26f5d8b73c2ff90782d9c0972620: If\nOHCI_PARAM_DEBUG_BUSRESETS (8) is set in the debug parameter bitmask, we\nwill unmask bus reset interrupts so we can log them.\n\nirq_handler logs the bus reset interrupt. However, we can\u0027t clear the bus\nreset event flag in irq_handler, because we won\u0027t service the event until\nlater. irq_handler exits with the event flag still set. If the\ncorresponding interrupt is still unmasked, the first bus reset will\nusually freeze the system due to irq_handler being called again each\ntime it exits. This freeze can be reproduced by loading firewire_ohci\nwith \"modprobe firewire_ohci debug=-1\" (to enable all debugging output).\nApparently there are also some cases where bus_reset_work will get called\nsoon enough to clear the event, and operation will continue normally.\n\nThis freeze was first reported a few months after a007bb85 was committed,\nbut until now it was never fixed. The debug level could safely be set\nto -1 through sysfs after the module was loaded, but this would be\nineffectual in logging bus reset interrupts since they were only\nunmasked during initialization.\n\nirq_handler will now leave the event flag set but mask bus reset\ninterrupts, so irq_handler won\u0027t be called again and there will be no\nfreeze. If OHCI_PARAM_DEBUG_BUSRESETS is enabled, bus_reset_work will\nunmask the interrupt after servicing the event, so future interrupts\nwill be caught as desired.\n\nAs a side effect to this change, OHCI_PARAM_DEBUG_BUSRESETS can now be\nenabled through sysfs in addition to during initial module loading.\nHowever, when enabled through sysfs, logging of bus reset interrupts will\nbe effective only starting with the second bus reset, after\nbus_reset_work has executed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36950",
"url": "https://www.suse.com/security/cve/CVE-2024-36950"
},
{
"category": "external",
"summary": "SUSE Bug 1225895 for CVE-2024-36950",
"url": "https://bugzilla.suse.com/1225895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36950"
},
{
"cve": "CVE-2024-36951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36951"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: range check cp bad op exception interrupts\n\nDue to a CP interrupt bug, bad packet garbage exception codes are raised.\nDo a range check so that the debugger and runtime do not receive garbage\ncodes.\nUpdate the user api to guard exception code type checking as well.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36951",
"url": "https://www.suse.com/security/cve/CVE-2024-36951"
},
{
"category": "external",
"summary": "SUSE Bug 1225896 for CVE-2024-36951",
"url": "https://bugzilla.suse.com/1225896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36951"
},
{
"cve": "CVE-2024-36955",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36955"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node()\n\nThe documentation for device_get_named_child_node() mentions this\nimportant point:\n\n\"\nThe caller is responsible for calling fwnode_handle_put() on the\nreturned fwnode pointer.\n\"\n\nAdd fwnode_handle_put() to avoid a leaked reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36955",
"url": "https://www.suse.com/security/cve/CVE-2024-36955"
},
{
"category": "external",
"summary": "SUSE Bug 1225810 for CVE-2024-36955",
"url": "https://bugzilla.suse.com/1225810"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "low"
}
],
"title": "CVE-2024-36955"
},
{
"cve": "CVE-2024-36959",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-36959"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map()\n\nIf we fail to allocate propname buffer, we need to drop the reference\ncount we just took. Because the pinctrl_dt_free_maps() includes the\ndroping operation, here we call it directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-36959",
"url": "https://www.suse.com/security/cve/CVE-2024-36959"
},
{
"category": "external",
"summary": "SUSE Bug 1225839 for CVE-2024-36959",
"url": "https://bugzilla.suse.com/1225839"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"SUSE Linux Enterprise Module for Public Cloud 15 SP6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:cluster-md-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:dlm-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:gfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-extra-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-livepatch-devel-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kernel-azure-optional-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-azure-vdso-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:kernel-devel-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-source-azure-6.4.0-150600.8.5.4.noarch",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.aarch64",
"openSUSE Leap 15.6:kernel-syms-azure-6.4.0-150600.8.5.1.x86_64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:kselftests-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:ocfs2-kmp-azure-6.4.0-150600.8.5.4.x86_64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.aarch64",
"openSUSE Leap 15.6:reiserfs-kmp-azure-6.4.0-150600.8.5.4.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-21T11:03:42Z",
"details": "moderate"
}
],
"title": "CVE-2024-36959"
}
]
}
suse-su-2024:2203-1
Vulnerability from csaf_suse
Published
2024-06-25 13:04
Modified
2024-06-25 13:04
Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to potentially crash the system (bsc#1209657).
- CVE-2023-52434: Fixed potential OOBs in smb2_parse_contexts() (bsc#1220148).
- CVE-2023-52458: Fixed check that partition length needs to be aligned with block size (bsc#1220428).
- CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in amdtee_close_session (bsc#1220915).
- CVE-2023-52618: Fixed string overflow in block/rnbd-srv (bsc#1221615).
- CVE-2023-52631: Fixed an NULL dereference bug (bsc#1222264 CVE-2023-52631).
- CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop] (bsc#1222294).
- CVE-2023-52640: Fixed out-of-bounds in ntfs_listxattr (bsc#1222301).
- CVE-2023-52641: Fixed NULL ptr dereference checking at the end of attr_allocate_frame() (bsc#1222303)
- CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd (bsc#1223033).
- CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device() (bsc#1223686).
- CVE-2023-52659: Fixed to pfn_to_kaddr() not treated as a 64-bit type (bsc#1224442).
- CVE-2023-52674: Add clamp() in scarlett2_mixer_ctl_put() (bsc#1224727).
- CVE-2023-52680: Fixed missing error checks to *_ctl_get() (bsc#1224608).
- CVE-2023-52692: Fixed missing error check to scarlett2_usb_set_config() (bsc#1224628).
- CVE-2023-52698: Fixed memory leak in netlbl_calipso_add_pass() (CVE-2023-52698 bsc#1224621)
- CVE-2023-52771: Fixed delete_endpoint() vs parent unregistration race (bsc#1225007).
- CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224989).
- CVE-2023-52860: Fixed null pointer dereference in hisi_hns3 (bsc#1224936).
- CVE-2023-6238: Fixed kcalloc() arguments order (bsc#1217384).
- CVE-2023-7042: Fixed a null-pointer-dereference in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
- CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
- CVE-2024-21823: Fixed safety flag to struct ends (bsc#1223625).
- CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security (bsc#1219170).
- CVE-2024-23848: Fixed media/cec for possible use-after-free in cec_queue_msg_fh (bsc#1219104).
- CVE-2024-24861: Fixed an overflow due to race condition in media/xc4000 device driver in xc4000 xc4000_get_frequency() function (bsc#1219623).
- CVE-2024-25739: Fixed possible crash in create_empty_lvol() in drivers/mtd/ubi/vtbl.c (bsc#1219834).
- CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay (bsc#1220342).
- CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks (bsc#1221293).
- CVE-2024-26632: Fixed iterating over an empty bio with bio_for_each_folio_all (bsc#1221635).
- CVE-2024-26638: Fixed uninitialize struct msghdr completely (bsc#1221649 CVE-2024-26638).
- CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter nf_tables (bsc#1221830).
- CVE-2024-26643: Fixed mark set as dead when unbinding anonymous set with timeout (bsc#1221829).
- CVE-2024-26654: Fixed use after free in ALSA/sh/aica (bsc#1222304).
- CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
- CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
- CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization (bsc#1222368).
- CVE-2024-26674: Revert to _ASM_EXTABLE_UA() for {get,put}_user() fixups (bsc#1222378).
- CVE-2024-26679: Fixed read sk->sk_family once in inet_recv_error() (bsc#1222385).
- CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA channels (bsc#1222445).
- CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write (bsc#1222437).
- CVE-2024-26692: Fixed regression in writes when non-standard maximum write size negotiated (bsc#1222464).
- CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len in ext4 (bsc#1222422).
- CVE-2024-26726: Fixed invalid drop extent_map for free space inode on write error (bsc#1222532)
- CVE-2024-26731: Fixed NULL pointer dereference in sk_psock_verdict_data_ready() (bsc#1222371).
- CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
- CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free and bpf_timer_cancel (bsc#1222557).
- CVE-2024-26740: Fixed use the backlog for mirred ingress (bsc#1222563).
- CVE-2024-26760: Fixed bio_put() for error case (bsc#1222596 cve-2024-267600).
- CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case (bsc#1222596).
- CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct aio_kiocb conversion (bsc#1222721).
- CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group in ext4_mb_find_by_goal() (bsc#1222613).
- CVE-2024-26773: Fixed ext4 block allocation from corrupted group in ext4_mb_try_best_found() (bsc#1222618).
- CVE-2024-26774: Fixed dividing by 0 in mb_update_avg_fragment_size() when block bitmap corrupt (bsc#1222622).
- CVE-2024-26775: Fixed potential deadlock at set_capacity (bsc#1222627).
- CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a wrong zone index (bsc#1222615).
- CVE-2024-26791: Fixed properly validate device names in btrfs (bsc#1222793)
- CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink() in gtp (bsc#1222428).
- CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in netlink (bsc#1222630).
- CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM hooks (bsc#1222801).
- CVE-2024-26815: Fixed improper TCA_TAPRIO_TC_ENTRY_INDEX check (bsc#1222635).
- CVE-2024-26816: Fixed relocations in .notes section when building with CONFIG_XEN_PV=y (bsc#1222624).
- CVE-2024-26822: Set correct id, uid and cruid for multiuser automounts (bsc#1223011).
- CVE-2024-26832: Fixed missing folio cleanup in writeback race path (bsc#1223007).
- CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for workstations (bsc#1222968).
- CVE-2024-26844: Fixed WARNING in _copy_from_iter (bsc#1223015).
- CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT (bsc#1223061).
- CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in ice_bridge_setlink() (bsc#1223051).
- CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry (bsc#1223052).
- CVE-2024-26857: Fixed geneve to make sure to pull inner header in geneve_rx() (bsc#1223058).
- CVE-2024-26860: Fixed a memory leak when rechecking the data (bsc#1223077).
- CVE-2024-26861: Fixed wireguard/receive annotate data-race around receiving_counter.counter (bsc#1223076).
- CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing (bsc#1223111).
- CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant spi_controller_put call (bsc#1223024).
- CVE-2024-26878: Fixed quota for potential NULL pointer dereference (bsc#1223060).
- CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08 devices (bsc#1223041).
- CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in ip_tunnel_rcv() (bsc#1223034).
- CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches (bsc#1223035).
- CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches (bsc#1223189).
- CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches (bsc#1223190).
- CVE-2024-26899: Fixed deadlock between bd_link_disk_holder and partition scan (bsc#1223045).
- CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent kernel-infoleak (bsc#1223198).
- CVE-2024-26906: Fixed invalid vsyscall page read for copy_from_kernel_nofault() (bsc#1223202).
- CVE-2024-26909: Fixed drm bridge use-after-free (bsc#1223143).
- CVE-2024-26921: Preserve kabi for sk_buff (bsc#1223138).
- CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223384).
- CVE-2024-26925: Release mutex after nft_gc_seq_end from abort path (bsc#1223390).
- CVE-2024-26928: Fix potential UAF in cifs_debug_files_proc_show() (bsc#1223532).
- CVE-2024-26945: Fixed nr_cpus < nr_iaa case (bsc#1223732).
- CVE-2024-26946: Fixed copy_from_kernel_nofault() to read from unsafe address (bsc#1223669).
- CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in dc_state_release (bsc#1223664).
- CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead of peer (bsc#1223661).
- CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead instead of empty list (bsc#1223660).
- CVE-2024-26958: Fixed UAF in direct writes (bsc#1223653).
- CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and swapoff() (bsc#1223655).
- CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value of zero (bsc#1223634).
- CVE-2024-26991: Fixed overflow lpage_info when checking attributes (bsc#1223695).
- CVE-2024-26993: Fixed fs/sysfs reference leak in sysfs_break_active_protection() (bsc#1223693).
- CVE-2024-27013: Fixed tun limit printing rate when illegal packet received by tun device (bsc#1223745).
- CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS (bsc#1223735).
- CVE-2024-27022: Fixed linking file vma until vma is fully initialized (bsc#1223774).
- CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts (bsc#1223790).
- CVE-2024-27036: Fixed writeback data corruption (bsc#1223810).
- CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure (bsc#1223827).
- CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists (bsc#1223822).
- CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
- CVE-2024-27389: Fixed pstore inode handling with d_invalidate() (bsc#1223705).
- CVE-2024-27395: Fixed Use-After-Free in ovs_ct_exit (bsc#1224098).
- CVE-2024-27396: Fixed Use-After-Free in gtp_dellink (bsc#1224096).
- CVE-2024-27401: Fixed user_length taken into account when fetching packet contents (bsc#1224181).
- CVE-2024-27408: Fixed race condition in dmaengine w-edma/eDMA (bsc#1224430).
- CVE-2024-27417: Fixed potential 'struct net' leak in inet6_rtm_getaddr() (bsc#1224721)
- CVE-2024-27418: Fixed memory leak in mctp_local_output (bsc#1224720)
- CVE-2024-27431: Fixed Zero-initialise xdp_rxq_info struct before running XDP program (bsc#1224718).
- CVE-2024-35852: Fixed memory leak when canceling rehash work (bsc#1224502).
- CVE-2024-35854: Fixed possible use-after-free during rehash (bsc#1224636).
- CVE-2024-35860: struct bpf_link and bpf_link_ops kABI workaround (bsc#1224531).
- CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1224766).
- CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1224764).
- CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1224763).
- CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1224765).
- CVE-2024-35865: Fixed potential UAF in smb2_is_valid_oplock_break() (bsc#1224668).
- CVE-2024-35866: Fixed potential UAF in cifs_dump_full_key() (bsc#1224667).
- CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1224664).
- CVE-2024-35868: Fixed potential UAF in cifs_stats_proc_write() (bsc#1224678).
- CVE-2024-35869: Guarantee refcounted children from parent session (bsc#1224679).
- CVE-2024-35870: Fixed UAF in smb2_reconnect_server() (bsc#1224672).
- CVE-2024-35872: Fixed GUP-fast succeeding on secretmem folios (bsc#1224530).
- CVE-2024-35877: Fixed VM_PAT handling in COW mappings (bsc#1224525).
- CVE-2024-35895: Fixed lock inversion deadlock in map delete elem (bsc#1224511).
- CVE-2024-35903: Fixed IP after emitting call depth accounting (bsc#1224493).
- CVE-2024-35905: Fixed int overflow for stack access size (bsc#1224488).
- CVE-2024-35917: Fixed Fix bpf_plt pointer arithmetic (bsc#1224481).
- CVE-2024-35921: Fixed oops when HEVC init fails (bsc#1224477).
- CVE-2024-35931: Fixed PCI error slot reset during RAS recovery (bsc#1224652).
- CVE-2024-35943: Fixed a null pointer dereference in omap_prm_domain_init (bsc#1224649).
- CVE-2024-35944: Fixed memcpy() run-time warning in dg_dispatch_as_host() (bsc#1224648).
- CVE-2024-35956: Fixed qgroup prealloc rsv leak in subvolume operations (bsc#1224674)
- CVE-2024-35964: Fixed not validating setsockopt user input (bsc#1224581).
- CVE-2024-35969: Fixed race condition between ipv6_get_ifaddr and ipv6_del_addr (bsc#1224580).
- CVE-2024-35991: Fixed kABI workaround for struct idxd_evl (bsc#1224553).
- CVE-2024-35999: Fixed missing lock when picking channel (bsc#1224550).
- CVE-2024-36006: Fixed incorrect list API usage (bsc#1224541).
- CVE-2024-36007: Fixed warning during rehash (bsc#1224543).
- CVE-2024-36030: Fixed the double free in rvu_npc_freemem() (bsc#1225712)
The following non-security bugs were fixed:
- 9p: add missing locking around taking dentry fid list (git-fixes)
- accel/ivpu: Fix deadlock in context_xa (git-fixes).
- ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes).
- ACPI: bus: Indicate support for _TFP thru _OSC (git-fixes).
- ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git-fixes).
- ACPICA: debugger: check status of acpi_evaluate_object() in acpi_db_walk_for_fields() (git-fixes).
- ACPI: CPPC: Fix access width used for PCC registers (git-fixes).
- ACPI: CPPC: Fix bit_offset shift in MASK_VAL() macro (git-fixes).
- ACPI: CPPC: Use access_width over bit_width for system memory accesses (stable-fixes).
- ACPI: disable -Wstringop-truncation (git-fixes).
- ACPI: Fix Generic Initiator Affinity _OSC bit (git-fixes).
- ACPI: LPSS: Advertise number of chip selects via property (git-fixes).
- ACPI: resource: Add Infinity laptops to irq1_edge_low_force_override (stable-fixes).
- ACPI: resource: Do IRQ override on Lunnen Ground laptops (stable-fixes).
- ACPI: scan: Do not increase dep_unmet for already met dependencies (git-fixes).
- ACPI: video: Add backlight=native quirk for Lenovo Slim 7 16ARH7 (bsc#1217750).
- ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS (stable-fixes).
- Add alt-commit to a nouveau patch
- Add reference to L3 bsc#1225765 in BPF control flow graph and precision backtrack fixes (bsc#1225756) The L3 bsc#1225765 was created seperately since our customer requires PTF.
- admin-guide/hw-vuln/core-scheduling: fix return type of PR_SCHED_CORE_GET (git-fixes).
- ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
- ahci: asm1064: correct count of reported ports (stable-fixes).
- ALSA: aoa: avoid false-positive format truncation warning (git-fixes).
- ALSA: core: Fix NULL module pointer assignment at card init (git-fixes).
- ALSA: core: Remove debugfs at disconnection (git-fixes).
- ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block counter (stable-fixes).
- ALSA: Fix deadlocks with kctl removals at disconnection (stable-fixes).
- ALSA: hda: Add Intel BMG PCI ID and HDMI codec vid (stable-fixes).
- ALSA: hda: clarify Copyright information (stable-fixes).
- ALSA: hda: cs35l41: Add support for ASUS ROG 2024 Laptops (stable-fixes).
- ALSA: hda: cs35l41: Ignore errors when configuring IRQs (stable-fixes).
- ALSA: hda: cs35l41: Remove redundant argument to cs35l41_request_firmware_file() (stable-fixes).
- ALSA: hda: cs35l41: Remove Speaker ID for Lenovo Legion slim 7 16ARHA7 (git-fixes).
- ALSA: hda: cs35l41: Set the max PCM Gain using tuning setting (stable-fixes).
- ALSA: hda: cs35l41: Support HP Omen models without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Support Lenovo 13X laptop without _DSD (stable-fixes).
- ALSA: hda: cs35l41: Update DSP1RX5/6 Sources for DSP config (stable-fixes).
- ALSA: hda: cs35l56: Add ACPI device match tables (git-fixes).
- ALSA: hda: cs35l56: Exit cache-only after cs35l56_wait_for_firmware_boot() (stable-fixes).
- ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance (git-fixes).
- ALSA: hda: cs35l56: Set the init_done flag before component_add() (git-fixes).
- ALSA: hda/cs_dsp_ctl: Use private_free for control cleanup (git-fixes).
- ALSA: hda: hda_cs_dsp_ctl: Remove notification of driver write (stable-fixes).
- ALSA: hda: intel-dsp-config: harden I2C/I2S codec detection (stable-fixes).
- ALSA/hda: intel-dsp-config: reduce log verbosity (git-fixes).
- ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-fixes).
- ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
- ALSA: hda/realtek: Add quirk for HP Spectre x360 14 eu0000 (stable-fixes).
- ALSA: hda/realtek: Add quirks for ASUS Laptops using CS35L56 (stable-fixes).
- ALSA: hda/realtek: Add quirks for HP Omen models using CS35L41 (stable-fixes).
- ALSA: hda/realtek: Add quirks for Huawei Matebook D14 NBLB-WAX9N (stable-fixes).
- ALSA: hda/realtek: Add quirks for Lenovo 13X (stable-fixes).
- ALSA: hda/realtek: Add quirks for some Clevo laptops (stable-fixes).
- ALSA: hda/realtek: Add sound quirks for Lenovo Legion slim 7 16ARHA7 models (stable-fixes).
- ALSA: hda/realtek: Add support for ASUS Zenbook 2024 HN7306W (stable-fixes).
- ALSA: hda/realtek: Adjust G814JZR to use SPI init for amp (git-fixes).
- ALSA: hda/realtek: cs35l41: Support ASUS ROG G634JYR (stable-fixes).
- ALSA: hda/realtek: Drop doubly quirk entry for 103c:8a2e (git-fixes).
- ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC (stable-fixes).
- ALSA: hda/realtek: Enable headset mic of JP-IK LEAP W502 with ALC897 (stable-fixes).
- ALSA: hda/realtek: Fix build error without CONFIG_PM (stable-fixes).
- ALSA: hda/realtek: Fix conflicting PCI SSID 17aa:386f for Lenovo Legion models (bsc#1223462).
- ALSA: hda/realtek - fixed headset Mic not show (stable-fixes).
- ALSA: hda/realtek: Fixes for Asus GU605M and GA403U sound (stable-fixes).
- ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
- ALSA: hda/realtek: Fix internal speakers for Legion Y9000X 2022 IAH7 (stable-fixes).
- ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
- ALSA: hda/realtek: fix mute/micmute LEDs do not work for ProBook 440/460 G11 (stable-fixes).
- ALSA: hda/realtek: fix the hp playback volume issue for LG machines (stable-fixes).
- ALSA: hda/realtek: Fix volumn control of ThinkBook 16P Gen4 (git-fixes).
- ALSA: hda/realtek - Set GPIO3 to default at S4 state for Thinkpad with ALC1318 (stable-fixes).
- ALSA: hda/realtek: Update Panasonic CF-SZ6 quirk to support headset with microphone (git-fixes).
- ALSA: hda/tas2781: add locks to kcontrols (git-fixes).
- ALSA: hda/tas2781: Add new vendor_id and subsystem_id to support ThinkPad ICE-1 (stable-fixes).
- ALSA: hda/tas2781: correct the register for pow calibrated data (git-fixes).
- ALSA: hda/tas2781: remove digital gain kcontrol (git-fixes).
- ALSA: line6: Zero-initialize message buffers (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-fixes).
- ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-fixes).
- ALSA: scarlett2: Add missing error check to scarlett2_config_save() (git-fixes).
- ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
- ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
- ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
- ALSA: seq: Do not clear bank selection at event -> UMP MIDI2 conversion (git-fixes).
- ALSA: seq: Fix incorrect UMP type for system messages (git-fixes).
- ALSA: seq: Fix missing bank setup between MIDI1/MIDI2 UMP conversion (git-fixes).
- ALSA: seq: Fix yet another spot for system message conversion (git-fixes).
- ALSA: seq: ump: Fix conversion from MIDI2 to MIDI1 UMP messages (git-fixes).
- ALSA: seq: ump: Fix swapped song position pointer data (git-fixes).
- ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs (git-fixes).
- ALSA: timer: Set lower bound of start tick time (stable-fixes).
- ALSA: ump: Do not accept an invalid UMP protocol number (git-fixes).
- ALSA: ump: Do not clear bank selection after sending a program change (git-fixes).
- ALSA: ump: Set default protocol when not given explicitly (git-fixes).
- ALSA: usb-audio: Add sampling rates support for Mbox3 (stable-fixes).
- ALSA: usb-audio: Fix for sampling rates support for Mbox3 (stable-fixes).
- amd/amdkfd: sync all devices to wait all processes being evicted (stable-fixes).
- amdkfd: use calloc instead of kzalloc to avoid integer overflow (stable-fixes).
- arm64: bpf: fix 32bit unconditional bswap (git-fixes).
- arm64: dts: allwinner: h616: Fix I2C0 pins (git-fixes)
- arm64: dts: allwinner: Pine H64: correctly remove reg_gmac_3v3 (git-fixes)
- arm64: dts: broadcom: bcmbca: bcm4908: drop invalid switch cells (git-fixes)
- arm64: dts: Fix dtc interrupt_provider warnings (git-fixes)
- arm64: dts: hi3798cv200: fix the size of GICR (git-fixes)
- arm64: dts: imx8qm-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usb lpcg indices (git-fixes)
- arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
- arm64: dts: imx8-ss-dma: fix adc lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix can lpcg indices (git-fixes)
- arm64: dts: imx8-ss-dma: fix spi lpcg indices (git-fixes)
- arm64: dts: imx8-ss-lsio: fix pwm lpcg indices (git-fixes)
- arm64: dts: marvell: reorder crypto interrupts on Armada SoCs (git-fixes)
- arm64: dts: microchip: sparx5: fix mdio reg (git-fixes)
- arm64: dts: rockchip: Add enable-strobe-pulldown to emmc phy on ROCK (git-fixes)
- arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
- arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-fixes)
- arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
- arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
- arm64: dts: rockchip: regulator for sd needs to be always on for (git-fixes)
- arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-fixes)
- arm64: dts: rockchip: set PHY address of MT7531 switch to 0x1f (git-fixes)
- arm64/head: Disable MMU at EL2 before clearing HCR_EL2.E2H (git-fixes).
- arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
- arm64/ptrace: Use saved floating point state type to determine SVE (git-fixes)
- arm64/sve: Lower the maximum allocation for the SVE ptrace regset (git-fixes)
- arm64: tegra: Correct Tegra132 I2C alias (git-fixes)
- arm64: tegra: Set the correct PHY mode for MGBE (git-fixes)
- ARM: 9381/1: kasan: clear stale stack poison (git-fixes).
- ARM: imx: Check return value of devm_kasprintf in imx_mmdc_perf_init (git-fixes).
- ARM: imx_v6_v7_defconfig: Restore CONFIG_BACKLIGHT_CLASS_DEVICE (git-fixes).
- ARM: OMAP2+: fix N810 MMC gpiod table (git-fixes).
- ARM: OMAP2+: fix USB regression on Nokia N8x0 (git-fixes).
- arm_pmu: acpi: Add a representative platform device for TRBE (bsc#1220587)
- arm_pmu: acpi: Refactor arm_spe_acpi_register_device() (bsc#1220587)
- ARM: prctl: reject PR_SET_MDWE on pre-ARMv6 (stable-fixes).
- ARM: s5pv210: fix pm.c kernel-doc warning (git-fixes).
- asm-generic: make sparse happy with odd-sized put_unaligned_*() (stable-fixes).
- ASoC: acp: Support microphone from device Acer 315-24p (git-fixes).
- ASoC: amd: acp: fix for acp_init function error handling (git-fixes).
- ASoC: amd: yc: Add Lenovo ThinkBook 21J0 into DMI quirk table (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on ASUS M7600RE (stable-fixes).
- ASoC: amd: yc: Fix non-functional mic on Lenovo 21J2 (stable-fixes).
- ASoC: amd: yc: Revert 'Fix non-functional mic on Lenovo 21J2' (stable-fixes).
- ASoC: codecs: wsa881x: set clk_stop_mode1 flag (git-fixes).
- ASoC: cs35l56: Fix unintended bus access while resetting amp (git-fixes).
- ASoC: cs35l56: Prevent overwriting firmware ASP config (git-fixes).
- ASoC: da7219-aad: fix usage of device_get_named_child_node() (git-fixes).
- ASoC: Intel: avs: Fix ASRC module initialization (git-fixes).
- ASoC: Intel: avs: Fix potential integer overflow (git-fixes).
- ASoC: Intel: avs: Populate board selection with new I2S entries (stable-fixes).
- ASoC: Intel: avs: Set name of control as in topology (git-fixes).
- ASoC: Intel: avs: ssm4567: Do not ignore route checks (git-fixes).
- ASoC: Intel: avs: Test result of avs_get_module_entry() (git-fixes).
- ASoC: Intel: bytcr_rt5640: Apply Asus T100TA quirk to Asus T100TAM too (git-fixes).
- ASoC: Intel: common: DMI remap for rebranded Intel NUC M15 (LAPRC710) laptops (stable-fixes).
- ASoC: Intel: Disable route checks for Skylake boards (git-fixes).
- ASoC: kirkwood: Fix potential NULL dereference (git-fixes).
- ASoC: mediatek: Assign dummy when codec not specified for a DAI link (git-fixes).
- ASoC: mediatek: mt8192: fix register configuration for tdm (git-fixes).
- ASoC: meson: axg-card: make links nonatomic (git-fixes).
- ASoC: meson: axg-fifo: use FIELD helpers (stable-fixes).
- ASoC: meson: axg-fifo: use threaded irq to check periods (git-fixes).
- ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
- ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
- ASoC: ops: Fix wraparound for mask in snd_soc_get_volsw (git-fixes).
- ASoC: rockchip: i2s-tdm: Fix inaccurate sampling rates (git-fixes).
- ASoC: rt5645: Fix the electric noise due to the CBJ contacts floating (git-fixes).
- ASoC: rt5645: Make LattePanda board DMI match more precise (stable-fixes).
- ASoC: rt5682-sdw: fix locking sequence (git-fixes).
- ASoC: rt711-sdca: fix locking sequence (git-fixes).
- ASoC: rt711-sdw: fix locking sequence (git-fixes).
- ASoC: rt712-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: rt715: add vendor clear control register (git-fixes).
- ASoC: rt715-sdca: volume step modification (git-fixes).
- ASoC: rt722-sdca: add headset microphone vrefo setting (git-fixes).
- ASoC: rt722-sdca: modify channel number to support 4 channels (git-fixes).
- ASoC: rt722-sdca-sdw: fix locking sequence (git-fixes).
- ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
- ASoC: SOF: amd: Optimize quirk for Valve Galileo (stable-fixes).
- ASoC: SOF: Intel: add default firmware library path for LNL (git-fixes).
- ASoC: SOF: Intel: hda-dsp: Skip IMR boot on ACE platforms in case of S3 suspend (stable-fixes).
- ASoC: SOF: Intel: lnl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: call dsp dump when boot retry fails (stable-fixes).
- ASoC: SOF: Intel: mtl: Correct rom_status_reg (git-fixes).
- ASoC: SOF: Intel: mtl: Disable interrupts when firmware boot failed (git-fixes).
- ASoC: SOF: Intel: mtl: Implement firmware boot state check (git-fixes).
- ASoC: SOF: ipc4-pcm: Workaround for crashed firmware on system suspend (stable-fixes).
- ASoC: SOF: ipc4-topology: Fix input format query of process modules without base extension (git-fixes).
- ASoC: tas2552: Add TX path for capturing AUDIO-OUT data (git-fixes).
- ASoC: tas2781: Fix a warning reported by robot kernel test (git-fixes).
- ASoC: tas2781: Fix wrong loading calibrated data sequence (git-fixes).
- ASoC: tas2781: mark dvc_tlv with __maybe_unused (git-fixes).
- ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
- ASoC: ti: Convert Pandora ASoC to GPIO descriptors (stable-fixes).
- ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
- ASoC: tlv320adc3xxx: Do not strip remove function when driver is builtin (git-fixes).
- ASoC: tracing: Export SND_SOC_DAPM_DIR_OUT to its value (git-fixes).
- ASoC: wm_adsp: Add missing MODULE_DESCRIPTION() (git-fixes).
- ASoC: wm_adsp: Fix missing mutex_lock in wm_adsp_write_ctl() (git-fixes).
- ata: libata-core: Allow command duration limits detection for ACS-4 drives (git-fixes).
- ata: pata_legacy: make legacy_exit() work again (git-fixes).
- ata: sata_gemini: Check clk_enable() result (stable-fixes).
- ata: sata_mv: Fix PCI device ID table declaration compilation warning (git-fixes).
- ata: sata_sx4: fix pdc20621_get_from_dimm() on 64-bit (git-fixes).
- autofs: use wake_up() instead of wake_up_interruptible(() (bsc#1224166).
- ax25: Fix netdev refcount issue (git-fixes).
- ax25: Fix reference count leak issue of net_device (git-fixes).
- ax25: Fix reference count leak issues of ax25_dev (git-fixes).
- ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
- batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
- bitops: add missing prototype check (git-fixes).
- blk-cgroup: fix list corruption from reorder of WRITE ->lqueued (bsc#1225605).
- blk-cgroup: fix list corruption from resetting io stat (bsc#1225605).
- block: fix q->blkg_list corruption during disk rebind (bsc#1223591).
- Bluetooth: Add new quirk for broken read key length on ATS2851 (stable-fixes).
- Bluetooth: add quirk for broken address properties (git-fixes).
- Bluetooth: btintel: Fixe build regression (git-fixes).
- Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-fixes).
- Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-fixes).
- Bluetooth: btusb: Fix triggering coredump implementation for QCA (git-fixes).
- Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
- Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
- Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-fixes).
- Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout (git-fixes).
- Bluetooth: hci_core: Cancel request on command timeout (stable-fixes).
- Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
- Bluetooth: hci_event: set the conn encrypted before conn establishes (stable-fixes).
- Bluetooth: HCI: Fix potential null-ptr-deref (git-fixes).
- Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: hci_sync: Fix not checking error on hci_cmd_sync_cancel_sync (git-fixes).
- Bluetooth: hci_sync: Fix using the same interval and window for Coded PHY (git-fixes).
- Bluetooth: hci_sync: Use QoS to determine which PHY to scan (stable-fixes).
- Bluetooth: ISO: Align broadcast sync_timeout with connection timeout (stable-fixes).
- Bluetooth: ISO: Do not reject BT_ISO_QOS if parameters are unset (git-fixes).
- Bluetooth: l2cap: Do not double set the HCI_CONN_MGMT_CONNECTED bit (git-fixes).
- Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: l2cap: fix null-ptr-deref in l2cap_chan_timeout (git-fixes).
- Bluetooth: L2CAP: Fix slab-use-after-free in l2cap_connect() (git-fixes).
- Bluetooth: MGMT: Fix failing to MGMT_OP_ADD_UUID/MGMT_OP_REMOVE_UUID (bsc#1221504).
- Bluetooth: mgmt: Fix limited discoverable off timeout (stable-fixes).
- Bluetooth: msft: fix slab-use-after-free in msft_do_close() (git-fixes).
- Bluetooth: qca: add missing firmware sanity checks (git-fixes).
- Bluetooth: qca: fix device-address endianness (git-fixes).
- Bluetooth: qca: Fix error code in qca_read_fw_build_info() (git-fixes).
- Bluetooth: qca: fix firmware check error path (git-fixes).
- Bluetooth: qca: fix info leak when fetching fw build id (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev setup (git-fixes).
- Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
- Bluetooth: qca: fix NVM configuration parsing (git-fixes).
- Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
- Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
- bnx2x: Fix firmware version string character counts (git-fixes).
- bnxt_en: Fix error recovery for RoCE ulp client (git-fixes).
- bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() (git-fixes).
- bnxt_en: Reset PTP tx_avail after possible firmware reset (git-fixes).
- bnxt_re: avoid shift undefined behavior in bnxt_qplib_alloc_init_hwq (git-fixes)
- bootconfig: Fix the kerneldoc of _xbc_exit() (git-fixes).
- bootconfig: use memblock_free_late to free xbc memory to buddy (git-fixes).
- bootmem: use kmemleak_free_part_phys in free_bootmem_page (git-fixes).
- bootmem: use kmemleak_free_part_phys in put_page_bootmem (git-fixes).
- bpf, arm64: fix bug in BPF_LDX_MEMSX (git-fixes)
- bpf, arm64: Fix incorrect runtime stats (git-fixes)
- bpf: fix precision backtracking instruction iteration (bsc#1225756).
- bpf: Fix precision tracking for BPF_ALU | BPF_TO_BE | BPF_END (git-fixes).
- bpf: handle ldimm64 properly in check_cfg() (bsc#1225756).
- bpf, scripts: Correct GPL license name (git-fixes).
- btrfs: add a helper to read the superblock metadata_uuid (git-fixes)
- btrfs: add and use helper to check if block group is used (bsc#1220120).
- btrfs: add missing mutex_unlock in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: add new unused block groups to the list of unused block groups (bsc#1220120).
- btrfs: allow to run delayed refs by bytes to be released instead of count (bsc#1220120).
- btrfs: always print transaction aborted messages with an error level (git-fixes)
- btrfs: always reserve space for delayed refs when starting transaction (bsc#1220120).
- btrfs: assert correct lock is held at btrfs_select_ref_head() (bsc#1220120).
- btrfs: assert delayed node locked when removing delayed item (git-fixes)
- btrfs: avoid starting and committing empty transaction when flushing space (bsc#1220120).
- btrfs: avoid starting new transaction when flushing delayed items and refs (bsc#1220120).
- btrfs: check for BTRFS_FS_ERROR in pending ordered assert (git-fixes)
- btrfs: compare the correct fsid/metadata_uuid in btrfs_validate_super (git-fixes)
- btrfs: defrag: avoid unnecessary defrag caused by incorrect extent size (git-fixes)
- btrfs: defrag: reject unknown flags of btrfs_ioctl_defrag_range_args (git-fixes)
- btrfs: do not allow non subvolume root targets for snapshot (git-fixes)
- btrfs: do not arbitrarily slow down delalloc if we're committing (git-fixes)
- btrfs: do not delete unused block group if it may be used soon (bsc#1220120).
- btrfs: do not refill whole delayed refs block reserve when starting transaction (bsc#1220120).
- btrfs: do not start transaction when joining with TRANS_JOIN_NOSTART (git-fixes)
- btrfs: do not steal space from global rsv after a transaction abort (bsc#1220120).
- btrfs: do not warn if discard range is not aligned to sector (git-fixes)
- btrfs: ensure fiemap does not race with writes when FIEMAP_FLAG_SYNC is given (bsc#1223285).
- btrfs: error out when COWing block using a stale transaction (git-fixes)
- btrfs: error out when reallocating block for defrag using a stale transaction (git-fixes)
- btrfs: error when COWing block from a root that is being deleted (git-fixes)
- btrfs: export: handle invalid inode or root reference in btrfs_get_parent() (git-fixes)
- btrfs: fail priority metadata ticket with real fs error (bsc#1220120).
- btrfs: file_remove_privs needs an exclusive lock in direct io write (git-fixes)
- btrfs: fix 64bit compat send ioctl arguments not initializing version member (git-fixes)
- btrfs: fix deadlock with fiemap and extent locking (bsc#1223285).
- btrfs: fix information leak in btrfs_ioctl_logical_to_ino() (git-fixes)
- btrfs: fix kvcalloc() arguments order in btrfs_ioctl_send() (git-fixes)
- btrfs: fix lockdep splat and potential deadlock after failure running delayed items (git-fixes)
- btrfs: fix off-by-one chunk length calculation at contains_pending_extent() (git-fixes)
- btrfs: fix off-by-one when checking chunk map includes logical address (git-fixes)
- btrfs: fix race between ordered extent completion and fiemap (bsc#1223285).
- btrfs: fix race when detecting delalloc ranges during fiemap (bsc#1223285).
- btrfs: fix race when refilling delayed refs block reserve (git-fixes)
- btrfs: fix start transaction qgroup rsv double free (git-fixes)
- btrfs: fix stripe length calculation for non-zoned data chunk allocation (bsc#1217489).
- btrfs: fix wrong block_start calculation for btrfs_drop_extent_map_range() (git-fixes) Dropped hunk in selftests (test_case_7), 92e1229b204d6.
- btrfs: free qgroup rsv on io failure (git-fixes)
- btrfs: free the allocated memory if btrfs_alloc_page_array() fails (git-fixes)
- btrfs: get rid of label and goto at insert_delayed_ref() (bsc#1220120).
- btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() (git-fixes)
- btrfs: handle errors properly in update_inline_extent_backref() (git-fixes)
- btrfs: initialize key where it's used when running delayed data ref (bsc#1220120).
- btrfs: log message if extent item not found when running delayed extent op (bsc#1220120).
- btrfs: make btrfs_cleanup_fs_roots() static (bsc#1220120).
- btrfs: make btrfs_destroy_delayed_refs() return void (bsc#1220120).
- btrfs: make btrfs_destroy_marked_extents() return void (bsc#1220120).
- btrfs: make btrfs_destroy_pinned_extent() return void (bsc#1220120).
- btrfs: make error messages more clear when getting a chunk map (git-fixes)
- btrfs: make find_first_extent_bit() return a boolean (bsc#1220120).
- btrfs: make find_free_dev_extent() static (bsc#1220120).
- btrfs: make insert_delayed_ref() return a bool instead of an int (bsc#1220120).
- btrfs: merge find_free_dev_extent() and find_free_dev_extent_start() (bsc#1220120).
- btrfs: move btrfs_free_excluded_extents() into block-group.c (bsc#1220120).
- btrfs: open code trivial btrfs_add_excluded_extent() (bsc#1220120).
- btrfs: output extra debug info if we failed to find an inline backref (git-fixes)
- btrfs: pass a space_info argument to btrfs_reserve_metadata_bytes() (bsc#1220120).
- btrfs: prevent transaction block reserve underflow when starting transaction (git-fixes)
- btrfs: print available space across all block groups when dumping space info (bsc#1220120).
- btrfs: print available space for a block group when dumping a space info (bsc#1220120).
- btrfs: print block group super and delalloc bytes when dumping space info (bsc#1220120).
- btrfs: print target number of bytes when dumping free space (bsc#1220120).
- btrfs: qgroup: always free reserved space for extent records (bsc#1216196).
- btrfs: qgroup: convert PREALLOC to PERTRANS after record_root_in_trans (git-fixes)
- btrfs: record delayed inode root in transaction (git-fixes)
- btrfs: reject encoded write if inode has nodatasum flag set (git-fixes)
- btrfs: release path before inode lookup during the ino lookup ioctl (git-fixes)
- btrfs: remove pointless initialization at btrfs_delayed_refs_rsv_release() (bsc#1220120).
- btrfs: remove pointless in_tree field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: remove pointless 'ref_root' variable from run_delayed_data_ref() (bsc#1220120).
- btrfs: remove redundant BUG_ON() from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_add argument from __btrfs_inc_extent_ref() (bsc#1220120).
- btrfs: remove refs_to_drop argument from __btrfs_free_extent() (bsc#1220120).
- btrfs: remove the refcount warning/check at btrfs_put_delayed_ref() (bsc#1220120).
- btrfs: remove unnecessary logic when running new delayed references (bsc#1220120).
- btrfs: remove unnecessary prototype declarations at disk-io.c (bsc#1220120).
- btrfs: remove unused is_head field from struct btrfs_delayed_ref_node (bsc#1220120).
- btrfs: rename add_new_free_space() to btrfs_add_new_free_space() (bsc#1220120).
- btrfs: reorder some members of struct btrfs_delayed_ref_head (bsc#1220120).
- btrfs: reserve space for delayed refs on a per ref basis (bsc#1220120).
- btrfs: reset destination buffer when read_extent_buffer() gets invalid range (git-fixes)
- btrfs: return -EUCLEAN for delayed tree ref with a ref count not equals to 1 (git-fixes)
- btrfs: return -EUCLEAN if extent item is missing when searching inline backref (bsc#1220120).
- btrfs: return real error when orphan cleanup fails due to a transaction abort (bsc#1220120).
- btrfs: send: do not issue unnecessary zero writes for trailing hole (bsc#1222459).
- btrfs: send: ensure send_fd is writable (git-fixes)
- btrfs: send: handle path ref underflow in header iterate_inode_ref() (git-fixes)
- btrfs: send: return EOPNOTSUPP on unknown flags (git-fixes)
- btrfs: set page extent mapped after read_folio in relocate_one_page (git-fixes)
- btrfs: simplify check for extent item overrun at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: stop doing excessive space reservation for csum deletion (bsc#1220120).
- btrfs: store the error that turned the fs into error state (bsc#1220120).
- btrfs: sysfs: validate scrub_speed_max value (git-fixes)
- btrfs: tree-checker: fix inline ref size in error messages (git-fixes)
- btrfs: update comment for btrfs_join_transaction_nostart() (bsc#1220120).
- btrfs: update documentation for add_new_free_space() (bsc#1220120).
- btrfs: use a bool to track qgroup record insertion when adding ref head (bsc#1220120).
- btrfs: use a single switch statement when initializing delayed ref head (bsc#1220120).
- btrfs: use a single variable for return value at lookup_inline_extent_backref() (bsc#1220120).
- btrfs: use a single variable for return value at run_delayed_extent_op() (bsc#1220120).
- btrfs: use bool type for delayed ref head fields that are used as booleans (bsc#1220120).
- btrfs: use the correct superblock to compare fsid in btrfs_validate_super (git-fixes)
- btrfs: use u64 for buffer sizes in the tree search ioctls (git-fixes)
- btrfs: zoned: do not skip block groups with 100% zone unusable (bsc#1220120).
- bus: mhi: ep: check the correct variable in mhi_ep_register_controller() (git-fixes).
- ceph: redirty page before returning AOP_WRITEPAGE_ACTIVATE (bsc#1224866).
- ceph: stop copying to iter at EOF on sync reads (bsc#1222606).
- certs: Add ECDSA signature verification self-test (bsc#1222777).
- certs: Move RSA self-test data to separate file (bsc#1222777).
- cifs: account for primary channel in the interface list (bsc#1225172).
- cifs: cifs_chan_is_iface_active should be called with chan_lock held (bsc#1225172).
- cifs: distribute channels across interfaces based on speed (bsc#1225172).++ kernel-source.spec (revision 4)%define git_commit 596cd3fdbd0fb5902e80279485ad8596f4e82397Release: <RELEASE>.g596cd3f
- cifs: do not pass cifs_sb when trying to add channels (bsc#1225172).
- cifs: Do not use certain unnecessary folio_*() functions (bsc#1225172).
- cifs: failure to add channel on iface should bump up weight (git-fixes, bsc#1225172).
- cifs: fix charset issue in reconnection (bsc#1225172).
- cifs: fix leak of iface for primary channel (git-fixes, bsc#1225172).
- cifs: handle cases where a channel is closed (bsc#1225172).
- cifs: handle cases where multiple sessions share connection (bsc#1225172).
- cifs: reconnect work should have reference on server struct (bsc#1225172).
- clk: Do not hold prepare_lock when calling kref_put() (stable-fixes).
- clk: Get runtime PM before walking tree during disable_unused (git-fixes).
- clk: Get runtime PM before walking tree for clk_summary (git-fixes).
- clk: Initialize struct clk_core kref earlier (stable-fixes).
- clk: mediatek: Do a runtime PM get on controllers during probe (git-fixes).
- clk: mediatek: mt8365-mm: fix DPI0 parent (git-fixes).
- clk: mediatek: pllfh: Do not log error for missing fhctl node (git-fixes).
- clk: qcom: clk-alpha-pll: fix rate setting for Stromer PLLs (git-fixes).
- clk: qcom: clk-alpha-pll: remove invalid Stromer register offset (git-fixes).
- clk: qcom: dispcc-sm6350: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8450: fix DisplayPort clocks (git-fixes).
- clk: qcom: dispcc-sm8550: fix DisplayPort clocks (git-fixes).
- clk: qcom: mmcc-msm8998: fix venus clock issue (git-fixes).
- clk: qcom: reset: Commonize the de/assert functions (stable-fixes).
- clk: qcom: reset: Ensure write completion on reset de/assertion (git-fixes).
- clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
- clk: renesas: r8a779a0: Fix CANFD parent clock (git-fixes).
- clk: renesas: r9a07g043: Add clock and reset entry for PLIC (git-fixes).
- clk: rs9: fix wrong default value for clock amplitude (git-fixes).
- clk: samsung: exynosautov9: fix wrong pll clock id value (git-fixes).
- clk: Show active consumers of clocks in debugfs (stable-fixes).
- clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change (git-fixes).
- clocksource/drivers/arm_global_timer: Fix maximum prescaler value (git-fixes).
- clocksource/drivers/imx: Fix -Wunused-but-set-variable warning (git-fixes).
- comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
- coresight: trbe: Add a representative coresight_platform_data for (bsc#1220587)
- coresight: trbe: Allocate platform data per device (bsc#1220587)
- coresight: trbe: Enable ACPI based TRBE devices (bsc#1220587)
- counter: linux/counter.h: fix Excess kernel-doc description warning (git-fixes).
- cppc_cpufreq: Fix possible null pointer dereference (git-fixes).
- cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations (git-fixes).
- cpufreq: exit() callback is optional (git-fixes).
- cpumask: Add for_each_cpu_from() (bsc#1225053).
- crypto: bcm - Fix pointer arithmetic (git-fixes).
- crypto: ccp - Add support for PCI device 0x156E (bsc#1223338).
- crypto: ccp - Add support for PCI device 0x17E0 (bsc#1223338).
- crypto: ccp - drop platform ifdef checks (git-fixes).
- crypto: ecc - update ecc_gen_privkey for FIPS 186-5 (bsc#1222782).
- crypto: ecdsa - Fix module auto-load on add-key (git-fixes).
- crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init (git-fixes).
- crypto: qat - Fix ADF_DEV_RESET_SYNC memory leak (git-fixes).
- crypto: qat - fix ring to service map for dcc in 4xxx (git-fixes).
- crypto: qat - improve error logging to be consistent across features (git-fixes).
- crypto: qat - relocate and rename get_service_enabled() (stable-fixes).
- crypto: qat - specify firmware files for 402xx (git-fixes).
- crypto: rsa - add a check for allocation failure (bsc#1222775).
- crypto: rsa - allow only odd e and restrict value in FIPS mode (bsc#1222775).
- crypto: testmgr - remove unused xts4096 and xts512 algorithms from testmgr.c (bsc#1222769).
- crypto: x86/nh-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha256-avx2 - add missing vzeroupper (git-fixes).
- crypto: x86/sha512-avx2 - add missing vzeroupper (git-fixes).
- cxl/acpi: Fix load failures due to single window creation failure (git-fixes).
- cxl/pci: Fix disabling memory if DVSEC CXL Range does not match a CFMWS window (git-fixes).
- cxl/trace: Properly initialize cxl_poison region name (git-fixes).
- dax: alloc_dax() return ERR_PTR(-EOPNOTSUPP) for CONFIG_DAX=n (jsc#PED-5853).
- dax/bus.c: replace driver-core lock usage by a local rwsem (jsc#PED-5853).
- dax/bus.c: replace several sprintf() with sysfs_emit() (jsc#PED-5853).
- device-dax: make dax_bus_type const (jsc#PED-5853).
- dlm: fix user space lkb refcounting (git-fixes).
- dma-buf: Fix NULL pointer dereference in sanitycheck() (git-fixes).
- dma-buf/sw-sync: do not enable IRQ from sync_print_obj() (git-fixes).
- dmaengine: axi-dmac: fix possible race in remove() (git-fixes).
- dmaengine: idma64: Add check for dma_set_max_seg_size (git-fixes).
- dmaengine: idxd: Avoid unnecessary destruction of file_ida (git-fixes).
- dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
- dmaengine: owl: fix register access functions (git-fixes).
- dmaengine: tegra186: Fix residual calculation (git-fixes).
- dma-mapping: benchmark: fix node id validation (git-fixes).
- dma-mapping: benchmark: handle NUMA_NO_NODE correctly (git-fixes).
- dm/amd/pm: Fix problems with reboot/shutdown for some SMU 13.0.4/13.0.11 users (git-fixes).
- dma: xilinx_dpdma: Fix locking (git-fixes).
- dm crypt: remove redundant state settings after waking up (jsc#PED-7542).
- dm-integrity: set max_integrity_segments in dm_integrity_io_hints (jsc#PED-7542).
- dm-multipath: dont't attempt SG_IO on non-SCSI-disks (bsc#1223575).
- dm-raid: add a new helper prepare_suspend() in md_personality (jsc#PED-7542).
- dm-raid: really frozen sync_thread during suspend (jsc#PED-7542).
- dm thin: add braces around conditional code that spans lines (jsc#PED-7542).
- dm: update relevant MODULE_AUTHOR entries to latest dm-devel mailing list (jsc#PED-7542).
- dm verity: set DM_TARGET_SINGLETON feature flag (jsc#PED-7542).
- Docs/admin-guide/mm/damon/usage: fix wrong example of DAMOS filter matching sysfs file (git-fixes).
- docs: kernel_include.py: Cope with docutils 0.21 (stable-fixes).
- docs: netdev: Fix typo in Signed-off-by tag (git-fixes).
- docs: Restore 'smart quotes' for quotes (stable-fixes).
- driver core: Introduce device_link_wait_removal() (stable-fixes).
- drivers/nvme: Add quirks for device 126f:2262 (git-fixes).
- drm: add drm_gem_object_is_shared_for_memory_stats() helper (stable-fixes).
- drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init() (stable-fixes).
- drm/amd/display: Add dml2 copy functions (stable-fixes).
- drm/amd/display: Allow dirty rects to be sent to dmub when abm is active (stable-fixes).
- drm/amd/display: Atom Integrated System Info v2_2 for DCN35 (stable-fixes).
- drm/amd/display: Change default size for dummy plane in DML2 (stable-fixes).
- drm/amd/display: Do not recursively call manual trigger programming (stable-fixes).
- drm/amd/display: Enable colorspace property for MST connectors (git-fixes).
- drm/amd/display: Fix bounds check for dcn35 DcfClocks (git-fixes).
- drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
- drm/amd/display: Fix division by zero in setup_dsc_config (stable-fixes).
- drm/amd/display: Fix idle check for shared firmware state (stable-fixes).
- drm/amd/display: Fix incorrect DSC instance for MST (stable-fixes).
- drm/amd/display: fix input states translation error for dcn35 & dcn351 (stable-fixes).
- drm/amd/display: Fix nanosec stat overflow (stable-fixes).
- drm/amd/display: Fix noise issue on HDMI AV mute (stable-fixes).
- drm/amd/display: Fix potential index out of bounds in color transformation function (git-fixes).
- drm/amd/display: handle range offsets in VRR ranges (stable-fixes).
- drm/amd/display: Handle Y carry-over in VCP X.Y calculation (stable-fixes).
- drm/amd/display: Init DPPCLK from SMU on dcn32 (stable-fixes).
- drm/amd/display: Override min required DCFCLK in dml1_validate (stable-fixes).
- drm/amd/display: Prevent crash when disable stream (stable-fixes).
- drm/amd/display: Program VSC SDP colorimetry for all DP sinks >= 1.4 (stable-fixes).
- drm/amd/display: Remove MPC rate control logic from DCN30 and above (stable-fixes).
- drm/amd/display: Remove redundant condition in dcn35_calc_blocks_to_gate() (git-fixes).
- drm/amd/display: Return the correct HDCP error code (stable-fixes).
- drm/amd/display: Set DCN351 BB and IP the same as DCN35 (stable-fixes).
- drm/amd/display: Set VSC SDP Colorimetry same way for MST and SST (stable-fixes).
- drm/amd/display: Use freesync when `DRM_EDID_FEATURE_CONTINUOUS_FREQ` found (stable-fixes).
- drm/amd: Flush GFXOFF requests in prepare stage (git-fixes).
- drm/amdgpu: always force full reset for SOC21 (stable-fixes).
- drm/amdgpu: amdgpu_ttm_gart_bind set gtt bound flag (stable-fixes).
- drm/amdgpu: Assign correct bits for SDMA HDP flush (stable-fixes).
- drm/amdgpu/display: Address kdoc for 'is_psr_su' in 'fill_dc_dirty_rects' (git-fixes).
- drm/amdgpu: drop setting buffer funcs in sdma442 (git-fixes).
- drm/amdgpu: Fix comparison in amdgpu_res_cpu_visible (git-fixes).
- drm/amdgpu: fix deadlock while reading mqd from debugfs (git-fixes).
- drm/amdgpu: fix doorbell regression (git-fixes).
- drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
- drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
- drm/amdgpu: fix mmhub client id out-of-bounds access (git-fixes).
- drm/amdgpu: fix use-after-free bug (stable-fixes).
- drm/amdgpu: Fix VCN allocation in CPX partition (stable-fixes).
- drm/amdgpu: fix visible VRAM handling during faults (git-fixes).
- drm/amdgpu: implement IRQ_STATE_ENABLE for SDMA v4.4.2 (stable-fixes).
- drm/amdgpu: make damage clips support configurable (stable-fixes).
- drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
- drm/amdgpu/pm: Check the validity of overdiver power limit (git-fixes).
- drm/amdgpu/pm: Fix NULL pointer dereference when get power limit (git-fixes).
- drm/amdgpu/pm: Fix the error of pwm1_enable setting (stable-fixes).
- drm/amdgpu: Refine IB schedule error logging (stable-fixes).
- drm/amdgpu: remove invalid resource->start check v2 (git-fixes).
- drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
- drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
- drm/amdgpu: validate the parameters of bo mapping operations more clearly (git-fixes).
- drm/amdkfd: Check cgroup when returning DMABuf info (stable-fixes).
- drm/amdkfd: do not allow mapping the MMIO HDP page with large pages (git-fixes).
- drm/amdkfd: Fix memory leak in create_process failure (git-fixes).
- drm/amdkfd: fix TLB flush after unmap for GFX9.4.2 (stable-fixes).
- drm/amdkfd: range check cp bad op exception interrupts (stable-fixes).
- drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
- drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
- drm/amd/swsmu: modify the gfx activity scaling (stable-fixes).
- drm/arm/malidp: fix a possible null pointer dereference (git-fixes).
- drm/ast: Fix soft lockup (git-fixes).
- drm/bridge: anx7625: Do not log an error when DSI host can't be found (git-fixes).
- drm: bridge: cdns-mhdp8546: Fix possible null pointer dereference (git-fixes).
- drm/bridge: dpc3433: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: Fix improper bridge init order with pre_enable_prev_first (git-fixes).
- drm/bridge: icn6211: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt8912b: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: lt9611uxc: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: Do not log an error when DSI host can't be found (git-fixes).
- drm/bridge: tc358775: fix support for jeida-18 and jeida-24 (git-fixes).
- drm/buddy: check range allocation matches alignment (stable-fixes).
- drm: Check output polling initialized before disabling (stable-fixes).
- drm: Check polling initialized before enabling in drm_helper_probe_single_connector_modes (stable-fixes).
- drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-fixes).
- drm/connector: Add \n to message about demoting connector force-probes (git-fixes).
- drm/display: fix typo (git-fixes).
- drm/exynos: do not return negative values from .get_modes() (stable-fixes).
- drm/fbdev-generic: Do not set physical framebuffer address (git-fixes).
- drm: Fix drm_fixp2int_round() making it add 0.5 (git-fixes).
- drm/gma500: Remove lid code (git-fixes).
- drm/i915/audio: Fix audio time stamp programming for DP (stable-fixes).
- drm/i915/bios: Fix parsing backlight BDB data (git-fixes).
- drm/i915/bios: Tolerate devdata==NULL in intel_bios_encoder_supports_dp_dual_mode() (stable-fixes).
- drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-fixes).
- drm/i915: Disable live M/N updates when using bigjoiner (stable-fixes).
- drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
- drm/i915/display: Use i915_gem_object_get_dma_address to get dma address (stable-fixes).
- drm/i915: Do not match JSL in ehl_combo_pll_div_frac_wa_needed() (git-fixes).
- drm/i915/dp: Fix the computation for compressed_bpp for DISPLAY < 13 (git-fixes).
- drm/i915/dp: Remove support for UHBR13.5 (git-fixes).
- drm/i915/dpt: Make DPT object unshrinkable (git-fixes).
- drm/i915/dsb: Fix DSB vblank waits when using VRR (git-fixes).
- drm/i915/dsi: Go back to the previous INIT_OTP/DISPLAY_ON order, mostly (git-fixes).
- drm/i915: Fix audio component initialization (git-fixes).
- drm/i915/gt: Automate CCS Mode setting during engine resets (git-fixes).
- drm/i915/gt: Disable HW load balancing for CCS (git-fixes).
- drm/i915/gt: Disarm breadcrumbs if engines are already idle (git-fixes).
- drm/i915/gt: Do not generate the command streamer for all the CCS (git-fixes).
- drm/i915/gt: Enable only one CCS for compute workload (git-fixes).
- drm/i915/gt: Fix CCS id's calculation for CCS mode setting (git-fixes).
- drm/i915/gt: Reset queue_priority_hint on parking (git-fixes).
- drm/i915/guc: avoid FIELD_PREP warning (git-fixes).
- drm/i915/hwmon: Fix locking inversion in sysfs getter (git-fixes).
- drm/i915: Include the PLL name in the debug messages (stable-fixes).
- drm/i915/lspcon: Separate function to set expected mode (bsc#1193599).
- drm/i915/lspcon: Separate lspcon probe and lspcon init (bsc#1193599).
- drm/i915/mst: Limit MST+DSC to TGL+ (git-fixes).
- drm/i915/mst: Reject FEC+MST on ICL (git-fixes).
- drm/i915: Pre-populate the cursor physical dma address (git-fixes).
- drm/i915: Replace a memset() with zero initialization (stable-fixes).
- drm/i915: Stop printing pipe name as hex (stable-fixes).
- drm/i915: Suppress old PLL pipe_mask checks for MG/TC/TBT PLLs (stable-fixes).
- drm/i915: Try to preserve the current shared_dpll for fastset on type-c ports (stable-fixes).
- drm/i915: Use named initializers for DPLL info (stable-fixes).
- drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
- drm/i915/vrr: Generate VRR 'safe window' for DSB (git-fixes).
- drm/imx/ipuv3: do not return negative values from .get_modes() (stable-fixes).
- drm/lcdif: Do not disable clocks on already suspended hardware (git-fixes).
- drm/mediatek: Add 0 size check to mtk_drm_gem_obj (git-fixes).
- drm/mediatek: dp: Fix mtk_dp_aux_transfer return value (git-fixes).
- drm/mediatek: Init `ddp_comp` with devm_kcalloc() (git-fixes).
- drm/meson: dw-hdmi: add bandgap setting for g12 (git-fixes).
- drm/meson: dw-hdmi: power up phy on device init (git-fixes).
- drm/meson: gate px_clk when setting rate (git-fixes).
- drm/meson: vclk: fix calculation of 59.94 fractional rates (git-fixes).
- drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails (git-fixes).
- drm/msm: Add newlines to some debug prints (git-fixes).
- drm/msm/adreno: fix CP cycles stat retrieval on a7xx (git-fixes).
- drm/msm/dp: allow voltage swing / pre emphasis of 3 (git-fixes).
- drm/msm/dp: Avoid a long timeout for AUX transfer if nothing connected (git-fixes).
- drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
- drm/msm/dpu: Add callback function pointer check before its call (git-fixes).
- drm/msm/dpu: Allow configuring multiple active DSC blocks (git-fixes).
- drm/msm/dpu: Always flush the slave INTF on the CTL (git-fixes).
- drm/msm/dpu: do not allow overriding data from catalog (git-fixes).
- drm/msm/dpu: make error messages at dpu_core_irq_register_callback() more sensible (git-fixes).
- drm/msm/dpu: use devres-managed allocation for MDP TOP (stable-fixes).
- drm/msm/dsi: Print dual-DSI-adjusted pclk instead of original mode pclk (git-fixes).
- drm/nouveau/disp: Fix missing backlight control on Macbook 5, 1 (bsc#1223838).
- drm/nouveau/dp: Do not probe eDP ports twice harder (stable-fixes).
- drm/nouveau/dp: Fix incorrect return code in r535_dp_aux_xfer() (git-fixes).
- drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor() (stable-fixes).
- drm/nouveau: use tile_mode and pte_kind for VM_BIND bo allocations (git-fixes).
- drm: nv04: Fix out of bounds access (git-fixes).
- drm/omapdrm: Fix console by implementing fb_dirty (git-fixes).
- drm/panel: do not return negative error codes from drm_panel_get_modes() (stable-fixes).
- drm/panel: ili9341: Respect deferred probe (git-fixes).
- drm/panel: ili9341: Use predefined error codes (git-fixes).
- drm/panel: ltk050h3146w: add MIPI_DSI_MODE_VIDEO to LTK050H3148W flags (git-fixes).
- drm/panel: ltk050h3146w: drop duplicate commands from LTK050H3148W init (git-fixes).
- drm/panel: novatek-nt35950: Do not log an error when DSI host can't be found (git-fixes).
- drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
- drm/panel: simple: Add missing Innolux G121X1-L03 format, flags, connector (git-fixes).
- drm/panel: sitronix-st7789v: fix display size for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: fix timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: sitronix-st7789v: tweak timing for jt240mhqs_hwt_ek_e3 panel (git-fixes).
- drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
- drm/panfrost: fix power transition timeout warnings (git-fixes).
- drm/panfrost: Fix the error path in panfrost_mmu_map_fault_addr() (git-fixes).
- drm/prime: Unbreak virtgpu dma-buf export (git-fixes).
- drm/probe-helper: warn about negative .get_modes() (stable-fixes).
- drm/qxl: remove unused `count` variable from `qxl_surface_id_alloc()` (git-fixes).
- drm/qxl: remove unused variable from `qxl_process_single_command()` (git-fixes).
- drm/radeon: make -fstrict-flex-arrays=3 happy (git-fixes).
- drm/radeon: silence UBSAN warning (v3) (stable-fixes).
- drm/rockchip: vop2: Do not divide height twice for YUV (git-fixes).
- drm/rockchip: vop2: Remove AR30 and AB30 format support (git-fixes).
- drm/sched: fix null-ptr-deref in init entity (git-fixes).
- drm/shmem-helper: Fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) (git-fixes).
- drm/ttm: return ENOSPC from ttm_bo_mem_space v3 (stable-fixes).
- drm/ttm: stop pooling cached NUMA pages v2 (git-fixes).
- drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
- drm: vc4: Fix possible null pointer dereference (git-fixes).
- drm/vc4: hdmi: do not return negative values from .get_modes() (stable-fixes).
- drm/vmwgfx: Create debugfs ttm_resource_manager entry only if needed (git-fixes).
- drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
- drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
- drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
- drm/vmwgfx: Fix Legacy Display Unit (git-fixes).
- drm/vmwgfx: Fix prime import/export (git-fixes).
- drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
- drm: zynqmp_dpsub: Always register bridge (git-fixes).
- dt-bindings: clock: qcom: Add missing UFS QREF clocks (git-fixes)
- dump_stack: Do not get cpu_sync for panic CPU (bsc#1225607).
- dyndbg: fix old BUG_ON in >control parser (stable-fixes).
- e1000e: Minor flow correction in e1000_shutdown function (git-fixes).
- e1000e: move force SMBUS from enable ulp function to avoid PHY loss issue (git-fixes).
- e1000e: Workaround for sporadic MDI error on Meteor Lake systems (git-fixes).
- ecryptfs: Fix buffer size for tag 66 packet (git-fixes)
- ecryptfs: Reject casefold directory inodes (git-fixes)
- EDAC/synopsys: Fix ECC status and IRQ control race condition (git-fixes).
- Edit 'amdkfd: use calloc instead of kzalloc to avoid integer overflow' Reference CVE and bug numbers.
- efi: disable mirror feature during crashkernel (stable-fixes).
- efi: fix panic in kdump kernel (git-fixes).
- efi: libstub: only free priv.runtime_map when allocated (git-fixes).
- efi/unaccepted: do not let /proc/vmcore try to access unaccepted memory (git-fixes).
- efi/unaccepted: touch soft lockup during memory accept (git-fixes).
- Enable CONFIG_FIPS_SIGNATURE_SELFTEST (bsc#1222771)
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_ECDSA.
- Enable new CONFIG_FIPS_SIGNATURE_SELFTEST_RSA.
- extcon: max8997: select IRQ_DOMAIN instead of depending on it (git-fixes).
- fast_dput(): handle underflows gracefully (git-fixes)
- fat: fix uninitialized field in nostale filehandles (git-fixes)
- fbdev: fix incorrect address computation in deferred IO (git-fixes).
- fbdev: savage: Handle err return when savagefb_check_var failed (git-fixes).
- fbdev: sh7760fb: allow modular build (git-fixes).
- fbdev: shmobile: fix snprintf truncation (git-fixes).
- fbdev: sisfb: hide unused variables (git-fixes).
- fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
- fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-fixes).
- firewire: core: use long bus reset on gap count error (stable-fixes).
- firewire: ohci: mask bus reset interrupts between ISR and bottom half (stable-fixes).
- firmware: arm_scmi: Make raw debugfs entries non-seekable (git-fixes).
- firmware: dmi-id: add a release callback function (git-fixes).
- firmware: raspberrypi: Use correct device for DMA mappings (git-fixes).
- firmware: tegra: bpmp: Return directly after a failed kzalloc() in get_filename() (stable-fixes).
- Fix a potential infinite loop in extract_user_to_sg() (git-fixes).
- Fix build errors due to new UIO_MEM_DMA_COHERENT mess (git-fixes).
- fs/9p: only translate RWX permissions for plain 9P2000 (git-fixes)
- fs/9p: translate O_TRUNC into OTRUNC (git-fixes)
- fs: Fix error checking for d_hash_and_lookup() (git-fixes)
- fs: indicate request originates from old mount API (git-fixes)
- fs: relax mount_setattr() permission checks (git-fixes)
- fsverity: skip PKCS#7 parser when keyring is empty (git-fixes)
- ftrace: Fix possible use-after-free issue in ftrace_location() (git-fixes).
- fuse: do not unhash root (bsc#1223946).
- fuse: fix root lookup with nonzero generation (bsc#1223945).
- geneve: fix header validation in geneve[6]_xmit_skb (git-fixes).
- geneve: make sure to pull inner header in geneve_rx() (git-fixes).
- gpio: cdev: check for NULL labels when sanitizing them for irqs (git-fixes).
- gpio: cdev: fix missed label sanitizing in debounce_setup() (git-fixes).
- gpio: cdev: sanitize the label before requesting the interrupt (stable-fixes).
- gpio: crystalcove: Use -ENOTSUPP consistently (stable-fixes).
- gpiolib: cdev: fix uninitialised kfifo (git-fixes).
- gpiolib: cdev: relocate debounce_period_us from struct gpio_desc (stable-fixes).
- gpiolib: swnode: Remove wrong header inclusion (git-fixes).
- gpio: tangier: Use correct type for the IRQ chip data (git-fixes).
- gpio: tegra186: Fix tegra186_gpio_is_accessible() check (git-fixes).
- gpio: wcove: Use -ENOTSUPP consistently (stable-fixes).
- gpu: host1x: Do not setup DMA for virtual devices (stable-fixes).
- gtp: fix use-after-free and null-ptr-deref in gtp_newlink() (git-fixes).
- HID: amd_sfh: Handle 'no sensors' in PM operations (git-fixes).
- HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up (git-fixes).
- HID: input: avoid polling stylus battery on Chromebook Pompom (stable-fixes).
- HID: intel-ish-hid: ipc: Add check for pci_alloc_irq_vectors (git-fixes).
- HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc (git-fixes).
- HID: logitech-dj: allow mice to use all types of reports (git-fixes).
- HID: multitouch: Add required quirk for Synaptics 0xcddc device (stable-fixes).
- hwmon: (amc6821) add of_match table (stable-fixes).
- hwmon: (corsair-cpro) Protect ccp->wait_input_report with a spinlock (git-fixes).
- hwmon: (corsair-cpro) Use a separate buffer for sending commands (git-fixes).
- hwmon: (corsair-cpro) Use complete_all() instead of complete() in ccp_raw_event() (git-fixes).
- hwmon: (intel-m10-bmc-hwmon) Fix multiplier for N6000 board power sensor (git-fixes).
- hwmon: (lm70) fix links in doc and comments (git-fixes).
- hwmon: (pmbus/ucd9000) Increase delay from 250 to 500us (git-fixes).
- hwmon: (shtc1) Fix property misspelling (git-fixes).
- hwtracing: hisi_ptt: Move type check to the beginning of hisi_ptt_pmu_event_init() (git-fixes).
- i2c: acpi: Unbind mux adapters before delete (git-fixes).
- i2c: cadence: Avoid fifo clear after start (git-fixes).
- i2c: pxa: hide unused icr_bits[] variable (git-fixes).
- i2c: smbus: fix NULL function pointer dereference (git-fixes).
- i2c: synquacer: Fix an error handling path in synquacer_i2c_probe() (git-fixes).
- i3c: master: svc: change ENXIO to EAGAIN when IBI occurs during start frame (git-fixes).
- i3c: master: svc: fix invalidate IBI type and miss call client IBI handler (git-fixes).
- i40e: disable NAPI right after disabling irqs when handling xsk_pool (git-fixes).
- i40e: Enforce software interrupt during busy-poll exit (git-fixes).
- i40e: Fix firmware version comparison function (git-fixes).
- i40e: fix i40e_count_filters() to count only active/new filters (git-fixes).
- i40e: Fix VF MAC filter removal (git-fixes).
- i40e: fix vf may be used uninitialized in this function warning (git-fixes).
- i915: make inject_virtual_interrupt() void (stable-fixes).
- IB/mlx5: Use __iowrite64_copy() for write combining stores (git-fixes)
- ice: fix enabling RX VLAN filtering (git-fixes).
- ice: fix memory corruption bug with suspend and rebuild (git-fixes).
- ice: fix stats being updated by way too large values (git-fixes).
- ice: fix typo in assignment (git-fixes).
- ice: fix uninitialized dplls mutex usage (git-fixes).
- ice: reconfig host after changing MSI-X on VF (git-fixes).
- ice: Refactor FW data type and fix bitmap casting issue (git-fixes).
- ice: reorder disabling IRQ and NAPI in ice_qp_dis (git-fixes).
- ice: use relative VSI index for VFs instead of PF VSI number (git-fixes).
- ice: virtchnl: stop pretending to support RSS over AQ or registers (git-fixes).
- ida: make 'ida_dump' static (git-fixes).
- idma64: Do not try to serve interrupts when device is powered off (git-fixes).
- idpf: disable local BH when scheduling napi for marker packets (git-fixes).
- idpf: extend tx watchdog timeout (bsc#1224137).
- idpf: fix kernel panic on unknown packet types (git-fixes).
- igb: extend PTP timestamp adjustments to i211 (git-fixes).
- igb: Fix missing time sync events (git-fixes).
- igc: avoid returning frame twice in XDP_REDIRECT (git-fixes).
- igc: Fix missing time sync events (git-fixes).
- igc: Remove stale comment about Tx timestamping (git-fixes).
- iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
- iio: adc: stm32: Fixing err code to not indicate success (git-fixes).
- iio: core: Leave private pointer NULL when no private data supplied (git-fixes).
- iio: dummy_evgen: remove Excess kernel-doc comments (git-fixes).
- iio: gts-helper: Fix division loop (git-fixes).
- iio:imu: adis16475: Fix sync mode setting (git-fixes).
- iio: pressure: dps310: support negative temperature values (git-fixes).
- iio: pressure: Fixes BME280 SPI driver data (git-fixes).
- inet_diag: annotate data-races around inet_diag_table[] (git-fixes).
- inet: frags: eliminate kernel-doc warning (git-fixes).
- init/main.c: Fix potential static_command_line memory overflow (git-fixes).
- init: open /initrd.image with O_LARGEFILE (stable-fixes).
- Input: allocate keycode for Display refresh rate toggle (stable-fixes).
- Input: cyapa - add missing input core locking to suspend/resume functions (git-fixes).
- Input: gpio_keys_polled - suppress deferred probe error for gpio (stable-fixes).
- Input: imagis - use FIELD_GET where applicable (stable-fixes).
- Input: ims-pcu - fix printf string overflow (git-fixes).
- Input: pm8xxx-vibrator - correct VIB_MAX_LEVELS calculation (git-fixes).
- Input: synaptics-rmi4 - fail probing if memory allocation for 'phys' fails (stable-fixes).
- input/touchscreen: imagis: Correct the maximum touch area value (stable-fixes).
- Input: xpad - add additional HyperX Controller Identifiers (stable-fixes).
- Input: xpad - add support for Snakebyte GAMEPADs (stable-fixes).
- intel: legacy: Partial revert of field get conversion (git-fixes).
- interconnect: qcom: osm-l3: Replace custom implementation of COUNT_ARGS() (git-fixes).
- interconnect: qcom: qcm2290: Fix mas_snoc_bimc QoS port assignment (git-fixes).
- interconnect: qcom: sc8180x: Mark CO0 BCM keepalive (git-fixes).
- interconnect: qcom: sm8550: Enable sync_state (git-fixes).
- iomap: clear the per-folio dirty bits on all writeback failures (git-fixes)
- iommu/arm-smmu-v3: Check that the RID domain is S1 in SVA (git-fixes).
- iommu/dma: Force swiotlb_max_mapping_size on an untrusted device (bsc#1224331)
- iommu/dma: Trace bounce buffer usage when mapping buffers (git-fixes).
- iommufd: Add missing IOMMUFD_DRIVER kconfig for the selftest (git-fixes).
- iommufd: Fix iopt_access_list_id overwrite bug (git-fixes).
- iommufd/iova_bitmap: Bounds check mapped::pages access (git-fixes).
- iommufd/iova_bitmap: Consider page offset for the pages to be pinned (git-fixes).
- iommufd/iova_bitmap: Switch iova_bitmap::bitmap to an u8 array (git-fixes).
- iommufd: Reject non-zero data_type if no data_len is provided (git-fixes).
- iommu: Map reserved memory as cacheable if device is coherent (git-fixes).
- iommu/vt-d: Allocate local memory for page request queue (git-fixes).
- iommu/vt-d: Fix wrong use of pasid config (git-fixes).
- iommu/vt-d: Set SSADE when attaching to a parent with dirty tracking (git-fixes).
- iommu/vt-d: Update iotlb in nested domain attach (git-fixes).
- ionic: set adminq irq affinity (git-fixes).
- io_uring: kabi cookie remove (bsc#1217384).
- ipv4: annotate data-races around fi->fib_dead (git-fixes).
- irqchip/alpine-msi: Fix off-by-one in allocation error path (git-fixes).
- irqchip/armada-370-xp: Suppress unused-function warning (git-fixes).
- irqchip/gic-v3-its: Do not assume vPE tables are preallocated (git-fixes).
- irqchip/gic-v3-its: Fix VSYNC referencing an unmapped VPE on GIC v4.1 (git-fixes).
- irqchip/gic-v3-its: Prevent double free on error (git-fixes).
- irqchip/loongson-pch-msi: Fix off-by-one on allocation error path (git-fixes).
- irqchip/mbigen: Do not use bus_get_dev_root() to find the parent (git-fixes).
- irqchip/renesas-rzg2l: Add macro to retrieve TITSR register offset based on register's index (stable-fixes).
- irqchip/renesas-rzg2l: Flush posted write in irq_eoi() (git-fixes).
- irqchip/renesas-rzg2l: Implement restriction when writing ISCR register (stable-fixes).
- irqchip/renesas-rzg2l: Prevent spurious interrupts when setting trigger type (git-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_irq_eoi() (stable-fixes).
- irqchip/renesas-rzg2l: Rename rzg2l_tint_eoi() (stable-fixes).
- ixgbe: avoid sleeping allocation in ixgbe_ipsec_vf_add_sa() (git-fixes).
- ixgbe: {dis, en}able irqs in ixgbe_txrx_ring_{dis, en}able (git-fixes).
- jffs2: prevent xattr node from overflowing the eraseblock (git-fixes).
- kABI: Adjust trace_iterator.wait_index (git-fixes).
- kABI fix of KVM: x86/pmu: Allow programming events that match unsupported arch events (bsc#1225696).
- kABI fix of KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- kabi fix of perf/x86/intel: Expose existence of callback support to KVM (git fixes).
- kabi/severities: ignore brcmfmac-specific local symbols
- kabi/severities: ignore IMS functions They were dropped in previous patches. Noone is supposed to use them.
- kabi/severities: ignore TAS2781 symbol drop, it's only locally used
- kabi/severities: ignore Wangxun ethernet driver local symbols
- kabi/severities: Remove mitigation-related symbols Those are used by the core kernel to implement CPU vulnerabilities mitigation and are not expected to be consumed by 3rd party users.
- kABI workaround for cs35l56 (git-fixes).
- kABI workaround for of driver changes (git-fixes).
- kasan: disable kasan_non_canonical_hook() for HW tags (git-fixes).
- kasan, fortify: properly rename memintrinsics (git-fixes).
- kasan: print the original fault addr when access invalid shadow (git-fixes).
- kasan/test: avoid gcc warning for intentional overflow (git-fixes).
- kbuild: Move -Wenum-{compare-conditional,enum-conversion} into W=1 (stable-fixes).
- kconfig: fix infinite loop when expanding a macro at the end of file (git-fixes).
- kexec: do syscore_shutdown() in kernel_kexec (git-fixes).
- KEYS: trusted: Do not use WARN when encode fails (git-fixes).
- KEYS: trusted: Fix memory leak in tpm2_key_encode() (git-fixes).
- kprobes: Fix possible use-after-free issue on kprobe registration (git-fixes).
- kselftest: Add a ksft_perror() helper (stable-fixes).
- kunit/fortify: Fix mismatched kvalloc()/vfree() usage (git-fixes).
- KVM: nVMX: Clear EXIT_QUALIFICATION when injecting an EPT Misconfig (git-fixes).
- KVM: s390: Check kvm pointer when testing KVM_CAP_S390_HPAGE_1M (git-fixes bsc#1224790).
- KVM: SVM: Add support for allowing zero SEV ASIDs (git-fixes).
- KVM: SVM: Flush pages under kvm->lock to fix UAF in svm_register_enc_region() (git-fixes).
- KVM: SVM: Use unsigned integers when dealing with ASIDs (git-fixes).
- KVM: VMX: Disable LBR virtualization if the CPU does not support LBR callstacks (git-fixes).
- KVM: VMX: Report up-to-date exit qualification to userspace (git-fixes).
- KVM: x86: Allow, do not ignore, same-value writes to immutable MSRs (git-fixes).
- KVM: x86: Fix broken debugregs ABI for 32 bit kernels (git-fixes).
- KVM: x86: Fully re-initialize supported_mce_cap on vendor module load (git-fixes).
- KVM: x86: Introduce __kvm_get_hypervisor_cpuid() helper (git-fixes).
- KVM: x86: Mark target gfn of emulated atomic instruction as dirty (git-fixes).
- KVM: x86/mmu: Do not force emulation of L2 accesses to non-APIC internal slots (git-fixes).
- KVM: x86/mmu: Move private vs. shared check above slot validity checks (git-fixes).
- KVM: x86/mmu: Restrict KVM_SW_PROTECTED_VM to the TDP MMU (git-fixes).
- KVM: x86/mmu: Write-protect L2 SPTEs in TDP MMU when clearing dirty status (git-fixes).
- KVM: x86: Only set APICV_INHIBIT_REASON_ABSENT if APICv is enabled (git-fixes).
- KVM: x86/pmu: Allow programming events that match unsupported arch events (git-fixes).
- KVM: x86/pmu: Always treat Fixed counters as available when supported (git-fixes).
- KVM: x86/pmu: Apply 'fast' RDPMC only to Intel PMUs (git-fixes).
- KVM: x86/pmu: Disable support for adaptive PEBS (git-fixes).
- KVM: x86/pmu: Disallow 'fast' RDPMC for architectural Intel PMUs (git-fixes).
- KVM: x86/pmu: Do not ignore bits 31:30 for RDPMC index on AMD (git-fixes).
- KVM: x86/pmu: Do not mask LVTPC when handling a PMI on AMD platforms (git-fixes).
- KVM: x86/pmu: Explicitly check NMI from guest to reducee false positives (git-fixes).
- KVM: x86/pmu: Prioritize VMX interception over #GP on RDPMC due to bad index (git-fixes).
- KVM: x86/pmu: Set enable bits for GP counters in PERF_GLOBAL_CTRL at 'RESET' (git-fixes).
- KVM: x86/pmu: Zero out PMU metadata on AMD if PMU is disabled (git-fixes).
- KVM: x86: Snapshot if a vCPU's vendor model is AMD vs. Intel compatible (git-fixes).
- KVM: x86: Update KVM_SW_PROTECTED_VM docs to make it clear they're a WIP (git-fixes).
- KVM: x86: Use actual kvm_cpuid.base for clearing KVM_FEATURE_PV_UNHALT (git-fixes).
- KVM: x86/xen: fix recursive deadlock in timer injection (git-fixes).
- KVM: x86/xen: improve accuracy of Xen timers (git-fixes).
- KVM: x86/xen: inject vCPU upcall vector when local APIC is enabled (git-fixes).
- KVM: x86/xen: remove WARN_ON_ONCE() with false positives in evtchn delivery (git-fixes).
- leds: pwm: Disable PWM when going to suspend (git-fixes).
- libnvdimm: Fix ACPI_NFIT in BLK_DEV_PMEM help (jsc#PED-5853).
- libperf evlist: Avoid out-of-bounds access (git-fixes).
- libsubcmd: Fix parse-options memory leak (git-fixes).
- lib/test_hmm.c: handle src_pfns and dst_pfns allocation failure (git-fixes).
- livepatch: Fix missing newline character in klp_resolve_symbols() (bsc#1223539).
- locks: fix KASAN: use-after-free in trace_event_raw_event_filelock_lock (git-fixes)
- lsm: fix the logic in security_inode_getsecctx() (git-fixes).
- mac802154: fix llsec key resources release in mac802154_llsec_key_del (git-fixes).
- maple_tree: fix mas_empty_area_rev() null pointer dereference (git-fixes).
- md: add a new helper rdev_has_badblock() (jsc#PED-7542).
- md: add a new helper reshape_interrupted() (jsc#PED-7542).
- md: changed the switch of RAID_VERSION to if (jsc#PED-7542).
- md: check mddev->pers before calling md_set_readonly() (jsc#PED-7542).
- md: clean up invalid BUG_ON in md_ioctl (jsc#PED-7542).
- md: clean up openers check in do_md_stop() and md_set_readonly() (jsc#PED-7542).
- md/dm-raid: do not call md_reap_sync_thread() directly (jsc#PED-7542).
- md: Do not clear MD_CLOSING when the raid is about to stop (jsc#PED-7542).
- md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (jsc#PED-7542).
- md: export helper md_is_rdwr() (jsc#PED-7542).
- md: export helpers to stop sync_thread (jsc#PED-7542).
- md: factor out a helper to sync mddev (jsc#PED-7542).
- md: fix kmemleak of rdev->serial (jsc#PED-7542).
- md: get rdev->mddev with READ_ONCE() (jsc#PED-7542).
- md: merge the check of capabilities into md_ioctl_valid() (jsc#PED-7542).
- md: preserve KABI in struct md_personality (jsc#PED-7542).
- md/raid1-10: add a helper raid1_check_read_range() (jsc#PED-7542).
- md/raid1-10: factor out a new helper raid1_should_read_first() (jsc#PED-7542).
- md/raid1: factor out choose_bb_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out choose_slow_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out helpers to add rdev to conf (jsc#PED-7542).
- md/raid1: factor out helpers to choose the best rdev from read_balance() (jsc#PED-7542).
- md/raid1: factor out read_first_rdev() from read_balance() (jsc#PED-7542).
- md/raid1: factor out the code to manage sequential IO (jsc#PED-7542).
- md/raid1: fix choose next idle in read_balance() (jsc#PED-7542).
- md/raid1: record nonrot rdevs while adding/removing rdevs to conf (jsc#PED-7542).
- md: remove redundant check of 'mddev->sync_thread' (jsc#PED-7542).
- md: remove redundant md_wakeup_thread() (jsc#PED-7542).
- md: return directly before setting did_set_md_closing (jsc#PED-7542).
- md: sync blockdev before stopping raid or setting readonly (jsc#PED-7542).
- md: use RCU lock to protect traversal in md_spares_need_change() (jsc#PED-7542).
- media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries (git-fixes).
- media: cadence: csi2rx: use match fwnode for media link (git-fixes).
- media: cec: core: remove length check of Timer Status (stable-fixes).
- media: dt-bindings: ovti,ov2680: Fix the power supply names (git-fixes).
- media: flexcop-usb: fix sanity check of bNumEndpoints (git-fixes).
- media: i2c: et8ek8: Do not strip remove function when driver is builtin (git-fixes).
- media: ipu3-cio2: Request IRQ earlier (git-fixes).
- media: mc: Fix flags handling when creating pad links (stable-fixes).
- media: mc: Fix graph walk in media_pipeline_start (git-fixes).
- media: mc: mark the media devnode as registered from the, start (git-fixes).
- media: mc: Rename pad variable to clarify intent (stable-fixes).
- media: ngene: Add dvb_ca_en50221_init return value check (git-fixes).
- media: rcar-vin: work around -Wenum-compare-conditional warning (git-fixes).
- media: rkisp1: Fix IRQ handling due to shared interrupts (stable-fixes).
- media: sta2x11: fix irq handler cast (stable-fixes).
- media: stk1160: fix bounds checking in stk1160_copy_video() (git-fixes).
- media: sunxi: a83-mips-csi2: also select GENERIC_PHY (git-fixes).
- media: uvcvideo: Add quirk for Logitech Rally Bar (git-fixes).
- media: v4l2-subdev: Fix stream handling for crop API (git-fixes).
- media: v4l: Do not turn on privacy LED if streamon fails (git-fixes).
- mei: me: add arrow lake point H DID (stable-fixes).
- mei: me: add arrow lake point S DID (stable-fixes).
- mei: me: add lunar lake point M DID (stable-fixes).
- mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
- mlxbf_gige: call request_irq() after NAPI initialized (git-fixes).
- mlxbf_gige: stop interface during shutdown (git-fixes).
- mlxbf_gige: stop PHY during open() error paths (git-fixes).
- mlxsw: Use refcount_t for reference counting (git-fixes).
- mmc: core: Add HS400 tuning in HS400es initialization (stable-fixes).
- mmc: core: Avoid negative index with array access (git-fixes).
- mmc: core: Initialize mmc_blk_ioc_data (git-fixes).
- mmc: davinci: Do not strip remove function when driver is builtin (git-fixes).
- mmc: omap: fix broken slot switch lookup (git-fixes).
- mmc: omap: fix deferred probe (git-fixes).
- mmc: omap: restore original power up/down steps (git-fixes).
- mmc: sdhci_am654: Add ITAPDLYSEL in sdhci_j721e_4bit_set_clock (git-fixes).
- mmc: sdhci_am654: Add OTAP/ITAP delay enable (git-fixes).
- mmc: sdhci_am654: Add tuning algorithm for delay chain (git-fixes).
- mmc: sdhci_am654: Fix ITAPDLY for HS400 timing (git-fixes).
- mmc: sdhci_am654: Write ITAPDLY for DDR52 timing (git-fixes).
- mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
- mmc: sdhci-omap: re-tuning is needed after a pm transition to support emmc HS200 mode (git-fixes).
- mm_init kABI workaround (git-fixes).
- mm: memcg: do not periodically flush stats when memcg is disabled (bsc#1222525).
- mm: memcg: use larger batches for proactive reclaim (bsc#1222522).
- mm,page_owner: check for null stack_record before bumping its refcount (bsc#1222366).
- mm,page_owner: Defer enablement of static branch (bsc#1222366).
- mm,page_owner: drop unnecessary check (bsc#1222366).
- mm,page_owner: Fix accounting of pages when migrating (bsc#1222366).
- mm,page_owner: Fix printing of stack records (bsc#1222366).
- mm,page_owner: fix recursion (bsc#1222366).
- mm,page_owner: Fix refcount imbalance (bsc#1222366).
- mm: page_owner: fix wrong information in dump_page_owner (git-fixes).
- mm,page_owner: Update metadata for tail pages (bsc#1222366).
- mm/slab: make __free(kfree) accept error pointers (git-fixes).
- modpost: Add '.ltext' and '.ltext.*' to TEXT_SECTIONS (stable-fixes).
- mptcp: annotate data-races around msk->rmem_fwd_alloc (git-fixes).
- mptcp: fix bogus receive window shrinkage with multiple subflows (git-fixes).
- mptcp: move __mptcp_error_report in protocol.c (git-fixes).
- mptcp: process pending subflow error on close (git-fixes).
- mptcp: Remove unnecessary test for __mptcp_init_sock() (git-fixes).
- mtd: core: Report error if first mtd_otp_size() call fails in mtd_otp_nvmem_add() (git-fixes).
- mtd: diskonchip: work around ubsan link failure (stable-fixes).
- mtd: rawnand: hynix: fixed typo (git-fixes).
- mtd: spinand: Add support for 5-byte IDs (stable-fixes).
- net: add netdev_lockdep_set_classes() to virtual drivers (git-fixes).
- net: annotate data-races around sk->sk_bind_phc (git-fixes).
- net: annotate data-races around sk->sk_forward_alloc (git-fixes).
- net: annotate data-races around sk->sk_lingertime (git-fixes).
- net: annotate data-races around sk->sk_tsflags (git-fixes).
- net: bonding: remove kernel-doc comment marker (git-fixes).
- net: cfg802154: fix kernel-doc notation warnings (git-fixes).
- net: dsa: microchip: fix register write order in ksz8_ind_write8() (git-fixes).
- net: dsa: mt7530: fix handling of all link-local frames (git-fixes).
- net: dsa: mt7530: fix link-local frames that ingress vlan filtering ports (git-fixes).
- net: dsa: mt7530: prevent possible incorrect XTAL frequency selection (git-fixes).
- net: dsa: mt7530: trap link-local frames regardless of ST Port State (git-fixes).
- net: dsa: sja1105: Fix parameters order in sja1110_pcs_mdio_write_c45() (git-fixes).
- net: ena: Fix incorrect descriptor free behavior (git-fixes).
- net: ena: Fix potential sign extension issue (git-fixes).
- net: ena: Move XDP code to its new files (git-fixes).
- net: ena: Pass ena_adapter instead of net_device to ena_xmit_common() (git-fixes).
- net: ena: Remove ena_select_queue (git-fixes).
- net: ena: Set tx_info->xdpf value to NULL (git-fixes).
- net: ena: Use tx_ring instead of xdp_ring for XDP channel TX (git-fixes).
- net: ena: Wrong missing IO completions check order (git-fixes).
- net: ethernet: mtk_eth_soc: fix PPE hanging issue (git-fixes).
- net: ethernet: ti: cpsw: enable mac_managed_pm to fix mdio (git-fixes).
- net: fec: Set mac_managed_pm during probe (git-fixes).
- netfilter: nf_tables: disable toggling dormant table state more than once (git-fixes).
- netfilter: nf_tables: uapi: Describe NFTA_RULE_CHAIN_ID (git-fixes).
- netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-fixes).
- netfilter: nft_set_rbtree: use read spinlock to avoid datapath contention (git-fixes).
- net: hns3: fix index limit to support all queue stats (git-fixes).
- net: hns3: fix kernel crash when 1588 is received on HIP08 devices (git-fixes).
- net: hns3: fix kernel crash when devlink reload during pf initialization (git-fixes).
- net: hns3: fix port duplex configure error in IMP reset (git-fixes).
- net: hns3: fix wrong judgment condition issue (git-fixes).
- net: hns3: mark unexcuted loopback test result as UNEXECUTED (git-fixes).
- net: hns3: tracing: fix hclgevf trace event strings (git-fixes).
- net: ice: Fix potential NULL pointer dereference in ice_bridge_setlink() (git-fixes).
- net: ks8851: Handle softirqs at the end of IRQ thread to fix hang (git-fixes).
- net: ks8851: Inline ks8851_rx_skb() (git-fixes).
- net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs (git-fixes).
- net: lan743x: Add set RFE read fifo threshold for PCI1x1x chips (git-fixes).
- net: libwx: fix memory leak on free page (git-fixes).
- net: llc: fix kernel-doc notation warnings (git-fixes).
- net: ll_temac: platform_get_resource replaced by wrong function (git-fixes).
- net: mana: Fix Rx DMA datasize and skb_over_panic (git-fixes).
- net: mediatek: mtk_eth_soc: clear MAC_MCR_FORCE_LINK only when MAC is up (git-fixes).
- net/mlx5: Correctly compare pkt reformat ids (git-fixes).
- net/mlx5e: Change the warning when ignore_flow_level is not supported (git-fixes).
- net/mlx5e: Do not produce metadata freelist entries in Tx port ts WQE xmit (git-fixes).
- net/mlx5e: Fix MACsec state loss upon state update in offload path (git-fixes).
- net/mlx5e: Fix mlx5e_priv_init() cleanup flow (git-fixes).
- net/mlx5e: HTB, Fix inconsistencies with QoS SQs number (git-fixes).
- net/mlx5e: RSS, Block changing channels number when RXFH is configured (git-fixes).
- net/mlx5e: RSS, Block XOR hash with over 128 channels (git-fixes).
- net/mlx5: E-switch, Change flow rule destination checking (git-fixes).
- net/mlx5: E-switch, store eswitch pointer before registering devlink_param (git-fixes).
- net/mlx5e: Switch to using _bh variant of of spinlock API in port timestamping NAPI poll context (git-fixes).
- net/mlx5e: Use a memory barrier to enforce PTP WQ xmit submission tracking occurs after populating the metadata_map (git-fixes).
- net/mlx5: Fix fw reporter diagnose output (git-fixes).
- net/mlx5: Fix peer devlink set for SF representor devlink port (git-fixes).
- net/mlx5: Lag, restore buckets number to default after hash LAG deactivation (git-fixes).
- net/mlx5: offset comp irq index in name by one (git-fixes).
- net/mlx5: Properly link new fs rules into the tree (git-fixes).
- net/mlx5: Register devlink first under devlink lock (git-fixes).
- net/mlx5: Restore mistakenly dropped parts in register devlink flow (git-fixes).
- net/mlx5: SF, Stop waiting for FW as teardown was called (git-fixes).
- net: nfc: remove inappropriate attrs check (stable-fixes).
- net: NSH: fix kernel-doc notation warning (git-fixes).
- net: pcs: xpcs: Return EINVAL in the internal methods (git-fixes).
- net: phy: fix phy_read_poll_timeout argument type in genphy_loopback (git-fixes).
- net: phy: micrel: Fix potential null pointer dereference (git-fixes).
- net: phy: micrel: lan8814: Fix when enabling/disabling 1-step timestamping (git-fixes).
- net: phy: micrel: set soft_reset callback to genphy_soft_reset for KSZ8061 (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (git-fixes).
- net: phy: phy_device: Prevent nullptr exceptions on ISR (stable-fixes).
- net: ravb: Always process TX descriptor ring (git-fixes).
- net: ravb: Let IP-specific receive function to interrogate descriptors (git-fixes).
- net/smc: bugfix for smcr v2 server connect success statistic (git-fixes).
- net/smc: fix documentation of buffer sizes (git-fixes).
- net/smc: use smc_lgr_list.lock to protect smc_lgr_list.list iterate in smcr_port_add (git-fixes).
- net: smsc95xx: add support for SYS TEC USB-SPEmodule1 (git-fixes).
- net: sparx5: Fix use after free inside sparx5_del_mact_entry (git-fixes).
- net: sparx5: fix wrong config being used when reconfiguring PCS (git-fixes).
- net: sparx5: flower: fix fragment flags handling (git-fixes).
- net: stmmac: dwmac-starfive: Add support for JH7100 SoC (git-fixes).
- net: stmmac: Fix incorrect dereference in interrupt handlers (git-fixes).
- net: stmmac: fix rx queue priority assignment (git-fixes).
- net: sunrpc: Fix an off by one in rpc_sockaddr2uaddr() (git-fixes).
- net: tcp: fix unexcepted socket die when snd_wnd is 0 (git-fixes).
- net: tls: fix returned read length with async decrypt (bsc#1221858).
- net: tls: fix use-after-free with partial reads and async (bsc#1221858).
- net: tls, fix WARNIING in __sk_msg_free (bsc#1221858).
- net: usb: ax88179_178a: avoid the interface always configured as random address (git-fixes).
- net: usb: ax88179_178a: avoid writing the mac address before first reading (git-fixes).
- net: usb: ax88179_178a: fix link status when link is set to down/up (git-fixes).
- net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
- net:usb:qmi_wwan: support Rolling modules (stable-fixes).
- net: usb: smsc95xx: stop lying about skb->truesize (git-fixes).
- net: usb: sr9700: stop lying about skb->truesize (git-fixes).
- net: Use sockaddr_storage for getsockopt(SO_PEERNAME) (git-fixes).
- net: veth: do not manipulate GRO when using XDP (git-fixes).
- net: wwan: t7xx: Split 64bit accesses to fix alignment issues (git-fixes).
- net/x25: fix incorrect parameter validation in the x25_getsockopt() function (git-fixes).
- nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git-fixes).
- nfc: nci: Fix kcov check in nci_rx_work() (git-fixes).
- nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes).
- nfc: nci: Fix uninit-value in nci_rx_work (git-fixes).
- nf_conntrack: fix -Wunused-const-variable= (git-fixes).
- NFC: trf7970a: disable all regulators on removal (git-fixes).
- nfp: flower: handle acti_netdevs allocation failure (git-fixes).
- NFSD: change LISTXATTRS cookie encoding to big-endian (git-fixes).
- NFSD: Convert the callback workqueue to use delayed_work (git-fixes).
- nfsd: do not call locks_release_private() twice concurrently (git-fixes).
- nfsd: Fix a regression in nfsd_setattr() (git-fixes).
- NFSD: fix LISTXATTRS returning a short list with eof=TRUE (git-fixes).
- NFSD: fix LISTXATTRS returning more bytes than maxcount (git-fixes).
- NFSD: fix nfsd4_listxattr_validate_cookie (git-fixes).
- NFSD: Fix nfsd_clid_class use of __string_len() macro (git-fixes).
- NFSD: Reschedule CB operations when backchannel rpc_clnt is shut down (git-fixes).
- NFSD: Reset cb_seq_status after NFS4ERR_DELAY (git-fixes).
- NFSD: Retransmit callbacks after client reconnects (git-fixes).
- nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380 bsc#1217408).
- NFS: Fix an off by one in root_nfs_cat() (git-fixes).
- NFS: Fix nfs_netfs_issue_read() xarray locking for writeback interrupt (git-fixes).
- nfs: fix panic when nfs4_ff_layout_prepare_ds() fails (git-fixes).
- NFS: Read unlock folio on nfs_page_create_from_folio() error (git-fixes).
- NFSv4.1/pnfs: fix NFS with TLS in pnfs (git-fixes).
- NFSv4.2: fix listxattr maximum XDR buffer size (git-fixes).
- NFSv4.2: fix nfs4_listxattr kernel BUG at mm/usercopy.c:102 (git-fixes).
- nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
- nilfs2: fix out-of-range warning (git-fixes).
- nilfs2: fix potential bug in end_buffer_async_write (git-fixes).
- nilfs2: fix unexpected freezing of nilfs_segctor_sync() (git-fixes).
- nilfs2: fix use-after-free of timer for log writer thread (git-fixes).
- nilfs2: make superblock data array index computation sparse friendly (git-fixes).
- nouveau/dmem: handle kcalloc() allocation failure (git-fixes).
- nouveau: fix devinit paths to only handle display on GSP (git-fixes).
- nouveau: fix function cast warning (git-fixes).
- nouveau: fix instmem race condition around ptr stores (git-fixes).
- nouveau/gsp: do not check devinit disable on GSP (git-fixes).
- nouveau: lock the client object tree (stable-fixes).
- nouveau: reset the bo resource bus info after an eviction (git-fixes).
- nouveau/uvmm: fix addr/range calcs for remap operations (git-fixes).
- nvdimm: make nvdimm_bus_type const (jsc#PED-5853).
- nvdimm/pmem: fix leak on dax_add_host() failure (jsc#PED-5853).
- nvdimm/pmem: Treat alloc_dax() -EOPNOTSUPP failure as non-fatal (jsc#PED-5853).
- nvme-fc: do not wait in vain when unloading module (git-fixes).
- nvme: fix multipath batched completion accounting (git-fixes).
- nvme: fix reconnection fail due to reserved tag allocation (git-fixes).
- nvme: fix warn output about shared namespaces without CONFIG_NVME_MULTIPATH (git-fixes).
- nvme-multipath: fix io accounting on failover (git-fixes).
- nvme-pci: Add quirk for broken MSIs (git-fixes).
- nvme-tcp: strict pdu pacing to avoid send stalls on TLS (bsc#1221858).
- nvmet-fc: abort command when there is no binding (git-fixes).
- nvmet-fc: avoid deadlock on delete association path (git-fixes).
- nvmet-fc: defer cleanup using RCU properly (git-fixes).
- nvmet-fc: hold reference on hostport match (git-fixes).
- nvmet-fcloop: swap the list_add_tail arguments (git-fixes).
- nvmet-fc: release reference on target port (git-fixes).
- nvmet-fc: take ref count on tgtport before delete assoc (git-fixes).
- nvmet: fix ns enable/disable possible hang (git-fixes).
- nvmet-tcp: fix nvme tcp ida memory leak (git-fixes).
- octeontx2-af: Add array index check (git-fixes).
- octeontx2-af: Fix devlink params (git-fixes).
- octeontx2-af: Fix issue with loading coalesced KPU profiles (git-fixes).
- octeontx2-af: Fix NIX SQ mode and BP config (git-fixes).
- Octeontx2-af: fix pause frame configuration in GMP mode (git-fixes).
- octeontx2-af: Use matching wake_up API variant in CGX command interface (git-fixes).
- octeontx2-af: Use separate handlers for interrupts (git-fixes).
- octeontx2: Detect the mbox up or down message via register (git-fixes).
- octeontx2-pf: check negative error code in otx2_open() (git-fixes).
- octeontx2-pf: fix FLOW_DIS_IS_FRAGMENT implementation (git-fixes).
- octeontx2-pf: Fix transmit scheduler resource leak (git-fixes).
- octeontx2-pf: Send UP messages to VF only when VF is up (git-fixes).
- octeontx2-pf: Use default max_active works instead of one (git-fixes).
- octeontx2-pf: Wait till detach_resources msg is complete (git-fixes).
- of: dynamic: Synchronize of_changeset_destroy() with the devlink removals (git-fixes).
- of: module: add buffer overflow check in of_modalias() (git-fixes).
- of: module: prevent NULL pointer dereference in vsnprintf() (stable-fixes).
- of: property: Add in-ports/out-ports support to of_graph_get_port_parent() (stable-fixes).
- of: property: fix typo in io-channels (git-fixes).
- of: property: fw_devlink: Fix stupid bug in remote-endpoint parsing (git-fixes).
- of: property: Improve finding the consumer of a remote-endpoint property (git-fixes).
- of: property: Improve finding the supplier of a remote-endpoint property (git-fixes).
- of: unittest: Fix compile in the non-dynamic case (git-fixes).
- overflow: Allow non-type arg to type_max() and type_min() (stable-fixes).
- PCI/AER: Block runtime suspend when handling errors (stable-fixes).
- PCI/ASPM: Use RMW accessors for changing LNKCTL (git-fixes).
- PCI: Delay after FLR of Solidigm P44 Pro NVMe (stable-fixes).
- PCI: Disable D3cold on Asus B1400 PCI-NVMe bridge (stable-fixes).
- PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (stable-fixes).
- PCI/DPC: Use FIELD_GET() (stable-fixes).
- PCI: dwc: ep: Fix DBI access failure for drivers requiring refclk from host (git-fixes).
- PCI/EDR: Align EDR_PORT_DPC_ENABLE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI/EDR: Align EDR_PORT_LOCATE_DSM with PCI Firmware r3.3 (git-fixes).
- PCI: Execute quirk_enable_clear_retrain_link() earlier (stable-fixes).
- PCI: Fix typos in docs and comments (stable-fixes).
- PCI: hv: Fix ring buffer size calculation (git-fixes).
- PCI: Make link retraining use RMW accessors for changing LNKCTL (git-fixes).
- PCI/PM: Drain runtime-idle callbacks before driver removal (stable-fixes).
- PCI: qcom: Add support for sa8775p SoC (git-fixes).
- PCI: qcom: Disable ASPM L0s for sc8280xp, sa8540p and sa8295p (git-fixes).
- PCI: rockchip-ep: Remove wrong mask on subsys_vendor_id (git-fixes).
- PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369 ltc#205888).
- PCI: Simplify pcie_capability_clear_and_set_word() to ..._clear_word() (stable-fixes).
- PCI: switchtec: Add support for PCIe Gen5 devices (stable-fixes).
- PCI: switchtec: Use normal comment style (stable-fixes).
- PCI: tegra194: Fix probe path for Endpoint mode (git-fixes).
- peci: linux/peci.h: fix Excess kernel-doc description warning (git-fixes).
- perf annotate: Fix annotation_calc_lines() to pass correct address to get_srcline() (git-fixes).
- perf annotate: Get rid of duplicate --group option item (git-fixes).
- perf auxtrace: Fix multiple use of --itrace option (git-fixes).
- perf bench internals inject-build-id: Fix trap divide when collecting just one DSO (git-fixes).
- perf bench uprobe: Remove lib64 from libc.so.6 binary path (git-fixes).
- perf bpf: Clean up the generated/copied vmlinux.h (git-fixes).
- perf daemon: Fix file leak in daemon_session__control (git-fixes).
- perf docs: Document bpf event modifier (git-fixes).
- perf evsel: Fix duplicate initialization of data->id in evsel__parse_sample() (git-fixes).
- perf expr: Fix 'has_event' function for metric style events (git-fixes).
- perf intel-pt: Fix unassigned instruction op (discovered by MemorySanitizer) (git-fixes).
- perf jevents: Drop or simplify small integer values (git-fixes).
- perf list: fix short description for some cache events (git-fixes).
- perf lock contention: Add a missing NULL check (git-fixes).
- perf metric: Do not remove scale from counts (git-fixes).
- perf pmu: Count sys and cpuid JSON events separately (git fixes).
- perf pmu: Fix a potential memory leak in perf_pmu__lookup() (git-fixes).
- perf pmu: Treat the msr pmu as software (git-fixes).
- perf print-events: make is_event_supported() more robust (git-fixes).
- perf probe: Add missing libgen.h header needed for using basename() (git-fixes).
- perf record: Check conflict between '--timestamp-filename' option and pipe mode before recording (git-fixes).
- perf record: Fix debug message placement for test consumption (git-fixes).
- perf record: Fix possible incorrect free in record__switch_output() (git-fixes).
- perf report: Avoid SEGV in report__setup_sample_type() (git-fixes).
- perf sched timehist: Fix -g/--call-graph option failure (git-fixes).
- perf script: Show also errors for --insn-trace option (git-fixes).
- perf srcline: Add missed addr2line closes (git-fixes).
- perf stat: Avoid metric-only segv (git-fixes).
- perf stat: Do not display metric header for non-leader uncore events (git-fixes).
- perf stat: Do not fail on metrics on s390 z/VM systems (git-fixes).
- perf symbols: Fix ownership of string in dso__load_vmlinux() (git-fixes).
- perf tests: Apply attributes to all events in object code reading test (git-fixes).
- perf test shell arm_coresight: Increase buffer size for Coresight basic tests (git-fixes).
- perf tests: Make data symbol test wait for perf to start (bsc#1220045).
- perf tests: Make 'test data symbol' more robust on Neoverse N1 (git-fixes).
- perf tests: Skip data symbol test if buf1 symbol is missing (bsc#1220045).
- perf thread: Fixes to thread__new() related to initializing comm (git-fixes).
- perf thread_map: Free strlist on normal path in thread_map__new_by_tid_str() (git-fixes).
- perf top: Uniform the event name for the hybrid machine (git-fixes).
- perf top: Use evsel's cpus to replace user_requested_cpus (git-fixes).
- perf ui browser: Avoid SEGV on title (git fixes).
- perf ui browser: Do not save pointer to stack memory (git-fixes).
- perf vendor events amd: Add Zen 4 memory controller events (git-fixes).
- perf vendor events amd: Fix Zen 4 cache latency events (git-fixes).
- perf/x86/amd/core: Avoid register reset when CPU is dead (git-fixes).
- perf/x86/amd/lbr: Discard erroneous branch entries (git-fixes).
- perf/x86/amd/lbr: Use freeze based on availability (git-fixes).
- perf/x86: Fix out of range data (git-fixes).
- perf/x86/intel/ds: Do not clear ->pebs_data_cfg for the last PEBS event (git-fixes).
- perf/x86/intel: Expose existence of callback support to KVM (git-fixes).
- phy: freescale: imx8m-pcie: fix pcie link-up instability (git-fixes).
- phy: marvell: a3700-comphy: Fix hardcoded array size (git-fixes).
- phy: marvell: a3700-comphy: Fix out of bounds read (git-fixes).
- phy: rockchip: naneng-combphy: Fix mux on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix bifurcation on rk3588 (git-fixes).
- phy: rockchip-snps-pcie3: fix clearing PHP_GRF_PCIESEL_CON bits (git-fixes).
- phy: ti: tusb1210: Resolve charger-det crash if charger psy is unregistered (git-fixes).
- pinctrl: armada-37xx: remove an unused variable (git-fixes).
- pinctrl: baytrail: Fix selecting gpio pinctrl state (git-fixes).
- pinctrl: core: delete incorrect free in pinctrl_enable() (git-fixes).
- pinctrl: devicetree: fix refcount leak in pinctrl_dt_to_map() (git-fixes).
- pinctrl: mediatek: paris: Fix PIN_CONFIG_INPUT_SCHMITT_ENABLE readback (git-fixes).
- pinctrl: mediatek: paris: Rework support for PIN_CONFIG_{INPUT,OUTPUT}_ENABLE (git-fixes).
- pinctrl/meson: fix typo in PDM's pin name (git-fixes).
- pinctrl: pinctrl-aspeed-g6: Fix register offset for pinconf of GPIOR-T (git-fixes).
- pinctrl: qcom: pinctrl-sm7150: Fix sdc1 and ufs special pins regs (git-fixes).
- pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs (stable-fixes).
- platform/chrome: cros_ec_uart: properly fix race condition (git-fixes).
- platform/x86/amd/pmc: Extend Framework 13 quirk to more BIOSes (stable-fixes).
- platform/x86/intel-uncore-freq: Do not present root domain on error (git-fixes).
- platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-fixes).
- platform/x86: ISST: Add Granite Rapids-D to HPM CPU list (stable-fixes).
- platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi Vi8 tablet (stable-fixes).
- platform/x86: x86-android-tablets: Fix acer_b1_750_goodix_gpios name (stable-fixes).
- platform/x86: xiaomi-wmi: Fix race condition when reporting key events (git-fixes).
- PM / devfreq: Synchronize devfreq_monitor_[start/stop] (stable-fixes).
- PM: s2idle: Make sure CPUs will wakeup directly on resume (git-fixes).
- Port 'certs: Add ECDSA signature verification self-test'.
- Port 'certs: Move RSA self-test data to separate file'.
- powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645 ltc#205739 bsc#1223191).
- powerpc/crypto/chacha-p10: Fix failure on non Power10 (bsc#1218205).
- powerpc/eeh: Permanently disable the removed device (bsc#1223991 ltc#205740).
- powerpc/hv-gpci: Fix the H_GET_PERF_COUNTER_INFO hcall return value checks (git-fixes).
- powerpc/pseries/lparcfg: drop error message from guest name lookup (bsc#1187716 ltc#193451 git-fixes).
- powerpc/pseries: make max polling consistent for longer H_CALLs (bsc#1215199).
- powerpc/pseries/vio: Do not return ENODEV if node or compatible missing (bsc#1220783).
- powerpc/uaccess: Fix build errors seen with GCC 13/14 (bsc#1194869).
- powerpc/uaccess: Use YZ asm constraint for ld (bsc#1194869).
- power: rt9455: hide unused rt9455_boost_voltage_values (git-fixes).
- power: supply: mt6360_charger: Fix of_match for usb-otg-vbus regulator (git-fixes).
- ppdev: Add an error check in register_device (git-fixes).
- prctl: generalize PR_SET_MDWE support check to be per-arch (bsc#1225610).
- printk: Add this_cpu_in_panic() (bsc#1225607).
- printk: Adjust mapping for 32bit seq macros (bsc#1225607).
- printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1225607).
- printk: Consolidate console deferred printing (bsc#1225607).
- printk: Disable passing console lock owner completely during panic() (bsc#1225607).
- printk: Do not take console lock for console_flush_on_panic() (bsc#1225607).
- printk: For @suppress_panic_printk check for other CPU in panic (bsc#1225607).
- printk: Keep non-panic-CPUs out of console lock (bsc#1225607).
- printk: Let no_printk() use _printk() (bsc#1225618).
- printk: nbcon: Relocate 32bit seq macros (bsc#1225607).
- printk: Reduce console_unblank() usage in unsafe scenarios (bsc#1225607).
- printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic() (bsc#1225607).
- printk: ringbuffer: Clarify special lpos values (bsc#1225607).
- printk: ringbuffer: Cleanup reader terminology (bsc#1225607).
- printk: ringbuffer: Do not skip non-finalized records with prb_next_seq() (bsc#1225607).
- printk: ringbuffer: Skip non-finalized records in panic (bsc#1225607).
- printk: Update @console_may_schedule in console_trylock_spinning() (bsc#1225616).
- printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1225607).
- printk: Wait for all reserved records with pr_flush() (bsc#1225607).
- proc/kcore: do not try to access unaccepted memory (git-fixes).
- pstore: inode: Convert mutex usage to guard(mutex) (stable-fixes).
- pstore: inode: Only d_invalidate() is needed (git-fixes).
- pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
- pwm: img: fix pwm clock lookup (git-fixes).
- qibfs: fix dentry leak (git-fixes)
- r8169: fix issue caused by buggy BIOS on certain boards with RTL8168d (git-fixes).
- r8169: skip DASH fw status checks when DASH is disabled (git-fixes).
- random: handle creditable entropy from atomic process context (git-fixes).
- RAS/AMD/FMPM: Avoid NULL ptr deref in get_saved_records() (jsc#PED-7619).
- RAS/AMD/FMPM: Fix build when debugfs is not enabled (jsc#PED-7619).
- RAS/AMD/FMPM: Safely handle saved records of various sizes (jsc#PED-7619).
- RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
- RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw (git-fixes)
- RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes)
- RDMA/hns: Add max_ah and cq moderation capacities in query_device() (git-fixes)
- RDMA/hns: Fix deadlock on SRQ async events. (git-fixes)
- RDMA/hns: Fix GMV table pagesize (git-fixes)
- RDMA/hns: Fix return value in hns_roce_map_mr_sg (git-fixes)
- RDMA/hns: Fix UAF for cq async event (git-fixes)
- RDMA/hns: Modify the print level of CQE error (git-fixes)
- RDMA/hns: Use complete parentheses in macros (git-fixes)
- RDMA/IPoIB: Fix format truncation compilation errors (git-fixes)
- RDMA/mana_ib: Fix bug in creation of dma regions (git-fixes).
- RDMA/mlx5: Adding remote atomic access flag to updatable flags (git-fixes)
- RDMA/mlx5: Change check for cacheable mkeys (git-fixes)
- RDMA/mlx5: Fix port number for counter query in multi-port configuration (git-fixes)
- RDMA/mlx5: Uncacheable mkey has neither rb_key or cache_ent (git-fixes)
- RDMA/rxe: Allow good work requests to be executed (git-fixes)
- RDMA/rxe: Fix incorrect rxe_put in error path (git-fixes)
- RDMA/rxe: Fix seg fault in rxe_comp_queue_pkt (git-fixes)
- RDMA/rxe: Fix the problem 'mutex_destroy missing' (git-fixes)
- README.BRANCH: Remove copy of branch name
- Reapply 'drm/qxl: simplify qxl_fence_wait' (stable-fixes).
- regmap: Add regmap_read_bypassed() (git-fixes).
- regmap: kunit: Ensure that changed bytes are actually different (stable-fixes).
- regmap: maple: Fix cache corruption in regcache_maple_drop() (git-fixes).
- regmap: maple: Fix uninitialized symbol 'ret' warnings (git-fixes).
- regulator: bd71828: Do not overwrite runtime voltages (git-fixes).
- regulator: change devm_regulator_get_enable_optional() stub to return Ok (git-fixes).
- regulator: change stubbed devm_regulator_get_enable to return Ok (git-fixes).
- regulator: core: fix debugfs creation regression (git-fixes).
- regulator: mt6360: De-capitalize devicetree regulator subnodes (git-fixes).
- regulator: tps65132: Add of_match table (stable-fixes).
- remoteproc: k3-r5: Do not allow core1 to power up before core0 via sysfs (git-fixes).
- remoteproc: k3-r5: Jump to error handling labels in start/stop errors (git-fixes).
- remoteproc: k3-r5: Wait for core0 power-up before powering up core1 (git-fixes).
- remoteproc: mediatek: Make sure IPI buffer fits in L2TCM (git-fixes).
- remoteproc: stm32: Fix incorrect type assignment returned by stm32_rproc_get_loaded_rsc_tablef (git-fixes).
- remoteproc: virtio: Fix wdg cannot recovery remote processor (git-fixes).
- Remove NTFSv3 from configs (bsc#1224429) References: bsc#1224429 comment#3 We only support fuse version of the NTFS-3g driver. Disable NTFSv3 from all configs. This was enabled in d016c04d731 ('Bump to 6.4 kernel (jsc#PED-4593)')
- Revert 'ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default' (stable-fixes).
- Revert 'ASoC: SOF: Intel: hda-dai-ops: only allocate/release streams for first CPU DAI' (stable-fixes).
- Revert 'ASoC: SOF: Intel: hda-dai-ops: reset device count for SoundWire DAIs' (stable-fixes).
- Revert 'cifs: reconnect work should have reference on server struct' (git-fixes, bsc#1225172).
- Revert 'drm/amd/amdgpu: Fix potential ioremap() memory leaks in amdgpu_device_init()' (stable-fixes).
- Revert 'drm/amd/display: Fix sending VSC (+ colorimetry) packets for DP/eDP displays without PSR' (stable-fixes).
- Revert 'drm/amdkfd: fix gfx_target_version for certain 11.0.3 devices' (stable-fixes).
- Revert 'drm/bridge: ti-sn65dsi83: Fix enable error path' (git-fixes).
- Revert 'drm/nouveau/firmware: Fix SG_DEBUG error with nvkm_firmware_ctor()' (stable-fixes).
- Revert 'drm/qxl: simplify qxl_fence_wait' (git-fixes).
- Revert 'iommu/amd: Enable PCI/IMS' (git-fixes).
- Revert 'iommu/vt-d: Enable PCI/IMS' (git-fixes).
- Revert 'net/mlx5: Block entering switchdev mode with ns inconsistency' (git-fixes).
- Revert 'net/mlx5e: Check the number of elements before walk TC rhashtable' (git-fixes).
- Revert 'PCI/MSI: Provide IMS (Interrupt Message Store) support' (git-fixes).
- Revert 'PCI/MSI: Provide pci_ims_alloc/free_irq()' (git-fixes).
- Revert 'PCI/MSI: Provide stubs for IMS functions' (git-fixes).
- Revert 'selinux: introduce an initial SID for early boot processes' (bsc#1208593) It caused a regression on ALP-current branch, kernel-obs-qa build failed.
- Revert 'usb: cdc-wdm: close race between read and workqueue' (git-fixes).
- Revert 'usb: phy: generic: Get the vbus supply' (git-fixes).
- ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
- ring-buffer: Fix a race between readers and resize checks (git-fixes).
- ring-buffer: Fix full_waiters_pending in poll (git-fixes).
- ring-buffer: Fix resetting of shortest_full (git-fixes).
- ring-buffer: Fix waking up ring buffer readers (git-fixes).
- ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
- ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent environment (git-fixes).
- ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-fixes).
- rtc: mt6397: select IRQ_DOMAIN instead of depending on it (git-fixes).
- s390/bpf: Emit a barrier for BPF_FETCH instructions (git-fixes bsc#1224792).
- s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223869).
- s390/cio: fix tracepoint subchannel type field (git-fixes bsc#1224793).
- s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1225133).
- s390/ipl: Fix incorrect initialization of len fields in nvme reipl block (git-fixes bsc#1225136).
- s390/ipl: Fix incorrect initialization of nvme dump block (git-fixes bsc#1225134).
- s390/ism: Properly fix receive message buffer allocation (git-fixes bsc#1223590).
- s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223871).
- s390/mm: Fix storage key clearing for guest huge pages (git-fixes bsc#1223872).
- s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223874).
- s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes bsc#1223870).
- s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223593).
- s390/vtime: fix average steal time calculation (git-fixes bsc#1221783).
- s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes bsc#1223592).
- sched/balancing: Rename newidle_balance() => sched_balance_newidle() (bsc#1222173).
- sched/fair: Check root_domain::overload value before update (bsc#1222173).
- sched/fair: Use helper functions to access root_domain::overload (bsc#1222173).
- sched/psi: Select KERNFS as needed (git-fixes).
- sched/topology: Optimize topology_span_sane() (bsc#1225053).
- scsi: bfa: Fix function pointer type mismatch for hcb_qe->cbfn (git-fixes).
- scsi: core: Consult supported VPD page list prior to fetching page (git-fixes).
- scsi: core: Fix unremoved procfs host directory regression (git-fixes).
- scsi: csiostor: Avoid function pointer casts (git-fixes).
- scsi: hisi_sas: Modify the deadline for ata_wait_after_reset() (git-fixes).
- scsi: libsas: Add a helper sas_get_sas_addr_and_dev_type() (git-fixes).
- scsi: libsas: Fix disk not being scanned in after being removed (git-fixes).
- scsi: lpfc: Add support for 32 byte CDBs (bsc#1225842).
- scsi: lpfc: Change default logging level for unsolicited CT MIB commands (bsc#1225842).
- scsi: lpfc: Change lpfc_hba hba_flag member into a bitmask (bsc#1225842). Refresh: - patches.suse/lpfc-reintroduce-old-irq-probe-logic.patch
- scsi: lpfc: Clear deferred RSCN processing flag when driver is unloading (bsc#1225842).
- scsi: lpfc: Copyright updates for 14.4.0.1 patches (bsc#1221777).
- scsi: lpfc: Copyright updates for 14.4.0.2 patches (bsc#1225842).
- scsi: lpfc: Correct size for cmdwqe/rspwqe for memset() (bsc#1221777).
- scsi: lpfc: Correct size for wqe for memset() (bsc#1221777).
- scsi: lpfc: Define lpfc_dmabuf type for ctx_buf ptr (bsc#1221777).
- scsi: lpfc: Define lpfc_nodelist type for ctx_ndlp ptr (bsc#1221777).
- scsi: lpfc: Define types in a union for generic void *context3 ptr (bsc#1221777).
- scsi: lpfc: Introduce rrq_list_lock to protect active_rrq_list (bsc#1225842).
- scsi: lpfc: Move NPIV's transport unregistration to after resource clean up (bsc#1221777).
- scsi: lpfc: Release hbalock before calling lpfc_worker_wake_up() (bsc#1221777).
- scsi: lpfc: Remove IRQF_ONESHOT flag from threaded IRQ handling (bsc#1221777 bsc#1217959).
- scsi: lpfc: Remove unnecessary log message in queuecommand path (bsc#1221777).
- scsi: lpfc: Replace hbalock with ndlp lock in lpfc_nvme_unregister_port() (bsc#1221777).
- scsi: lpfc: Update logging of protection type for T10 DIF I/O (bsc#1225842).
- scsi: lpfc: Update lpfc_ramp_down_queue_handler() logic (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.1 (bsc#1221777).
- scsi: lpfc: Update lpfc version to 14.4.0.2 (bsc#1225842).
- scsi: lpfc: Use a dedicated lock for ras_fwlog state (bsc#1221777).
- scsi: mpt3sas: Prevent sending diag_reset when the controller is ready (git-fixes).
- scsi: mylex: Fix sysfs buffer lengths (git-fixes).
- scsi: qla2xxx: Change debug message during driver unload (bsc1221816).
- scsi: qla2xxx: Delay I/O Abort on PCI error (bsc1221816).
- scsi: qla2xxx: Fix command flush on cable pull (bsc1221816).
- scsi: qla2xxx: Fix double free of fcport (bsc1221816).
- scsi: qla2xxx: Fix double free of the ha->vp_map pointer (bsc1221816).
- scsi: qla2xxx: Fix N2N stuck connection (bsc1221816).
- scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() (git-fixes).
- scsi: qla2xxx: NVME|FCP prefer flag not being honored (bsc1221816).
- scsi: qla2xxx: Prevent command send on chip reset (bsc1221816).
- scsi: qla2xxx: Split FCE|EFT trace control (bsc1221816).
- scsi: qla2xxx: Update manufacturer detail (bsc1221816).
- scsi: qla2xxx: Update version to 10.02.09.200-k (bsc1221816).
- scsi: sd: Unregister device if device_add_disk() failed in sd_probe() (git-fixes).
- scsi: sg: Avoid race in error handling & drop bogus warn (git-fixes).
- scsi: sg: Avoid sg device teardown race (git-fixes).
- scsi: smartpqi: Fix disable_managed_interrupts (git-fixes).
- sctp: annotate data-races around sk->sk_wmem_queued (git-fixes).
- sdhci-of-dwcmshc: disable PM runtime in dwcmshc_remove() (git-fixes).
- selftests/binderfs: use the Makefile's rules, not Make's implicit rules (git-fixes).
- selftests/bpf: add edge case backtracking logic test (bsc#1225756).
- selftests/bpf: precision tracking test for BPF_NEG and BPF_END (bsc#1225756).
- selftests: default to host arch for LLVM builds (git-fixes).
- selftests: forwarding: Fix ping failure due to short timeout (git-fixes).
- selftests/ftrace: Fix event filter target_func selection (stable-fixes).
- selftests/ftrace: Limit length in subsystem-enable tests (git-fixes).
- selftests/kcmp: remove unused open mode (git-fixes).
- selftests: kselftest: Fix build failure with NOLIBC (git-fixes).
- selftests: kselftest: Mark functions that unconditionally call exit() as __noreturn (git-fixes).
- selftests: net: bridge: increase IGMP/MLD exclude timeout membership interval (git-fixes).
- selftests/net: convert test_bridge_neigh_suppress.sh to run it in unique namespace (stable-fixes).
- selftests: net: kill smcrouted in the cleanup logic in amt.sh (git-fixes).
- selftests: net: move amt to socat for better compatibility (git-fixes).
- selftests/pidfd: Fix config for pidfd_setns_test (git-fixes).
- selftests/powerpc/dexcr: Add -no-pie to hashchk tests (git-fixes).
- selftests/powerpc/papr-vpd: Fix missing variable initialization (jsc#PED-4486 git-fixes).
- selftests/resctrl: fix clang build failure: use LOCAL_HDRS (git-fixes).
- selftests: test_bridge_neigh_suppress.sh: Fix failures due to duplicate MAC (git-fixes).
- selftests: timers: Convert posix_timers test to generate KTAP output (stable-fixes).
- selftests: timers: Fix abs() warning in posix_timers test (git-fixes).
- selftests: timers: Fix posix_timers ksft_print_msg() warning (git-fixes).
- selftests: timers: Fix valid-adjtimex signed left-shift undefined behavior (stable-fixes).
- selftests/timers/posix_timers: Reimplement check_timer_distribution() (git-fixes).
- selftests: vxlan_mdb: Fix failures with old libnet (git-fixes).
- selinux: avoid dereference of garbage after mount failure (git-fixes).
- selinux: introduce an initial SID for early boot processes (bsc#1208593).
- serial: 8250_bcm7271: use default_mux_rate if possible (git-fixes).
- serial: 8250_dw: Revert: Do not reclock if already at correct rate (git-fixes).
- serial: 8250_exar: Do not remove GPIO device on suspend (git-fixes).
- serial: 8520_mtk: Set RTS on shutdown for Rx in-band wakeup (git-fixes).
- serial: core: Fix atomicity violation in uart_tiocmget (git-fixes).
- serial: core: only stop transmit when HW fifo is empty (git-fixes).
- serial: kgdboc: Fix NMI-safety problems from keyboard reset code (stable-fixes).
- serial: Lock console when calling into driver before registration (git-fixes).
- serial: max3100: Fix bitwise types (git-fixes).
- serial: max3100: Lock port->lock when calling uart_handle_cts_change() (git-fixes).
- serial: max310x: fix NULL pointer dereference in I2C instantiation (git-fixes).
- serial: max310x: fix syntax error in IRQ error message (git-fixes).
- serial: mxs-auart: add spinlock around changing cts state (git-fixes).
- serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
- serial: sc16is7xx: add proper sched.h include for sched_set_fifo() (git-fixes).
- serial: sc16is7xx: fix bug in sc16is7xx_set_baud() when using prescaler (git-fixes).
- serial: sh-sci: protect invalidating RXDMA on shutdown (git-fixes).
- serial: stm32: Reset .throttled state in .startup() (git-fixes).
- series.conf: cleanup Fix subsection header to silence series_insert error.
- SEV: disable SEV-ES DebugSwap by default (git-fixes).
- slimbus: core: Remove usage of the deprecated ida_simple_xx() API (git-fixes).
- slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
- smb3: show beginning time for per share stats (bsc#1225172).
- smb: client: ensure to try all targets when finding nested links (bsc#1225172).
- smb: client: fix mount when dns_resolver key is not available (git-fixes, bsc#1225172).
- smb: client: fix parsing of SMB3.1.1 POSIX create context (git-fixes, bsc#1225172).
- smb: client: get rid of dfs code dep in namespace.c (bsc#1225172).
- smb: client: get rid of dfs naming in automount code (bsc#1225172).
- smb: client: introduce DFS_CACHE_TGT_LIST() (bsc#1225172).
- smb: client: reduce stack usage in cifs_try_adding_channels() (bsc#1225172).
- smb: client: remove extra @chan_count check in __cifs_put_smb_ses() (bsc#1225172).
- smb: client: rename cifs_dfs_ref.c to namespace.c (bsc#1225172).
- soc: fsl: qbman: Always disable interrupts when taking cgr_lock (git-fixes).
- soc: fsl: qbman: Use raw spinlock for cgr_lock (git-fixes).
- sock_diag: annotate data-races around sock_diag_handlers[family] (git-fixes).
- soc: mediatek: cmdq: Fix typo of CMDQ_JUMP_RELATIVE (git-fixes).
- soc: microchip: Fix POLARFIRE_SOC_SYS_CTRL input prompt (stable-fixes).
- soc: qcom: pmic_glink: do not traverse clients list without a lock (git-fixes).
- soc: qcom: pmic_glink: Make client-lock non-sleeping (git-fixes).
- soc: qcom: pmic_glink: notify clients about the current state (git-fixes).
- soc: qcom: rpmh-rsc: Enhance check for VRM in-flight request (git-fixes).
- soundwire: amd: fix for wake interrupt handling for clockstop mode (git-fixes).
- speakup: Avoid crash on very long word (git-fixes).
- speakup: Fix 8bit characters from direct synth (git-fixes).
- speakup: Fix sizeof() vs ARRAY_SIZE() bug (git-fixes).
- spi: Do not mark message DMA mapped when no transfer in it is (git-fixes).
- spi: fix null pointer dereference within spi_sync (git-fixes).
- spi: intel-pci: Add support for Lunar Lake-M SPI serial flash (stable-fixes).
- spi: lm70llp: fix links in doc and comments (git-fixes).
- spi: lpspi: Avoid potential use-after-free in probe() (git-fixes).
- spi: mchp-pci1xxx: Fix a possible null pointer dereference in pci1xxx_spi_probe (git-fixes).
- spi: microchip-core-qspi: fix setting spi bus clock rate (git-fixes).
- spi: spi-fsl-lpspi: remove redundant spi_controller_put call (git-fixes).
- spi: spi-mt65xx: Fix NULL pointer access in interrupt handler (git-fixes).
- spi: stm32: Do not warn about spurious interrupts (git-fixes).
- spi: xilinx: Fix kernel documentation in the xilinx_spi.h (git-fixes).
- spmi: hisi-spmi-controller: Do not override device identifier (git-fixes).
- staging: vc04_services: changen strncpy() to strscpy_pad() (stable-fixes).
- staging: vc04_services: fix information leak in create_component() (git-fixes).
- staging: vt6655: Remove unused declaration of RFbAL7230SelectChannelPostProcess() (git-fixes).
- stmmac: Clear variable when destroying workqueue (git-fixes).
- SUNRPC: fix a memleak in gss_import_v2_context (git-fixes).
- SUNRPC: fix some memleaks in gssx_dec_option_array (git-fixes).
- supported.conf: support tcp_dctcp module (jsc#PED-8111)
- swiotlb: extend buffer pre-padding to alloc_align_mask if necessary (bsc#1224331)
- swiotlb: Fix alignment checks when both allocation and DMA masks are (bsc#1224331)
- swiotlb: Fix double-allocation of slots due to broken alignment (bsc#1224331)
- swiotlb: Honour dma_alloc_coherent() alignment in swiotlb_alloc() (bsc#1224331)
- swiotlb: use the calculated number of areas (git-fixes).
- Temporarily drop KVM patch that caused a regression (bsc#1226158).
- thermal: devfreq_cooling: Fix perf state when calculate dfc res_util (git-fixes).
- thermal/drivers/qcom/lmh: Check for SCM availability at probe (git-fixes).
- thermal/drivers/tsens: Fix null pointer dereference (git-fixes).
- thermal/of: Assume polling-delay(-passive) 0 when absent (stable-fixes).
- thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
- thunderbolt: Do not create DisplayPort tunnels on adapters of the same router (git-fixes).
- thunderbolt: Fix wake configurations after device unplug (stable-fixes).
- thunderbolt: Introduce tb_path_deactivate_hop() (stable-fixes).
- thunderbolt: Introduce tb_port_reset() (stable-fixes).
- thunderbolt: Make tb_switch_reset() support Thunderbolt 2, 3 and USB4 routers (stable-fixes).
- thunderbolt: Reset only non-USB4 host routers in resume (git-fixes).
- tls: break out of main loop when PEEK gets a non-data record (bsc#1221858).
- tls: do not skip over different type records from the rx_list (bsc#1221858).
- tls: fix peeking with sync+async decryption (bsc#1221858).
- tls: stop recv() if initial process_rx_list gave us non-DATA (bsc#1221858).
- tools/arch/x86/intel_sdsi: Fix maximum meter bundle length (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_certificate decoding (git-fixes).
- tools/arch/x86/intel_sdsi: Fix meter_show display (git-fixes).
- tools/latency-collector: Fix -Wformat-security compile warns (git-fixes).
- tools/power turbostat: Expand probe_intel_uncore_frequency() (bsc#1221765).
- tools/power/turbostat: Fix uncore frequency file string (bsc#1221765).
- tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer (git-fixes).
- tracing: Add MODULE_DESCRIPTION() to preemptirq_delay_test (git-fixes).
- tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
- tracing: hide unused ftrace_event_id_fops (git-fixes).
- tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-fixes).
- tracing: Remove precision vsnprintf() check from print event (git-fixes).
- tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
- tracing: Use .flush() call to wake up readers (git-fixes).
- tty: n_gsm: fix missing receive state reset after mode switch (git-fixes).
- tty: n_gsm: fix possible out-of-bounds in gsm0_receive() (git-fixes).
- tty: serial: samsung: fix tx_empty() to return TIOCSER_TEMT (git-fixes).
- tty: vt: fix 20 vs 0x20 typo in EScsiignore (git-fixes).
- ubifs: dbg_check_idx_size: Fix kmemleak if loading znode failed (git-fixes).
- ubifs: fix sort function prototype (git-fixes).
- ubifs: Queue up space reservation tasks if retrying many times (git-fixes).
- ubifs: Remove unreachable code in dbg_check_ltab_lnum (git-fixes).
- ubifs: Set page uptodate in the correct place (git-fixes).
- Update config files. Disable N_GSM (jsc#PED-8240).
- Update patches.suse/nvme-ensure-disabling-pairs-with-unquiesce.patch (jsc#PED-6252 jsc#PED-5728 jsc#PED-5062 jsc#PED-3535 bsc#1224534).
- usb: aqc111: stop lying about skb->truesize (git-fixes).
- usb: audio-v2: Correct comments for struct uac_clock_selector_descriptor (git-fixes).
- usb: cdc-wdm: close race between read and workqueue (git-fixes).
- USB: core: Add hub_get() and hub_put() routines (stable-fixes).
- USB: core: Fix access violation during port device removal (git-fixes).
- USB: core: Fix deadlock in port 'disable' sysfs attribute (stable-fixes).
- USB: core: Fix deadlock in usb_deauthorize_interface() (git-fixes).
- usb: Disable USB3 LPM at shutdown (stable-fixes).
- usb: dwc2: gadget: Fix exiting from clock gating (git-fixes).
- usb: dwc2: gadget: LPM flow fix (git-fixes).
- usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
- usb: dwc2: host: Fix hibernation flow (git-fixes).
- usb: dwc2: host: Fix ISOC flow in DDMA mode (git-fixes).
- usb: dwc2: host: Fix remote wakeup from hibernation (git-fixes).
- usb: dwc3-am62: Disable wakeup at remove (git-fixes).
- usb: dwc3-am62: fix module unload/reload behavior (git-fixes).
- usb: dwc3-am62: Rename private data (git-fixes).
- usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
- usb: dwc3: pci: Drop duplicate ID (git-fixes).
- usb: dwc3: Properly set system wakeup (git-fixes).
- usb: dwc3: Wait unconditionally after issuing EndXfer command (git-fixes).
- usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed device (bsc#1220569).
- usb: fotg210: Add missing kernel doc description (git-fixes).
- usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
- usb: gadget: f_fs: Fix a race condition when processing setup packets (git-fixes).
- usb: gadget: f_fs: Fix race between aio_cancel() and AIO request complete (git-fixes).
- usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport error (stable-fixes).
- usb: gadget: net2272: Use irqflags in the call to net2272_probe_fin (git-fixes).
- usb: gadget: u_audio: Clear uac pointer when freed (git-fixes).
- usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind (git-fixes).
- usb: gadget: uvc: mark incomplete frames with UVC_STREAM_ERR (stable-fixes).
- usb: gadget: uvc: use correct buffer size when parsing configfs lists (git-fixes).
- usb: ohci: Prevent missed ohci interrupts (git-fixes).
- usb: phy: generic: Get the vbus supply (git-fixes).
- USB: serial: add device ID for VeriFone adapter (stable-fixes).
- USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
- USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-fixes).
- USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-fixes).
- USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
- USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
- USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
- USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-fixes).
- USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
- USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
- USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
- usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined (stable-fixes).
- usb: typec: Return size of buffer if pd_set operation succeeds (git-fixes).
- usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
- usb: typec: tcpm: Check for port partner validity before consuming it (git-fixes).
- usb: typec: tcpm: clear pd_event queue in PORT_RESET (git-fixes).
- usb: typec: tcpm: Correct port source pdo array in pd_set callback (git-fixes).
- usb: typec: tcpm: Correct the PDO counting in pd_set (git-fixes).
- usb: typec: tcpm: fix double-free issue in tcpm_port_unregister_pd() (git-fixes).
- usb: typec: tcpm: unregister existing source caps before re-registration (git-fixes).
- usb: typec: tipd: fix event checking for tps6598x (git-fixes).
- usb: typec: ucsi: Ack unsupported commands (stable-fixes).
- usb: typec: ucsi_acpi: Refactor and fix DELL quirk (git-fixes).
- usb: typec: ucsi: always register a link to USB PD device (git-fixes).
- usb: typec: ucsi: Check for notifications after init (git-fixes).
- usb: typec: ucsi: Clean up UCSI_CABLE_PROP macros (git-fixes).
- usb: typec: ucsi: Clear EVENT_PENDING under PPM lock (git-fixes).
- usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
- usb: typec: ucsi: displayport: Fix potential deadlock (git-fixes).
- usb: typec: ucsi: Fix connector check on init (git-fixes).
- usb: typec: ucsi: Fix race between typec_switch and role_switch (git-fixes).
- usb: typec: ucsi: Limit read size on v1.2 (stable-fixes).
- usb: typec: ucsi: simplify partner's PD caps registration (git-fixes).
- USB: UAS: return ENODEV when submit urbs fail with device not attached (stable-fixes).
- usb: udc: remove warning when queue disabled ep (stable-fixes).
- usb: xhci: Add error handling in xhci_map_urb_for_dma (git-fixes).
- usb: xhci: correct return value in case of STS_HCE (git-fixes).
- usb: xhci: Implement xhci_handshake_check_state() helper.
- usb: xhci-plat: Do not include xhci.h (stable-fixes).
- vboxsf: Avoid an spurious warning if load_nls_xxx() fails (git-fixes).
- vboxsf: explicitly deny setlease attempts (stable-fixes).
- vdpa/mlx5: Allow CVQ size changes (git-fixes).
- vdpa_sim: reset must not run (git-fixes).
- veth: try harder when allocating queue memory (git-fixes).
- vhost: Add smp_rmb() in vhost_enable_notify() (git-fixes).
- vhost: Add smp_rmb() in vhost_vq_avail_empty() (git-fixes).
- virtio-blk: Ensure no requests in virtqueues before deleting vqs (git-fixes).
- virtio_net: Do not send RSS key if it is not supported (git-fixes).
- virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223944).
- VMCI: Fix an error handling path in vmci_guest_probe_device() (git-fixes).
- VMCI: Fix possible memcpy() run-time warning in vmci_datagram_invoke_guest_handler() (stable-fixes).
- vmci: prevent speculation leaks by sanitizing event in event_deliver() (git-fixes).
- vsock/virtio: fix packet delivery to tap device (git-fixes).
- watchdog: bd9576: Drop 'always-running' property (git-fixes).
- watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger (git-fixes).
- watchdog: rti_wdt: Set min_hw_heartbeat_ms to accommodate a safety margin (git-fixes).
- watchdog: sa1100: Fix PTR_ERR_OR_ZERO() vs NULL check in sa1100dog_probe() (git-fixes).
- wifi: ar5523: enable proper endpoint verification (git-fixes).
- wifi: ath10k: Fix an error code problem in ath10k_dbg_sta_write_peer_debug_trigger() (git-fixes).
- wifi: ath10k: poll service ready message before failing (git-fixes).
- wifi: ath10k: populate board data for WCN3990 (git-fixes).
- wifi: ath11k: decrease MHI channel buffer length to 8KB (bsc#1207948).
- wifi: ath11k: do not force enable power save on non-running vdevs (git-fixes).
- wifi: ath12k: fix out-of-bound access of qmi_invoke_handler() (git-fixes).
- wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
- wifi: brcmfmac: Add DMI nvram filename quirk for ACEPC W5 Pro (stable-fixes).
- wifi: brcmfmac: add per-vendor feature detection callback (stable-fixes).
- wifi: brcmfmac: cfg80211: Use WSEC to set SAE password (stable-fixes).
- wifi: brcmfmac: Demote vendor-specific attach/detach messages to info (git-fixes).
- wifi: brcmfmac: pcie: handle randbuf allocation failure (git-fixes).
- wifi: carl9170: add a proper sanity check for endpoints (git-fixes).
- wifi: carl9170: re-fix fortified-memset warning (git-fixes).
- wifi: cfg80211: check A-MSDU format more carefully (stable-fixes).
- wifi: cfg80211: fix rdev_dump_mpp() arguments order (stable-fixes).
- wifi: ieee80211: fix ieee80211_mle_basic_sta_prof_size_ok() (git-fixes).
- wifi: iwlwifi: fw: do not always use FW dump trig (git-fixes).
- wifi: iwlwifi: fw: fix compile w/o CONFIG_ACPI (git-fixes).
- wifi: iwlwifi: mvm: allocate STA links only for active links (git-fixes).
- wifi: iwlwifi: mvm: fix active link counting during recovery (git-fixes).
- wifi: iwlwifi: mvm: fix check in iwl_mvm_sta_fw_id_mask (git-fixes).
- wifi: iwlwifi: mvm: guard against invalid STA ID on removal (stable-fixes).
- wifi: iwlwifi: mvm: include link ID when releasing frames (git-fixes).
- wifi: iwlwifi: mvm: init vif works only once (git-fixes).
- wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-fixes).
- wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
- wifi: iwlwifi: mvm: rfi: fix potential response leaks (git-fixes).
- wifi: iwlwifi: mvm: select STA mask only for active links (git-fixes).
- wifi: iwlwifi: mvm: use correct address 3 in A-MSDU (stable-fixes).
- wifi: iwlwifi: pcie: Add the PCI device id for new hardware (stable-fixes).
- wifi: iwlwifi: pcie: fix RB status reading (stable-fixes).
- wifi: iwlwifi: read txq->read_ptr under lock (stable-fixes).
- wifi: iwlwifi: reconfigure TLC during HW restart (git-fixes).
- wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-fixes).
- wifi: mac80211: clean up assignments to pointer cache (stable-fixes).
- wifi: mac80211: fix ieee80211_bss_*_flags kernel-doc (stable-fixes).
- wifi: mac80211: fix prep_connection error path (stable-fixes).
- wifi: mac80211: fix unaligned le16 access (git-fixes).
- wifi: mac80211_hwsim: init peer measurement result (git-fixes).
- wifi: mac80211: only call drv_sta_rc_update for uploaded stations (stable-fixes).
- wifi: mac80211: remove link before AP (git-fixes).
- wifi: mt76: mt7603: add wpdma tx eof flag for PSE client reset (git-fixes).
- wifi: mt76: mt7603: fix tx queue of loopback packets (git-fixes).
- wifi: mt76: mt7915: workaround too long expansion sparse warnings (git-fixes).
- wifi: mt76: mt7996: add locking for accessing mapped registers (stable-fixes).
- wifi: mt76: mt7996: disable AMSDU for non-data frames (stable-fixes).
- wifi: mwl8k: initialize cmd->addr[] properly (git-fixes).
- wifi: nl80211: do not free NULL coalescing rule (git-fixes).
- wifi: rtw88: 8821cu: Fix connection failure (stable-fixes).
- wifi: rtw88: Add missing VID/PIDs for 8811CU and 8821CU (stable-fixes).
- wifi: rtw89: fix null pointer access when abort scan (stable-fixes).
- wifi: rtw89: pci: correct TX resource checking for PCI DMA channel of firmware command (git-fixes).
- wifi: rtw89: pci: enlarge RX DMA buffer to consider size of RX descriptor (stable-fixes).
- wireguard: netlink: access device through ctx instead of peer (git-fixes).
- wireguard: netlink: check for dangling peer via is_dead instead of empty list (git-fixes).
- wireguard: receive: annotate data-race around receiving_counter.counter (git-fixes).
- Workaround broken chacha crypto fallback (bsc#1218205).
- x86/bugs: Fix BHI retpoline check (git-fixes).
- x86/bugs: Fix the SRSO mitigation on Zen3/4 (git-fixes).
- x86/bugs: Remove default case for fully switched enums (git-fixes).
- x86/calldepth: Rename __x86_return_skl() to call_depth_return_thunk() (git-fixes).
- x86/coco: Require seeding RNG with RDRAND on CoCo systems (git-fixes).
- x86/cpu: Add model number for Intel Arrow Lake mobile processor (git-fixes).
- x86/CPU/AMD: Add models 0x10-0x1f to the Zen5 range (git-fixes).
- x86/CPU/AMD: Update the Zenbleed microcode revisions (git-fixes).
- x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-fixes).
- x86/efistub: Add missing boot_params for mixed mode compat entry (git-fixes).
- x86/efistub: Call mixed mode boot services on the firmware's stack (git-fixes).
- x86/fpu: Keep xfd_state in sync with MSR_IA32_XFD (git-fixes).
- x86/hyperv: Allow 15-bit APIC IDs for VTL platforms (git-fixes).
- x86/hyperv: Use per cpu initial stack for vtl context (git-fixes).
- x86/Kconfig: Remove CONFIG_AMD_MEM_ENCRYPT_ACTIVE_BY_DEFAULT (git-fixes).
- x86/kconfig: Select ARCH_WANT_FRAME_POINTERS again when UNWINDER_FRAME_POINTER=y (git-fixes).
- x86/kvm/Kconfig: Have KVM_AMD_SEV select ARCH_HAS_CC_PLATFORM (git-fixes).
- x86/mce: Make sure to grab mce_sysfs_mutex in set_bank() (git-fixes).
- x86/nmi: Fix the inverse 'in NMI handler' check (git-fixes).
- x86/nospec: Refactor UNTRAIN_RET[_*] (git-fixes).
- x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes).
- x86/purgatory: Switch to the position-independent small code model (git-fixes).
- x86/rethunk: Use SYM_CODE_START[_LOCAL]_NOALIGN macros (git-fixes).
- x86/retpoline: Add NOENDBR annotation to the SRSO dummy return thunk (git-fixes).
- x86/retpoline: Do the necessary fixup to the Zen3/4 srso return thunk for !SRSO (git-fixes).
- x86/srso: Disentangle rethunk-dependent options (git-fixes).
- x86/srso: Fix unret validation dependencies (git-fixes).
- x86/srso: Improve i-cache locality for alias mitigation (git-fixes).
- x86/srso: Print actual mitigation if requested mitigation isn't possible (git-fixes).
- x86/srso: Remove 'pred_cmd' label (git-fixes).
- x86/srso: Unexport untraining functions (git-fixes).
- x86/xen: Add some null pointer checking to smp.c (git-fixes).
- x86/xen: attempt to inflate the memory balloon on PVH (git-fixes).
- xdp, bonding: Fix feature flags when there are no slave devs anymore (git-fixes).
- xen/events: drop xen_allocate_irqs_dynamic() (git-fixes).
- xen/events: fix error code in xen_bind_pirq_msi_to_irq() (git-fixes).
- xen/events: increment refcnt only if event channel is refcounted (git-fixes).
- xen/events: modify internal [un]bind interfaces (git-fixes).
- xen/events: reduce externally visible helper functions (git-fixes).
- xen/events: remove some simple helpers from events_base.c (git-fixes).
- xen: evtchn: Allow shared registration of IRQ handers (git-fixes).
- xen/evtchn: avoid WARN() when unbinding an event channel (git-fixes).
- xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
- xfs: add lock protection when remove perag from radix tree (git-fixes).
- xfs: allow extent free intents to be retried (git-fixes).
- xfs: fix perag leak when growfs fails (git-fixes).
- xfs: force all buffers to be written during btree bulk load (git-fixes).
- xfs: make xchk_iget safer in the presence of corrupt inode btrees (git-fixes).
- xfs: pass the xfs_defer_pending object to iop_recover (git-fixes).
- xfs: recompute growfsrtfree transaction reservation while growing rt volume (git-fixes).
- xfs: transfer recovered intent item ownership in ->iop_recover (git-fixes).
- xfs: use xfs_defer_pending objects to recover intent items (git-fixes).
- xhci: add helper that checks for unhandled events on a event ring (git-fixes).
- xhci: remove unnecessary event_ring_deq parameter from xhci_handle_event() (git-fixes).
- xhci: Simplify event ring dequeue pointer update for port change events (git-fixes).
- xhci: simplify event ring dequeue tracking for transfer events (git-fixes).
Patchnames
SUSE-2024-2203,SUSE-SLE-Module-Basesystem-15-SP6-2024-2203,SUSE-SLE-Module-Development-Tools-15-SP6-2024-2203,SUSE-SLE-Module-Legacy-15-SP6-2024-2203,SUSE-SLE-Module-Live-Patching-15-SP6-2024-2203,SUSE-SLE-Product-HA-15-SP6-2024-2203,SUSE-SLE-Product-WE-15-SP6-2024-2203,openSUSE-SLE-15.6-2024-2203
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).